News 12 at 11 o'clock / Wednesday, Feb. 13, 2012
AUGUSTA, Ga. (WRDW) -- Facebook hacking happens a lot, but you'd think a hacker would draw the line at a pastor's Facebook page.
David Willis, Steven Creek Community Church's teaching pastor, had his marriage-dedicated Facebook page hacked.
"For me, I've read his posts every single day," said Trends Salon Owner Robyn Kelley. "My husband does as well."
Kelley, along with about 270,000 Facebook followers, were shocked when Pastor Dave Willis' Stronger Marriage page was hacked.
"It's really crazy," said Kelley, a church member and Facebook subscriber.
Willis started this page only a year ago, and in the last three months, it went viral.
"It's been an overwhelming response and I've been humbled by it," Willis said.
But last week, his faith was tested after getting a message from what he thought was the Facebook security team.
"It looked like a very official, legitimate message," Willis explained. "And I clicked on it and it directed me to a page that looked exactly like my login screen. It said, you know, we need you to fill out a form."
Little did he know he was giving the hacker his password. Then, that same hacker locked him out of both his personal and the marriage page. He thought they were both deleted.
"I was really upset because I thought, 'Man, there are so many people that are encouraged by this page, and now for it to disappear,'" Willis said.
But it didn't disappear. The hacker was running the page, pretending to be Willis. That's when he decided it was time to get the word out, and the community began to plead with the hacker.
"I knew that Dave would forgive him, so I made a comment and just said, 'Hey, give the page back, Dave will forgive you completely. But just do the right thing,'" Kelley said.
And in this rare case, it worked. Thanks to the community's response, the hacker gave the page back.
"Even if I wouldn't never gotten the page back, I would still have that overwhelming sense of gratitude," Willis said.
Have information or an opinion about this story? Click here to contact the newsroom.
Copyright WRDW-TV News 12. All rights reserved. This material may not be republished without express written permission.
Kaspersky Lab warns users about the emergence online of a new version of the Gpcode ransomware program.
The program spreads via malicious websites and P2P networks.
Kaspersky Lab products detect the program as Trojan-Ransom.Win32.Gpcode.ax.
You can read more on our blog.
Kaspersky Lab is monitoring a new email worm which is currently spreading. Emails spreading the worm say “Here you have” in the subject line.
We detect the worm as Email-Worm.Win32.VBMania.
While the servers hosting related downloads have been taken down, we are keeping customers updated and protected against any new variants.
Net-Worm.Win32.Kido exploits a critical vulnerability (MS08-067) in Microsoft Windows to spread via local networks and removable storage media.
The worm disables system restore, blocks access to security websites, and downloads additional malware to infected machines.
Users are strongly recommended to ensure their antivirus databases are up to date. A patch for the vulnerability is available from Microsoft.
The new Gpcode variant encrypts files with extensions DOC, TXT, PDF, XLS, JPG, PNG, CPP, H etc. on hard drives using an RSA algorithm with a 1024-bit key.
After encrypting files, the virus leaves a text file in the folder next to the encrypted files with following message:
Currently, we detect the new variant, but we are unable to crack the 1024-bit key. Our analysts are continuing to work on both the key and the virus to resolve this issue.
Kaspersky Lab recommends that all Internet users enable maximum protection from malicious code and network attacks on their computers, refrain from executing suspicious programs received from untrustworthy sources and back up any important information on their computers.
Detection of Virus.Win32.Gpcode.ak was added to Kaspersky Anti-Virus signature databases yesterday, on June 4th, at 15:39 GMT. Please make sure to update if you haven’t already.
If you have fallen victim to Gpcode.ak, try to contact us using another computer connected to the Internet. DO NOT RESTART or POWER DOWN the potentially infected machine. Contact us by email email@example.com and tell us the exact date and time of infection, as well everything you did on the computer in the 5 minutes before the machine was infected: which programs you have executed, which websites you have visited, etc. We'll try and help you recover any data that has been encrypted.
For more information about the malicious program, please read our weblog.
A few hours before this point, there was a noticeable increase in mail traffic of an earlier modification of Warezov - Warezov.do which featured in the October 2006 Top 20.
If you are using Kaspersky Anti-Virus 6.0 or Kaspersky Internet Security 6.0 with Proactive Protection turned on, new variants will be detected without the need to update your antivirus databases.
A full description of Email-Worm.Win32.Warezov.nf is now available in the Virus Encyclopaedia.