| View previous topic :: View next topic |
| Author |
Message |
Tokki1
Joined: 14 May 2007
Location: The gap between the Korean superiority and inferiority complex
|
 Posted: Thu Feb 14, 2008 3:58 pm Post subject: Korean Banking and netizen malware? |
 |
|
I was tweaking my vista os last night and noticed some freakish processes running in my task manager. These processes, I discovered, were installed via my online banking sessions in order to help 'protect me'.
Though I killed the processes, they reproduced themselves and were generally unpleasant. They didn't want to cooperate. I wasn't using online banking and didn't want them running. Big brother.
I googled the files and they came up as some pretty bad malware; apparently online banking shields (to protect your system from hackers) which also relay information back to the banks? It was hard to determine for sure, since most search engines had Korean or Japanese results (the processes are specific to this region).
Anyway, I reenabled my indexing options, restarted my comp in safe mode and shot the 2 Korean netizens, living in my Windows system 32 folder. The processes are associated with nProtect but they cannot be set to manual startup and they will always rear their ugly heads for no reason and hog resources.
So is it worth it to do online banking from home? Not sure.
Personally, I'm just having my bills paid through the bank--automatically--and not enabling the big brother software from my home computer.
Feedback?  |
|
| Back to top |
|
 |
moosehead
Joined: 05 May 2007
|
| Posted: Fri Feb 15, 2008 12:49 am Post subject: Re: Korean Banking and netizen malware? |
|
|
| Tokki1 wrote: |
I was tweaking my vista os last night and noticed some freakish processes running in my task manager. These processes, I discovered, were installed via my online banking sessions in order to help 'protect me'.
Though I killed the processes, they reproduced themselves and were generally unpleasant. They didn't want to cooperate. I wasn't using online banking and didn't want them running. Big brother.
I googled the files and they came up as some pretty bad malware; apparently online banking shields (to protect your system from hackers) which also relay information back to the banks? It was hard to determine for sure, since most search engines had Korean or Japanese results (the processes are specific to this region).
Anyway, I reenabled my indexing options, restarted my comp in safe mode and shot the 2 Korean netizens, living in my Windows system 32 folder. The processes are associated with nProtect but they cannot be set to manual startup and they will always rear their ugly heads for no reason and hog resources.
So is it worth it to do online banking from home? Not sure.
Personally, I'm just having my bills paid through the bank--automatically--and not enabling the big brother software from my home computer.
Feedback? |
none of what you said surprises me - I started using the KEB online service a few years ago and noticed similiar occurrences.
new nb now, no, I won't go back and use it again. whatever they are looking at, or for, it's none of their damn business, period.  |
|
| Back to top |
|
|
kprrok
Joined: 06 Apr 2004
Location: KC
|
| Posted: Fri Feb 15, 2008 1:16 am Post subject: |
|
|
I signed up for Nonghyup Bank Internet Banking but when it wouldn't let me start it without installing 2 different firewalls and 2 different anti-viruses, I deleted everything, several times b/c they were robust little bastards. I then cut the code card up into about 50 pieces, went back to my bank and dumped them on the counter saying the operation was shit and didn't want anything to do with it.
My wife has her stuff installed on my computer now and it drives me crazy to see those crap ActiveX progs running, but I can't delete them which would lead to my wife murdering me. I can't wait until March when I'm giving her my old work computer and I'll let her do whatever she wants to it and my machine will be nice and clean again.
KPRROK |
|
| Back to top |
|
|
jeffkim1972
Joined: 10 Jan 2007
Location: Mokpo
|
| Posted: Fri Feb 15, 2008 2:11 am Post subject: |
|
|
I believe you can uninstall them from the "Remove Programs" in control panel.
Pretty intrusive. |
|
| Back to top |
|
|
kprrok
Joined: 06 Apr 2004
Location: KC
|
| Posted: Fri Feb 15, 2008 2:18 am Post subject: |
|
|
| jeffkim1972 wrote: |
I believe you can uninstall them from the "Remove Programs" in control panel.
Pretty intrusive. |
You'd think so, but they come back.
