Overclockers Australia Forums
OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Specific Hardware Topics > Networking, Telephony & Internet

Notices


Sign up for a free OCAU account and this ad will go away!
Search our forums with Google:
Reply
 
Thread Tools
Old 16th July 2010, 7:55 AM   #1
KANNIS Thread Starter
Member
 
KANNIS's Avatar
 
Join Date: Dec 2003
Location: Sydney
Posts: 8,448
Default TPG Abuse warning email from ACMA's AISI??..

I got this email just then..I have no idea what its about or why I got it.. Can someone shed some light on this for me?

Quote:
On Thu, Jul 15, 2010 at 7:10 AM, Internet Abuse Team <abuse@tpg.com.au> wrote:

Dear Customer (******@tpg.com.au),

We have received reports from the ACMA's Australian Internet Security
Initiative (AISI)
that a machine accessing the Internet using your TPG
Service is causing unwanted traffic to be transmitted, such as spam
and viruses.

A summary of the last few complaints have been provided below:

[2010-07-13 06:40:47] [***.**.**.***] Trojan: Generic
[2010-07-11 14:53:14] [***.**.**.***] Trojan: Generic
[2010-07-10 14:36:52] [***.**.**.***] Trojan: Generic


It may be that your equipment has been compromised by a hacker or some
other malicious software has been installed onto your system. Please
obtain an up to date antivirus software and ensure that all your
machines are cleaned as a matter of urgency. If you fail to do so and
the malicious traffic persists, TPG may take steps to limit it by
suspending your service.

For more information about how to protect your computer, please visit
the following websites below:

http://www.acma.gov.au/WEB/STANDARD/pc=PC_310085
http://www.staysmartonline.gov.au/secure-computer

If you have any questions about this email or our Terms and Conditions,
please contact Customer Service on customer_service@tpg.com.au or
13 14 23.

Thank you.


Kind Regards,

Internet Abuse Team
TPG Internet

E-mail: abuse@tpg.com.au
Phone: 13 14 23
Fax: 02 9850 0813
Who the F is ACMA's Australian Internet Security Initiative (AISI)
Has the filtering and intrusion to our privacy already started? How the hell does this AISI know we are infected? They must be monitoring us already.

I got an infection last week but I dont understand the threats to cancel my account. I understand the letter is to help me out but I dont like it that a government body knows this information about my PC..
__________________
|-O-| (-O-) |-O-|
"STAY IN ATTACK FORMATION"


OCAU Fishing Club Member #1

Last edited by KANNIS; 16th July 2010 at 7:57 AM.
KANNIS is offline   Reply With Quote

Join OCAU to remove this ad!
Old 16th July 2010, 8:02 AM   #2
Copie
Member
 
Copie's Avatar
 
Join Date: Jul 2009
Location: Newcastle
Posts: 7,890
Default

Sounds like either a hoax, or its TPG filtering your net.

The actual filter isnt going atm, or i wouldn't be able to access 4chan.
Copie is offline   Reply With Quote
Old 16th July 2010, 8:04 AM   #3
Ashpool
Member
 
Ashpool's Avatar
 
Join Date: Feb 2003
Location: Ye Olde Melbourne Town
Posts: 3,285
Default

Its not that they are monitoring your PC. But a provider somewhere has a traffic log of suspicious traffic coming from your PC.

As an analogy if you get if you go around ringing people a lot with a recorded message selling stuff, expect your telecoms company to come knocking.

Essentially your computer was infected and started sending malicious traffic out. This was detected and reported and info sent back to your ISP who then passed it onto you.

http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_310317
Ashpool is offline   Reply With Quote
Old 16th July 2010, 8:05 AM   #4
mr_wrxman
Member
 
mr_wrxman's Avatar
 
Join Date: May 2005
Location: Sydney 2176
Posts: 2,226
Default

Yep, you're the one who's propogating it, basically one of your computers is broadcasting malicious crap and someone somwhere has picked up on it and is letting you know.
__________________
Core i7 930 | Asus P6T | 3x2GB Patroit G Series DDR3 1600 | 2GB ATi 6970 | 3x320GB RAID0 | Antec TP 750W | Antec P160W
Over 180 Sales/Trades/Buys totalling over $22,000
ntrancedphotography.com.au
mr_wrxman is offline   Reply With Quote
Old 16th July 2010, 8:06 AM   #5
Dutch Wink
Member
 
Dutch Wink's Avatar
 
Join Date: Aug 2001
Location: Perth
Posts: 2,050
Default

http://www.acma.gov.au/WEB/STANDARD/pc=PC_310317


Basically they have somehow noticed that your machine/IP is connecting to other IP's (one of which was theirs) trying to do something malicious to it.

