Will I ever have peace of mind

Yopsie · 2023-10-03T05:52:59+00:00

There was an error rendering this rich post.

For years I've felt safe, only torrenting movies, audio and tv shows, mostly from archive.com. I used to think it was just exes and msi's that were the only vector onto your system.

Well I've had that sense of safety shattered by buffer overflows. The first thing that did it was pdfs. You can get hacked, as in full control of your PC, web cam, mic whatever from reading a pdf. Most pdf readers have been patched, but that's scary.

I have torrented a fair few pdfs in the past. I was so spun out and paranoid I installed Bitdefender.

But lately, a few weeks ago it turns out you get hacked from a webp image. I'm just about ready to go live in the woods. This is ridiculous, you get fully hacked, webcam, mic ect from looking at an image!? You don't even have to look, if a malicious webp gets loaded by any application (including your browser) that uses the unpatched libwebp library it's game over.

Anyway, malware bytes and not installing exe's used to give me peace of mind. Now I'm in a mess. Because it feels like every day is another zero day. There is absolutely nothing stopping me from waking up and the top story is "everyone who browsed youtube from 2008 - 2023 has been completely vulnerable to a new zero day. We patched it now though dw"

A random guy popped up to me on Steam and was showing me screenshots of some mods he made and I was just being polite. Now for all I know he's installed a rat on my system and is watching me type this right now.

Every time I google does Bitdefender get rid of RATs the answer is always 'it's pretty good but you never know'.

Look I need peace of mind. And even if I wipe my system I'm paranoid enough to think a virus is in my BIOS or firmware. Root access is root access.

I am not a state actor, I'm broke, don't have any social media and I don't think I'm too interesting.

I've have Bitdefender installed, am I safe? I've had no weird behavior on this pc, I installed Bitdefender when I read about pdfs and got freaked out mentally.

TLDR, this is what I'm really asking:

1) I really like bitdefender's firewall. If there's nothing weird appearing on the firewall am I safe? Or can a RAT communicate around bitdefender's firewall?

2) Does bitdefender's real time protection work? Would I know right now if something was going on and I've been zero day'd?

3) I'm really paranoid, but I'm not rich or important, just normal. Does the stuff I'm worrying about only effect state actors? Do these attacks need to be targeted? Or can any darkweb community read up about current zero days and RAT me or a group of people?

4) I really don't want to reinstall windows every time a news story about a zero day comes out, and even if I do malware can hide in bios and firmware. Will bitdefender know about weird behaviour? Does everything have to go through the firewall? Can I honestly trust Bitdefender as a normal person? It's RATs, screen capturing and webcam/mic access that really freak me out

5) All full system bitdefender scans, including one from rescue environment come back clean. But it's easy to create a new virus by changing some bytes around, I don't feel to reassured. Should I?

Find more posts tagged with

remote access

Comments

Flexx

https://community.bitdefender.com/en/discussion/97354/will-i-ever-have-peace-of-mind

1) I really like bitdefender's firewall. If there's nothing weird appearing on the firewall am I safe? Or can a RAT communicate around bitdefender's firewall?

A good firewall can help to protect you from RATs, but it is not a perfect solution. Some RATs can use stealth techniques to avoid detection by firewalls. However, Bitdefender's firewall is one of the best on the market, and it is unlikely that a RAT would be able to bypass it without you noticing.

2) Does bitdefender's real time protection work? Would I know right now if something was going on and I've been zero day'd?

Bitdefender's real-time protection is very effective, and it is likely that it would detect a zero-day RAT attack. However, it is always possible that a new RAT could be developed that is able to evade detection by Bitdefender.

RAT attacks can be targeted or untargeted. Targeted attacks are typically used to spy on or steal information from high-profile individuals or organizations. Untargeted attacks are more common, and they can be used to infect any computer that is vulnerable.

It is important to note that RATs are not just a threat to state actors. They can also be used to steal personal information, such as passwords and credit card numbers. They can also be used to blackmail or extort people.

Bitdefender is a reliable antivirus program, and it is one of the best options available for normal people. However, no antivirus program is perfect, and it is always possible that a new RAT could be developed that is able to evade detection.

It is important to keep your operating system and antivirus software up to date. This will help to protect you from the latest zero-day vulnerabilities.

It is also important to be careful about what software you install and what websites you visit. RATs are often spread through malicious software and phishing attacks.

5) All full system bitdefender scans, including one from rescue environment come back clean. But it's easy to create a new virus by changing some bytes around, I don't feel to reassured. Should I?

It is reassuring that your Bitdefender scans have come back clean. However, it is important to remember that no antivirus program is perfect. It is always possible that a new RAT (Remote Access Trojan) could be developed that is able to evade detection. But Bitdefender products are always evolving with new technology, other than signature-based detection, such as advanced threat defense, which is essentially behavior blocking and cloud detection technology.

To be extra safe, you can use a variety of security measures, such as:

A) Using a strong password manager to generate and store unique passwords for all of your online accounts.

B) Enabling two-factor authentication on all of your online accounts.

C) Using a VPN when connecting to public Wi-Fi networks.

D) Being careful about what software you install and what websites you visit.

