TPG Abuse warning email from ACMA's AISI??..

[KANNIS]

I got this email just then..I have no idea what its about or why I got it.. Can someone shed some light on this for me?

Quote:

On Thu, Jul 15, 2010 at 7:10 AM, Internet Abuse Team <abuse@tpg.com.au> wrote:

Dear Customer (******@tpg.com.au),

We have received reports from the ACMA's Australian Internet Security
Initiative (AISI) that a machine accessing the Internet using your TPG
Service is causing unwanted traffic to be transmitted, such as spam
and viruses.

A summary of the last few complaints have been provided below:

[2010-07-13 06:40:47] [***.**.**.***] Trojan: Generic
[2010-07-11 14:53:14] [***.**.**.***] Trojan: Generic
[2010-07-10 14:36:52] [***.**.**.***] Trojan: Generic


It may be that your equipment has been compromised by a hacker or some
other malicious software has been installed onto your system. Please
obtain an up to date antivirus software and ensure that all your
machines are cleaned as a matter of urgency. If you fail to do so and
the malicious traffic persists, TPG may take steps to limit it by
suspending your service.

For more information about how to protect your computer, please visit
the following websites below:

http://www.acma.gov.au/WEB/STANDARD/pc=PC_310085
http://www.staysmartonline.gov.au/secure-computer

If you have any questions about this email or our Terms and Conditions,
please contact Customer Service on customer_service@tpg.com.au or
13 14 23.

Thank you.


Kind Regards,

Internet Abuse Team
TPG Internet

E-mail: abuse@tpg.com.au
Phone: 13 14 23
Fax: 02 9850 0813

Who the F is ACMA's Australian Internet Security Initiative (AISI)
Has the filtering and intrusion to our privacy already started? How the hell does this AISI know we are infected? They must be monitoring us already.

I got an infection last week but I dont understand the threats to cancel my account. I understand the letter is to help me out but I dont like it that a government body knows this information about my PC..

[Copie]

Sounds like either a hoax, or its TPG filtering your net.

The actual filter isnt going atm, or i wouldn't be able to access 4chan.

[Ashpool]

Its not that they are monitoring your PC. But a provider somewhere has a traffic log of suspicious traffic coming from your PC.

As an analogy if you get if you go around ringing people a lot with a recorded message selling stuff, expect your telecoms company to come knocking.

Essentially your computer was infected and started sending malicious traffic out. This was detected and reported and info sent back to your ISP who then passed it onto you.

http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_310317

[mr_wrxman]

Yep, you're the one who's propogating it, basically one of your computers is broadcasting malicious crap and someone somwhere has picked up on it and is letting you know.

[Dutch Wink]

http://www.acma.gov.au/WEB/STANDARD/pc=PC_310317


Basically they have somehow noticed that your machine/IP is connecting to other IP's (one of which was theirs) trying to do something malicious to it.

Do as it says, get antivirus, get updated, and get your machine fixed. Don't ignore it. Get external help (or ask here) if you don't feel comfortable doing so yourself.

First a simple trojan, next, your bank account details...

[leighr]

Quote:

Originally Posted by KANNIS

Who the F is ACMA's Australian Internet Security Initiative (AISI)

http://lmgtfy.com/?q=Australian+Inte...Initiative&l=1

As far as how do they know about it - your machine is/was spamming the world. You can't really complain your privacy is being breached when you're the one broadcasting.

[crag_v]

I experienced something like this after connecting a friend's computer to my network overnight a few years back. I was going to do a bit of work for them and inadverdantly left it running all night. Turns out it had some malware or a virus of some kind running on it as I had a similar email from iiNet in my inbox the next morning.

I checked my router's logs and what do you know, that little computer had been spam-botting while I slept! A good reminder to not connect unfamiliar computers to your network until you've checked them.

Might be something similar in your situation... or your own PC, if you don't run an antivirus program, as others have said!

[Airquarious]

Time to FORMAT...

[FiShy]

You have a Trojan, clean you stuff.


And to all the people who say this is a filter are just idiots.

[Brad2k4]

Theres scams in your portal!

[KANNIS]

Thanks for the good replies gents. Much appreciated, looks like it was nothing....

I think a format is in the pipeworks this weekend. The PC has been slowing down a lot and I do need a new HDD....

[bennyg]

A virus isn't "nothing"...

It *could* be and probably is, but then every single file on your computer could be uploaded on some Russian site by now, or someone *could* have already run up a grand on your credit card. That's why you don't dick around.

TPG wouldn't ban you immediately, I would think they'd just put a block on your connection until you've sorted it out.

This kind of thing happens, our website was shut down for about a day because our hoster had a spambot on one of its servers, but that wasn't ACMA, it was some US-based "spam police" that had cut off our hoster from the rest of the internet.

[Lardman]

Quote:

Originally Posted by Ashpool

Its not that they are monitoring your PC. But a provider somewhere has a traffic log of suspicious traffic coming from your PC.

As an analogy if you get if you go around ringing people a lot with a recorded message selling stuff, expect your telecoms company to come knocking.

Essentially your computer was infected and started sending malicious traffic out. This was detected and reported and info sent back to your ISP who then passed it onto you.

http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_310317

Correct.

Just be wary, Many ISP's have a policy of three strikes you're offline with these things, so please do what they tell you. It's classed as abusing a service with most of them, so just do the virus scan, clear it all off and let them know you've done so.

[KANNIS]

Quote:

Originally Posted by bennyg

A virus isn't "nothing"...

It *could* be and probably is, but then every single file on your computer could be uploaded on some Russian site by now, or someone *could* have already run up a grand on your credit card. That's why you don't dick around.

TPG wouldn't ban you immediately, I would think they'd just put a block on your connection until you've sorted it out.

This kind of thing happens, our website was shut down for about a day because our hoster had a spambot on one of its servers, but that wasn't ACMA, it was some US-based "spam police" that had cut off our hoster from the rest of the internet.

Lucky I never use credit cards on this PC

I cleaned the system out and it did find some interesting stuff...I love removing this shit and watching my system get back to normal heheheh...

[FiShy]

Quote:

Originally Posted by IACSecurity

The chances of you doing this effectively are pretty slim. Its far better to not get them in the first place. Format is your only effective way of recovering.

The AISI is an excellent initiative - this one post proves its already helping. This is one of those unfortunate government ideas that are required to help citizens because the citizens are too stupid/lack care to help themselves.

Agreed, for every virii you find another 10 are missed.


zero writing is the only way to fly!