Do as it says, get antivirus, get updated, and get your machine fixed. Don't ignore it. Get external help (or ask here) if you don't feel comfortable doing so yourself.

First a simple trojan, next, your bank account details...
__________________
OCAU OFFICIAL CHAIR RAVER'S SOCIETY MEMBER #1
-
Auroythmix**: GIRLS = MATH EQUATIONS, SO IF I SOLVE FOR X I GET THE SEX!
-
TheTron: If I sit and enjoy these pancakes. He'll buy me the new Justin Beaver album
Dutch Wink is offline   Reply With Quote
Old 16th July 2010, 8:33 AM   #6
leighr
Member
 
leighr's Avatar
 
Join Date: Feb 2002
Location: Mitcham, Melbourne
Posts: 426
Default

Quote:
Originally Posted by KANNIS View Post
Who the F is ACMA's Australian Internet Security Initiative (AISI)
http://lmgtfy.com/?q=Australian+Inte...Initiative&l=1

As far as how do they know about it - your machine is/was spamming the world. You can't really complain your privacy is being breached when you're the one broadcasting.
__________________
Shameless plug....
Need toys/lego? Check out http://www.peedeetoys.com.au

Last edited by leighr; 16th July 2010 at 9:21 AM.
leighr is offline   Reply With Quote
Old 16th July 2010, 8:53 AM   #7
crag_v
Member
 
crag_v's Avatar
 
Join Date: Feb 2002
Location: 3095
Posts: 1,762
Default

I experienced something like this after connecting a friend's computer to my network overnight a few years back. I was going to do a bit of work for them and inadverdantly left it running all night. Turns out it had some malware or a virus of some kind running on it as I had a similar email from iiNet in my inbox the next morning.

I checked my router's logs and what do you know, that little computer had been spam-botting while I slept! A good reminder to not connect unfamiliar computers to your network until you've checked them.

Might be something similar in your situation... or your own PC, if you don't run an antivirus program, as others have said!
__________________
Need data recovery? 5+ yr OCAU sponsor Data Retriever can help! (Also, I want your old drive!)
Main rig: i7-3770, P8Z77-V, 8GB DDR3 2133, ATi7970, 2TB SSHD, 2TB WD FYYS, 2x 2TB HGST US, Win7x64
crag_v is online now   Reply With Quote
Old 16th July 2010, 9:03 AM   #8
Airquarious
Member
 
Airquarious's Avatar
 
Join Date: Aug 2001
Location: Galaxy near you!
Posts: 1,915
Default

Time to FORMAT...
__________________
I find your lack of faith disturbing...
Airquarious is offline   Reply With Quote
Old 16th July 2010, 9:18 AM   #9
FiShy
Member
 
FiShy's Avatar
 
Join Date: Aug 2001
Posts: 8,784
Default

You have a Trojan, clean you stuff.


And to all the people who say this is a filter are just idiots.
__________________
Quote:
Originally Posted by PabloEscobar View Post
With all this Man Dating around... you'd think The Liberals were pro gay-marriage...
Quote:
Originally Posted by PabloEscobar View Post
hotsexyseamen.com
FiShy is offline   Reply With Quote
Old 16th July 2010, 9:33 AM   #10
Brad2k4
Member
 
Join Date: Aug 2004
Location: Rockhampton
Posts: 152
Default

Theres scams in your portal!
__________________
PC: Q6600, 4gb, 4.5tb, ATI HD5850, X-Fi Fatal1ty Champion Series, G15, G9, VW266H
Photography Gear: EOS 40D, EF 70-200 2.8L, EF 50mm 1.8, EF-S 10-22mm, EF 24-105 F4L Gallery
Brad2k4 is offline   Reply With Quote
Old 16th July 2010, 10:10 AM   #11
KANNIS Thread Starter
Member
 
KANNIS's Avatar
 
Join Date: Dec 2003
Location: Sydney
Posts: 8,448
Default

Thanks for the good replies gents. Much appreciated, looks like it was nothing....

