Gotta love the part that says trust me I keep my word.

 

negotiate a counter offer with them - 2.2 mexican pesos , then tell them you are a US Federal Marshall and you would be glad to keep the conversation going.

Besides how many embarrassing videos would you have of yourself Dave ?

I often give people like that a suggestion that if they were to concentrate their talents on a real job they might actually be successful in life. They usually stop replying after that.

On the flip side most computer savvy people will probably advise you not reply at all. It becomes too tempting for me not to give them a dig when I can, so I don't follow that advice very well , but most people will advise not to reply.

 

I'll tell you what, Dave. Send me 1 bitcoin worth of US currency (or Canadian or Euros) and I'll make all of this go away for you.

 

Found some material about Cobalt Strike Beacon. Interesting. Here are a few other essential things you should do to establish a strong defense against Cobalt Strike and other malware:

• Be careful about downloading attachments and clicking links.
• Use antivirus software.
• Keep the software on your computer up–to–date.
• Double-check the sender of your emails before opening them.
• Limit your own file-sharing.
• Don’t trust all pop-ups that appear on your screen.

Be careful about downloading attachments and clicking links.

Malware can be accidentally downloaded when attachments are opened, and links are clicked. This could lead to personal information being stolen, or the computer becoming infected with a virus.

Some attachments may appear to be safe but are actually malicious. For example, an email with a .exe file as an attachment is likely to contain malware. Other types of attachments that can contain malware include .zip files and Excel spreadsheets with macros enabled.

When the attachment is opened, the malware immediately runs in the system background a series of PowerShell commands. It then connects to a remote server, performs a number of actions, and subsequently downloads and installs Cobalt Strike on the system.

Links in emails may also lead to the unintentional downloading of malware. It is important to be aware of the potential dangers of clicking links, especially if they are from sources that are not familiar or trusted.

One way to reduce the risk of clicking a link is to hover the cursor over it before clicking to see where it will take you. If the link appears to be taking you to a website that is unfamiliar or looks suspicious, do not click it.

Use antivirus software.

It is crucial to have an up–to–date antivirus software installed on your computer, to keep your operating system updated, and to run regular scans. This will help to detect any malware that may have been downloaded and protect your computer from future supply chain attacks—spotting unusual activity and disallowing communications to unrecognized IP addresses or domains.

Antivirus software can protect your computer from malware by scanning your files for signs of infection and removing advanced threats that it finds. It is important for the following reasons:

• It can block websites and emails that are known to contain malware.
• It can protect your computer from being infected by USB drives and from the malware that you may have unintentionally downloaded.
• It can perform de-obfuscation, decrypt and decode files containing malware.
• It can protect your computer from ransomware attacks by blocking the encryption process and removing the ransomware from your system. Ransomware is a type of malware that can encrypt your files and hold them for ransom until you pay a fee.

Keep the software on your computer up–to–date.

Software updates often include patches for newly discovered security vulnerabilities. Updating your computer’s software regularly closes vulnerabilities, protecting your business from Cobalt Strike attacks and other malware.

Be sure to update your operating system, web browsers, and other software regularly. You can usually set your computer to automatically install updates, but you should also check for updates manually on a regular basis.

Some software, such as Adobe Reader and Microsoft Office, can be set to check for updates automatically and install them when available.

If you’re not sure how to update your software, consult the software’s documentation or consult your IT professional.

It’s also worth investing in security and threat intelligence by consulting penetration testers or security researchers to have a look into your system.

Double-check the sender of your emails before opening them.

Sometimes hackers can send emails that look harmless but actually contain malware. This malware can be detrimental to confidential data when downloaded.

Be sure to check the sender of an email before opening it. If in doubt, do not open. Instead, report it to the IT department or your security provider. By taking these precautions, you can help protect yourself from cyberattacks.

VIPRE’s new full-featured add-on for Endpoint Cloud, VIPRE Email Link Isolation, is a great way to beat this type of attack and protect against Zero-day threats. Email Link Isolation is a feature that scans all email links for potential threats, both known and unknown. It’s a great way to protect your business from malicious attacks.

Limit your own file-sharing.

File-sharing can be risky because it enables malware to spread.