Overall, Bitdefender is a reliable antivirus program that can help to protect you from RATs and other malware.

Here are some additional tips to help you stay safe from RATs:

A) Be careful about what links you click on and what attachments you open.

B) Keep your operating system and antivirus software up to date.

C) Use a strong password manager to generate and store unique passwords for all of your online accounts.

D) Enable two-factor authentication on all of your online accounts.

E) Be careful about what software you install and what websites you visit.

F) Monitor your network traffic for suspicious activity.

G) Use a VPN when connecting to public Wi-Fi networks.

Regads

Yopsie

https://community.bitdefender.com/en/discussion/comment/329070#Comment_329070

Thanks for responding...it's so annoying, you say always install software from sources you trust but I don't think think you get my frustration... looking. at. an. image. can. rat. your. pc.

It's not your fault, it's just how things are. But it's absurd.

"Bitdefender's firewall is one of the best on the market, and it is unlikely that a RAT would be able to bypass it without you noticing." This is what I'm going to cling onto. I'm not going to reinstall my OS, there's no point. We all know all software will always be riddled with zero days.

Alexandru_BD

Hello,

To add here, regarding webcam/mic access, Bitdefender has a microphone monitor and offers webcam protection as well. Should these be a concern to you, here's how they work:

https://www.bitdefender.com/consumer/support/answer/28559/

https://www.bitdefender.com/consumer/support/answer/2028/

I hope the information is useful.

Regards

Yopsie

https://community.bitdefender.com/en/discussion/comment/329087#Comment_329087

I suppose my main concern is when an attacker has root access to your machine, they can arguably get around this useful feature?

Alexandru_BD

I think you have nothing to worry about, really.

The attacker would first have to get inside. Even if they are some of the most dangerous e-threats to date, rootkits don’t just work by themselves – they need an infection vector to propagate and install. Hackers use Trojans or leverage operating system vulnerabilities to plant rootkits.

Make sure you develop some appropriate online browsing habits as these would help boost security:

Encrypt your private information and make sure to back up your data in multiple sources, just to be safe.
Because the most common way for a hacker to get into your network are Trojans, never open email attachments from senders you’ve never heard of.
If you are casually streaming a video or want to open a file and are asked to download a plugin, don’t.
Constantly update your firewall and security solution, and periodically run full system scans on your Windows

Stay safe 🙂

Yopsie

https://community.bitdefender.com/en/discussion/comment/329159#Comment_329159

Thanks, but have you not read the news? You say the attacker would "first have to get inside", that's precisely what I'm on about. Turns out there's been a zero day flaw in the webp image format, you view any website in the last 10+ years that has a 1px x 1px malicious webp and they're in. Google said this attack has been found being used in the wild, but hasn't expanded on it, so I have no idea if it's against targeted high value individuals which would calm me down or lots of people.

Either way, that "the attacker would first have to get inside" mentality doesn't mean anything these days. Which is why I'm asking if Bitdefender's firewall would probably stop a zero day that successfully gets inside.

Yopsie

https://community.bitdefender.com/en/discussion/comment/329159#Comment_329159

Thank you but have you not read the news regarding the webp vulnerability? You view a website within the last 10 years that has a malicious 1px x 1px wepb anywhere in its html and the bad guys are in. That whole "the hacker would have to first get inside" attitude has gone out the window in this era of zero days.

Which is why I'm asking should bitdefender notice weird stuff going on in my system via heuristics or will the firewall notify me of weird processes sending data? Will I be able to notice thanks to bitdefender that I'm compromised?

Alexandru_BD

Hello @Yopsie,

Well, why didn't you say so? 🙂 I have read the news and of course everyone here is aware of the webp vulnerability. The critical zero-day vulnerability recently disclosed in the WebP image library also known as 0day in WebP indeed poses a significant security risk across numerous software applications and platforms.

Recently Bitdefender released an update that solves the WebP vulnerability in Safepay.

Originally reported by Apple and Citizen Lab which was tracked as CVE-2023-4863 specific to Google Chrome, now has since been reclassified as CVE-2023-5129 and correctly attributed as a flaw in libwebp with a maximum 10/10 severity rating.

Flexx

Also, you can access vulnerability information from the National Institute of Standards and Technology (NIST) and the Common Vulnerabilities and Exposures (CVE) through the following links:

https://nvd.nist.gov/vuln/detail/CVE-2023-4863 OR https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2023-4863

https://nvd.nist.gov/vuln/detail/CVE-2023-5129 OR https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5129

Regards

Pierre007

Hi, I need help

Scan found the CVE-2023-4863, never found it before. What can I do now?

Help!

Pierre

Flexx

https://community.bitdefender.com/en/discussion/comment/351328#Comment_351328

To address CVE-2023-4863 detected by Bitdefender, follow these steps:

1. Update All Installed Software

Ensure all installed software is up to date:

To simplify the update process, use Patch My PC Home Updater ( https://patchmypc.com/product/home-updater ), which scans for outdated software and updates them automatically.

2. Update Microsoft Windows

Keeping Windows updated is essential for security:

Open Settings → Windows Update.
Click Check for updates and install any available updates.

Regards