I think a format is in the pipeworks this weekend. The PC has been slowing down a lot and I do need a new HDD....
__________________
|-O-| (-O-) |-O-|
"STAY IN ATTACK FORMATION"


OCAU Fishing Club Member #1
KANNIS is offline   Reply With Quote
Old 16th July 2010, 10:21 AM   #12
bennyg
Member
 
Join Date: Dec 2005
Location: Melbourne, Oztraya
Posts: 1,774
Default

A virus isn't "nothing"...

It *could* be and probably is, but then every single file on your computer could be uploaded on some Russian site by now, or someone *could* have already run up a grand on your credit card. That's why you don't dick around.

TPG wouldn't ban you immediately, I would think they'd just put a block on your connection until you've sorted it out.

This kind of thing happens, our website was shut down for about a day because our hoster had a spambot on one of its servers, but that wasn't ACMA, it was some US-based "spam police" that had cut off our hoster from the rest of the internet.
__________________
Clevo Horize P150HM i7-2760M | 16Gb | GTX580M 2Gb | 1080p Matte 95% Gamut LEDLCD | Intel 320 160Gb | ODDBay: 750Gb Scorpio Black
Asus G51J-A1 ROADKILLED and now the "Terminator HTPC"...
Un-retired: Dell Vostro 1500 | Retired: Dell Latitude D620 | Successful trades: 13/13, value >$1600
Quote:
Originally Posted by JebusJones View Post
Grammar and Punctuation Nazis on web forums are really a poor man's anal beads.
bennyg is offline   Reply With Quote
Old 16th July 2010, 10:23 AM   #13
Lardman
Member
 
Lardman's Avatar
 
Join Date: Apr 2007
Location: ACT 2607
Posts: 4,232
Default

Quote:
Originally Posted by Ashpool View Post
Its not that they are monitoring your PC. But a provider somewhere has a traffic log of suspicious traffic coming from your PC.

As an analogy if you get if you go around ringing people a lot with a recorded message selling stuff, expect your telecoms company to come knocking.

Essentially your computer was infected and started sending malicious traffic out. This was detected and reported and info sent back to your ISP who then passed it onto you.

http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_310317
Correct.

Just be wary, Many ISP's have a policy of three strikes you're offline with these things, so please do what they tell you. It's classed as abusing a service with most of them, so just do the virus scan, clear it all off and let them know you've done so.
__________________
Blogrant! | Steam: reijin.au | PC: i5-4670 / 780Ti / Q-08B
Lardman is offline   Reply With Quote
Old 16th July 2010, 10:24 AM   #14
KANNIS Thread Starter
Member
 
KANNIS's Avatar
 
Join Date: Dec 2003
Location: Sydney
Posts: 8,448
Default

Quote:
Originally Posted by bennyg View Post
A virus isn't "nothing"...

It *could* be and probably is, but then every single file on your computer could be uploaded on some Russian site by now, or someone *could* have already run up a grand on your credit card. That's why you don't dick around.

TPG wouldn't ban you immediately, I would think they'd just put a block on your connection until you've sorted it out.

This kind of thing happens, our website was shut down for about a day because our hoster had a spambot on one of its servers, but that wasn't ACMA, it was some US-based "spam police" that had cut off our hoster from the rest of the internet.
Lucky I never use credit cards on this PC

I cleaned the system out and it did find some interesting stuff...I love removing this shit and watching my system get back to normal heheheh...
__________________
|-O-| (-O-) |-O-|
"STAY IN ATTACK FORMATION"


OCAU Fishing Club Member #1
KANNIS is offline   Reply With Quote
Old 16th July 2010, 11:55 AM   #15
FiShy
Member
 
FiShy's Avatar
 
Join Date: Aug 2001
Posts: 8,784
Default

Quote:
Originally Posted by IACSecurity View Post
The chances of you doing this effectively are pretty slim. Its far better to not get them in the first place. Format is your only effective way of recovering.

The AISI is an excellent initiative - this one post proves its already helping. This is one of those unfortunate government ideas that are required to help citizens because the citizens are too stupid/lack care to help themselves.
Agreed, for every virii you find another 10 are missed.


zero writing is the only way to fly!
__________________
Quote:
Originally Posted by PabloEscobar View Post
With all this Man Dating around... you'd think The Liberals were pro gay-marriage...
Quote:
Originally Posted by PabloEscobar View Post
hotsexyseamen.com
FiShy is offline   Reply With Quote
Reply

Bookmarks

Sign up for a free OCAU account and this ad will go away!

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 8:25 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd. -
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Internode!