For example, a user might inadvertently download an Excel spreadsheet with macros that contain a virus or other type of malware. In some instances, the attachment can download and install Qakbot that profiles the infected host, eventually sending the profiling data to its malleable C2 servers and prompting the Cobalt Strike Beacon.

Threat actors also leverage file-sharing to distribute malicious code and steal information. It is thus important to be aware of the risks associated with file-sharing and to take steps to protect yourself.

Limit the files that you share and be extra cautious about the attachments that you download. You should also make sure that your antivirus software is up–to–date and that you are using a firewall.

It is crucial to be aware of the signs that your computer may have been infected with malware. If you notice any of these signs, you should immediately take steps to address the problem such as informing your IT department.

Don’t trust all pop-ups that appear on your screen.

Be careful when browsing the Internet and do not click on links or pop-ups that you don’t know.

When you click on a pop-up, you might not be aware that the window is a malicious site designed to install malware on your computer.

Cybercriminals can use pop-ups to display fake error messages or alerts to trick people into downloading attachments that contain malware. For example, they might create a pop-up that looks like it’s from your bank, warning you that your account has been compromised and asking you to download an attachment to fix the problem.

To protect yourself from these malicious pop-ups, be very careful about which attachments you download and the windows you open. Only click on links that are from sources you trust, and be sure to scan them for malware before opening them.

End quote.

Here is a link (go ahead, click on it!) that goes into how to enter the safe mode and remove Cobalt manually.

https://www.pcrisk.com/removal-guide...strike-malware


Mac users (me) follow a different path. I use a VPN to encrypt and I also use a software inspection program to watch for malware. You can also scan for certain extensions, attachments and programs that are suspicious and delete them. I also use my VPN provider (Nord VPN) for a password protection service so I can hide all passwords from anyone trying to log on with my very device or monitoring remotely from malware. It also solves the problem of remember ing a thousand passwords. It can (if you want) generate very secure passwords and store them for you. You have one key to remember and the VPN does the rest. That key can be a visual lock as well.

I stuck a plastic window block for my iPad and iMac camera that easily slides open if I Zoom. I also blocked my TV and microphones to prevent unwanted monitoring of conversations as the TV is connected to the internet for streaming.
All pop ups are blocked and I manually allow a specific pop up on certain sites when I need them. (A couple of financial/insurance/bank sites that I go to and log on)

I do not do any banking on my iPad or Samsung Galaxy because I travel a lot with them and are therefore subject to theft. In the event they are stolen and somehow opened, there is nothing there for a thief to take advantage of.
I do not have debit cards either. Credit only. I also have split checking/savings accounts for my ATM cards (use it a lot overseas) so in the event one is compromised, it is from an account with limited funds and everything cannot be drained.

 

Maybe you can negotiate a good rate for the list of "adult" sites you access Dave. You might be able to set up a subscription service and make money fro it.

 

Use a secure VPN, keep your anti-virus software updated (especially if you use windoze), don't click on links in emails. I spent a lot of time in OCONUS countries and never had a problem.

 

while not meaning to slight dave, i suspect he would be delighted to be performing the acts he is accused of.

 

 

Cos, I follow most of the advice listed:

· Double check who every email is from

· Keep operating software up-to-date

· Never open or download attachments from unknowns

· Limit file sharing to my wife

· Block web camera when not in use

· Don’t do banking online

· Don’t use debit cards

· Don’t use ATM cards

· Encrypted financial files on my computer

· Malware program used for years

· Never visit sketchy websites (except here )

The email I posted above went to my spam. I thought it was a step above the usual chance of a lifetime business opportunities, so I thought I would share it.

I have been using a Mac for over 10 years without what is commonly known as antivirus software. Apple historically has done a great job of protecting Mac’s but I also know virus’ are showing up more on Mac’s.

For grins after reading your post I opened Malwarebytes Anti-Malware which I have used for more than a decade. For the first time ever, it wouldn’t open. That’s strange. I tried several times, same, so I just sent it to the trash.

I have no reason to suspect I have a virus and only checked the malware program because of this discussion.

Time to decide. One of the sites still ranks it as one of the best free one. Intego is the current pick at Macworld for $25/yr. I went to the Intego site and they want to up-sell me their $85 program for $30 as a Black Friday special. Since that’s a one time special, I don’t care to get sucked into an annual higher renewal but that’s the only option they list for now. Frustrating.