| Archive for Downsizer For an ethical approach to consumption |
| Shane |
Bar Steward TrojanAm I right in thinking that, in general, key-logger trojans only call home very occasionally for the minimum time possible to minimise the chance of detection?Cos I noticed that this month's phone bill was a fair bit higher than normal, and when I looked at the details I noticed loads of long calls to premium rate numbers. I've also recently finally managed to get my renewed TrendMicro working properly (yes, yes, I know - hardware router / AVG...) and it picked up a trojan. I'm guessing it's one of these nasty little programs that calls a premium rate number whenever you're on line and makes the owner of the number a load of money, rather than a key logger. I guess what I'm asking is: do I need to change all of my online passwords and all of my cards, or do ya reckon that now it's been deleted that's it, finished? |
||
| Fee |
Re: Bar Steward Trojan
Can you remember/did you make a note of which trojan it was? |
||
| RichardW |
Are you on dial up or broadband?
Richard |
||
| Dee J |
Guess you must be talking dial-up here... couldn't you use some sort of call blocking device (hardware) on the modem phone line so that only your ISP number could be dialled. Just googled and found this: http://safield.co.uk/internet-phone-guardblock-outgoing-landline-calls-p-614.html
Only six squid and seems to claim just such a capability. Any good anyone? Dee |
||
| Shane |
Broadband.
Don't know what it was - I just remember the scan telling me it had found a trojan and got rid of it. I tried to find out more info, but it wasn't too obvious how to. Thinking about it, I should have persevered 
I checked the number that my PC dials to connect, and that's still correct - I know some of these programs change that number to a premium rate one. I'm guessing that this one somehow dials a phone number from you broadband connection and just sits with the line open all the while you're connected, billing your home number all the while. Is such a thing possible? I'm gonna call the phone company in a sec and see if they can block the number that this thing's been calling - and trace it, if they can be bothered. |
||
| Dee J |
Thats a new one to me........
Never heard of a broadband linked pc being able to dial out on the analog phone line - unless you've got a dial-up modem and a seperate phone line connected as well as the broadband link. Unless someone can convince me otherwise I'd say that the PC/Trojan isn't the culprit for the dodgy phone calls. Yes, be wary of the Trojan for internet security ... but phonestuff? Dee |
||
| MarkS |
Agree. If you are on adsl or cable with a router then a trojan couldnt ring premium line numbers.
If you have a modem attached then its a different story. Any clues from the times of the calls? Have you tried googling the number called to see what its for (or even ring it) then bring in the inquisition to members of the household or visitors. |
||
| RichardW |
Which is why I asked. I dint think that phone redialers were the in thing now days.
Richard |
||
| Treacodactyl |
Have you tried googling the strange phone number from your bill to see if anyone else has found it? | ||
| mihto |
There were news about the problem on Norwegian radio a few days ago. A school had a 10-fold increase in phone bills. They could trace the use to London and the school phone had been dialing to numbers in Asia and Africa. They think that hackers had taken charge of the phone connection and sold "free" phone calls for a low price. The bill amounted to thousands of pounds for the last month. |
||
| Shane |
That's an interesting one...I've googled the numbers that have been dialled, and they are all various onetel numbers for dialling different parts of the globe. I'm gonna keep an eye on the calls that appear on my account for the next couple of days and log when we use our phone at home to see if there's an obvious connection and, if not, get something sorted out. It's "only" costing a few quid a week at the moment, so I can (hopefully) afford a couple of days of monitoring. | ||
| RichardW |
Block international calls? | ||
| JB |
I suppose it could be possible for some malware to attempt to dial out on a VOIP phone via broadband. For example could the phone on a BT home hub be hijacked to silently call out under software control? Does your bill show which phone number made the calls? If you have broadband you may well already have a second digital phone line and number which could be the one incurring the cost. If it is the analogue line then disconnect any modems you may have and continue to monitor. If your phone provider is up to speed you should be able to see what calls hav been made recently without having to wait for a bill to come in. Can you identify what time the calls were made? If they're expensive enough that might show up on an itemised bill? |
||
| mark |
apparently their is a newly discovered virus that exploits the bio-electronic interface. The virus is usually downloaded by the unaware surfer who stumbees on a pornographic image.
The designers of this virus have subtly encoded this image so that the interface between the monitor and the human mind generates electrical impulses in the brain creating a compulsion to to phone a premium rate sex line. are you sure you haven't been infected 
|
||
| JB |
That presumably would be the same virus which drinks all your beer and reprograms your sky favourites to all the higher numbered channels? 
Actually that's a thought - could it be a sky box or similar thing running up the cost? |
||
| Shane |
No need to worry there - wouldn't have been one of them there "viruses" 
Whatever or whoever it is isn't calling international numbers. When you use onetel you dial an 084 number applicable to whichever country it is that you're dialling and then you enter the onetel system to dial the number of whoever you're trying to reach. The numbers that are appearing on the bill for my landline number are the 084 numbers. My plan for the next couple of days is to a) disconnect the broadband as soon as I've finished surfing or downloading e-mails, b) get everyone to write down what numbers they dial and when and c) keep track of the calls registered to my number (you can do it online with onetel) to see if there's a pattern that emerges. I'm going to have a quick surf on this idea of phone numbers being sold, too, cos if someone in their call centre flogged off my onetel account details, I guess it could be one likely explanation... |
||
| JB |
Ummm 
If you are on broadband there should be no dial up or dial number. You have a direct connection to the exchange (which is where the real dialling, connecting, authentication etc. etakes place) and identify your self to that either by the phycial phone line from which you are connected or by a user name / password sent via that connection. But by the nature of it being an always on connection there should be no dial number Or have I misunderstood something here? |
||
| JB |
From BT's technical forums
|
||
| Shane |
Very similar to my situation, except I've got a BT landline, all my calls go through TalkTalk (who own onetel) and I use Tiscali for my ISP.
To answer the other question, when I boot up, I don't connect to broadband until I double click on "Internet ADSL" on my desktop and then the "Connect" button. It then dials through to the ISP on the phone number in "Properties" to establish the always-on broadband connection. At least, that's how it works in my simple mind! |
||
| vegplot |
That sounds odd. broadband is always on as long on your router is active. I'm not sure where the phone comes into play in a broadband connection (aside from sharing the same physical line).
If you have a number to dial then it maybe that which has been hijacked. |
||
| JB |
I assume he is not using a router but one of those single pc connection "broadband modem" things. As I only use routers I can't help beyond that but even with one of those I wouldn't have expected there to be a real "dial" phase | ||
| Shane |
Yeah - I'm using the ADSL modem that Tiscali sent me when I signed up for a broadband connection. It plugs into a filter, which plugs into a phone socket. I always assumed that routers did the same thing, too... 
|
||
| Dee J |
It's not the way the box connects to the phone line that differs... its the way that the box connects to the PC (I think). Most adsl/server type boxes (BT home hub etc.) connect via a network cable or via wireless network and use an 'always-on' setup. Older ADSL modems connect via usb port, and at least on older versions of windows, used a version of the dialup window to control connection - so it looked like a number was being dialled (and from my experience, continually crashed and needed reconnecting) All this may be wrong.... Dee |
||
| Shane |
No - that's what I've got. USB connection to ADSL modem to filter to phone socket.
Doesn't crash as much as it used to
|
||
| James |
a speedtouch?
you need to type in a phone number on the USB modems, just like an old fashioned modem. (but then again...with these, dont you disconnect as soon as your done?) |