KPRROK |
|
| Back to top |
|
|
Tokki1
Joined: 14 May 2007
Location: The gap between the Korean superiority and inferiority complex
|
| Posted: Fri Feb 15, 2008 2:40 am Post subject: |
|
|
| jeffkim1972 wrote: |
I believe you can uninstall them from the "Remove Programs" in control panel.
Pretty intrusive. |
Lol....no....  |
|
| Back to top |
|
|
Lekker
Joined: 09 Feb 2008
Location: Seoul
|
| Posted: Fri Feb 15, 2008 2:53 am Post subject: |
|
|
Yeah. F that.
I signed on for internet banking the other day and they told me yesterday I would be able to access my account online to manage my finances here.
Thanks for the heads up.
Upon trying to sign in yesterday, I was prompted with a bunch of screens asking me to install this XShield software. My Korean coworker told me that I needed to install it to be able to sign in.
Good on you for sharing this info.
I just deleted it as well as the other programs I was informed of.
I will manage my bills manually. More of a hassle, but less intrusion.
Again, thanks.
None of their Fn business. |
|
| Back to top |
|
|
Tokki1
Joined: 14 May 2007
Location: The gap between the Korean superiority and inferiority complex
|
| Posted: Fri Feb 15, 2008 4:40 am Post subject: |
|
|
No problem.
Honestly, I'm not 100% sure about the netizen ware, but my gut tells me I'd rather not have it running around on my system taking snapshots and running back to the bank.
As far as online banking goes for me, my bills get paid automatically through the bank but I'll use my bankbook for transaction records.
The software simply scares me.
From what I could gather from the Korean and Japanese sites, this is some bad s-h-i-t. Looked pretty scary when I did research. I think there are other things it's designed to do: it is NOT simply there for your security.
Call me paranoid... |
|
| Back to top |
|
|
Netz
Joined: 11 Oct 2004
Location: a parallel universe where people and places seem to be the exact opposite of "normal"
|
| Posted: Fri Feb 15, 2008 7:27 am Post subject: |
|
|
| Tokki1 wrote: |
No problem.
Honestly, I'm not 100% sure about the netizen ware, but my gut tells me I'd rather not have it running around on my system taking snapshots and running back to the bank.
As far as online banking goes for me, my bills get paid automatically through the bank but I'll use my bankbook for transaction records.
The software simply scares me.
From what I could gather from the Korean and Japanese sites, this is some bad s-h-i-t. Looked pretty scary when I did research. I think there are other things it's designed to do: it is NOT simply there for your security.
Call me paranoid... |
You're paranoid.
Sorry, had to do it. If you have link to any of the info that you dug up, I'd be interested in reading it. I have friends who work in netowork security, and they told me, "it's not the stuff that TELLS you it's installing you have to worry about, it's the stuff that doesn't". Still, I'd like to see what they say.
South Korea apparently has NO regulations regarding internet privacy and use of ad/spyware, or if they do, no one cares.
90% of Korean websites have some malware installers, I have to use three virus scanners whenever I surf them. (Noroton, AVG, Avast)
Just go to avast.com, install thier free version, and then go to worknplay,co,kr and click on anything.
Instantly it tries to "secretly" load a malware program.
I've warned people, but most people just don't care.
Lastly, the only reason Korean banking websites have so many security protocols, is plain and simply they don't know how to manage thier security, so they just try to beat it to death with overkill.
Besides, it gives the appearance of security to it's customers. |
|
| Back to top |
|
|
Tokki1
Joined: 14 May 2007
Location: The gap between the Korean superiority and inferiority complex
|
| Posted: Fri Feb 15, 2008 12:47 pm Post subject: |
|
|
| Netz wrote: |
| Tokki1 wrote: |
No problem.
Honestly, I'm not 100% sure about the netizen ware, but my gut tells me I'd rather not have it running around on my system taking snapshots and running back to the bank.
As far as online banking goes for me, my bills get paid automatically through the bank but I'll use my bankbook for transaction records.
The software simply scares me.
From what I could gather from the Korean and Japanese sites, this is some bad s-h-i-t. Looked pretty scary when I did research. I think there are other things it's designed to do: it is NOT simply there for your security.
Call me paranoid... |
You're paranoid.
Sorry, had to do it. If you have link to any of the info that you dug up, I'd be interested in reading it. I have friends who work in netowork security, and they told me, "it's not the stuff that TELLS you it's installing you have to worry about, it's the stuff that doesn't". Still, I'd like to see what they say.
South Korea apparently has NO regulations regarding internet privacy and use of ad/spyware, or if they do, no one cares.
90% of Korean websites have some malware installers, I have to use three virus scanners whenever I surf them. (Noroton, AVG, Avast)
Just go to avast.com, install thier free version, and then go to worknplay,co,kr and click on anything.
Instantly it tries to "secretly" load a malware program.
I've warned people, but most people just don't care.
Lastly, the only reason Korean banking websites have so many security protocols, is plain and simply they don't know how to manage thier security, so they just try to beat it to death with overkill.
Besides, it gives the appearance of security to it's customers. |
So it's paranoid to have self-replicating processes running on your computer at all times which are tricky to kill and really tricky to remove?
Why do I need this crap running and doing god knows what when I'm not even using it?
The research I conducted yielded a ton of crazy Japanese and Korean sites with a lot of exclamation points and 'no no no's'.
Idk maybe your friend knows best, but I like to know what's happening on my system and why. I know what every running process is, and if I don't I lock my connection down and nuke everything.  |
|
| Back to top |
|
|
normalcyispasse
Joined: 27 Oct 2006
Location: Yeosu until the end of February WOOOOOOOO
|
| Posted: Fri Feb 15, 2008 4:38 pm Post subject: |
|
|
Gee, Korean software tries to auto-install shady things on your computer.
Well no sh*t. Have you ever, y'know, visited ANY Korean website?! |
|
| Back to top |
|
|
bassexpander
Joined: 13 Sep 2007
Location: Someplace you'd rather be.
|
| Posted: Fri Feb 15, 2008 4:49 pm Post subject: |
|
|
It's all about CONTROL. The people with money and power here are used to having slave-like control over everyone else, and it's cultural that those beneath sit back and take it up the keester.
I'm not interested in Internet banking for the same reasons, and I also avoid many Korean websites because of this. Websites in other countries are able to do secure connections without ActiveX. Why the hell can't Korea? |
|
| Back to top |
|
|
Tokki1
Joined: 14 May 2007
Location: The gap between the Korean superiority and inferiority complex
|
| Posted: Fri Feb 15, 2008 11:12 pm Post subject: |
|
|
| normalcyispasse wrote: |
Gee, Korean software tries to auto-install shady things on your computer.
Well no sh*t. Have you ever, y'know, visited ANY Korean website?! |
Nope. Never have.
What's a website? Is that an internet? And where is Korea???
Need some extra RAM? |
|
| Back to top |
|
|
jeffkim1972
Joined: 10 Jan 2007
Location: Mokpo
|
| Posted: Sun Feb 17, 2008 2:13 am Post subject: |
|
|
| Tokki1 wrote: |
| jeffkim1972 wrote: |
I believe you can uninstall them from the "Remove Programs" in control panel.
Pretty intrusive. |
Lol....no.... |
I just uninstalled from control panel and it's all gone. What are you talking about? |
|
| Back to top |
|
|
Tokki1
Joined: 14 May 2007
Location: The gap between the Korean superiority and inferiority complex
|
| Posted: Sun Feb 17, 2008 3:12 am Post subject: |
|
|
| jeffkim1972 wrote: |
| Tokki1 wrote: |
| jeffkim1972 wrote: |
I believe you can uninstall them from the "Remove Programs" in control panel.
Pretty intrusive. |
Lol....no.... |
I just uninstalled from control panel and it's all gone. What are you talking about? |
I don't know man. I have vista and don't even need to go to the c/p to uninstall programs. The netizen crapware I had was not accessible. It was only detectible through the task manager and I needed to use administrator privileges just in order to touch it. Then it went insane and started cloning itself like a really bad idea. I had to terminate the process tree then manually index the .exe in safe mode and nuke it.
Not sure we're from the same planet, talking the same language, or if you're referring to the same crap software from the same bank, or whether or not you know anything about computers.
 |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
