Was my PC Hacked for Ransomeware- Frankenstein Malware

System Member admin
edited June 2023 in The Water Cooler
This discussion was created from comments split from: Was my PC Hacked for Ransomware - Quicken password field seems "weird" ? (edit).


  • TTSguy
    TTSguy Member ✭✭✭✭
    edited May 2023

    The malware I acquired is called "Frankenstein Malware". It originated at the Univ of Texas years ago, is now being sold on the black web for 3rd parties to take and modify for their own needs.

    An example of what it is capable of: Yesterday trying to log into My Windows 11 Microsoft account I would actually type in my password (example) of: ABCDEF123, when I went from **** for the pasword characters to verify what was typed, the Password was changed to:

    "123ABCDEF" I thought I was going crazy, until I had my wife verify it! You cannot find this malware with any antimalware, because it self propagates from little pieces of other app. [Edited-Readability] Read about. Antimalware won't find it because it's pieces of malware that builds itself, and the pieces are small enough to slip through the filters that anti malware apps use to look for malware.

    Welcome to the word AI. all I can say is Holy [Removed-Language]! There are very few articles about how to work with or around this malware. I have a whole page of notes, one 3 month old DT, one 2 yr old DT, an old DT that uses Win 10 and a laptop that also uses Win 10, and I cannot even find a way to contact Microsoft, Lenovo, and have cancelled app trials, and why I cancelled them. No one believes me, or even has an interest in what I'm dealing with with this issue. The 4 boat anchors in front of me, oops, sorry, I mean PCs probably do hold some clues as to what is going on inside, but companies are so interested in hiring an army of people for one dollar an hour, that you cannot understand, and making sure that when you try to fill out a service request online with a limited number of characters, that must include screenshots, logs etc, that it's impossible to get any help with problems like this. [Edited-Readability]

    As an irony, last night I was filling in a service request for the 3 month old Lenovo DT (a $1200) boat anchor now. I got it all filled out and when I got to the part regarding my name, city, and state, I an into a roadblock. Where you put in your state, there is a box that has the dropdown list of states. Mine being CO for Colorado, ironically that state was not on the list. So I tried to put in the Initials CO. It came back and said "wrong format". so I was stopped there with a red border around that box and could do nothing to submit my form. An irony?, is this a great article for a Twighlight Zone show,?was this just a fluke? I have felt because of many instances like this that they see every detail if what I do when I turn the PC on! [Edited-Readability]

    Also beware of Windows 11 power settings. Did you know that there as setting that keeps power on even you have "shut down" the PC. I found this my accident after I got this new DT and I would shut down the PC power, and I noticed the keyboard was staying lit up, and active! This is one of Win 11 new features so I'm told. It's so gamers can jump back on quickly if they choose. So is this one of the new security features of Win 11. Is it any wonder my 4 computers are vegetables. I'm very psst! [Edited-Readability]

    Another Irony that just now happened. while typing this, right over the comment I was typing, out of nowhere the first page of this blog popped up with a "PRINT NOW BUTTON". From absolutely nowhere! Coincidence? welcome to the world of AI!!!!

  • TTSguy
    TTSguy Member ✭✭✭✭
    edited May 2023

    Update on my hack (for now):

    (1) Read about "Frankenstein Malware", I'm sure that is what I'm fighting and I suspect AI is being used to create it!

    (2) At this point for me I'm finding MS Win 11 has more security holes in it than an net bag oranges come in.

    (3) I'm convinced I acquired this from incompatible drivers that got passed MS license requirements. Also never use a driver update app except the one MS Windows uses, and do not just throw on any of the "optional" drivers that Wiindows shows as available [Edited-Readability]

    (4) Get rid of adnxs.com app or driver on your PC …this thing is trouble!

    (5) I'm finding that Google Chrome browser is much more secure than anything else, lots of work needs to be done on Win 11 security, especially with their Core Isolation security feature. That is what I believe failed on my PC to let this "FM" in. (I couldn't get any hits using about a dozen top anti malware apps, They are worthless against FM, because this manifests itself in the bios in tiny bits an pieces, and flashing nor updating your Bios can flush it out

    (6) Use a password manager (I think Roboform is the most secure)

    (7) I acquired a "Proton" email address. It's a Swiss company.

    (8) First symptom of this "FM" malware is if you start getting wrong password notifications, when you" know" that the password you used is current. and correct. Also get a notebook and annotate EVERY password change you make exactly when you changed it and which account. I didn't organize well and ended up using the colored spiral bound index cards, and "Post-it stickies. Also if you try to fight it. put all you notifications about accounts being "about someone that accessed" one of your accounts. Keep and track those notifications, so you know which are the ones you created and if others were in you account (s)

    (9) I've also found fewer issues with Win 10. The fact that you have to use a Microsoft Account with Windows,11 exacerbated the problems to a whole new level. The first password to get hacked was my Microsoft password, and the one that got changed (not by me) the most.

    (10)To give you a flavor of what this malware can do… Yesterday trying to log in to my MS account I would type the password in and it would tell me it was the wrong password. I chose in setting to NOT be able to fill the passords by lettters, and lead the * turned on so I would not be putting my info on the screen. To circumvent me to change that back to verify the letters of the password onscreen, I ran into a circumstance where if my password was"ABCDEFGH" i would type that in, get the "wrong password notification", I'd type it in again, get the same notification, so I had my wife come in and try to log in. She sat down, typed in "ABCDEFGH", got the same result so I had to turn back on the ability to review what I had typed. After I did that I found that the this malware actually changed what I was typing. When I typed in ABCDEFGH, and watched on my screen what was typed, the malware actually changed what I typed to: FGHABCDE! It moved the last 3 characters that I typed to the front of the password first. IT was so beyond belief, that I was glad my wife was here to verifiy this. This was something beyond imagination. This was their way their way of saying you better check what you type is what you see you typed, to be sure that we can both see it! They also will whittle down one at a timeWelcome to the world of AI. All I can say is holy [Removed-Language]!

  • Jim_Harman
    Jim_Harman SuperUser ✭✭✭✭✭

    @TTSguy Most of your recommendations above make sense.

    What makes you think it is this particular malware that is causing your problems?

    Do you get the same scrambled characters on more than one system, or if you type into a word processor or another application, or is the problem just with passwords on one system? I wonder if there might be a problem with your keyboard, mouse, or touch screen that is making your cursor jump around.

    QWin Premier subscription
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭

    I don't know what to say about any of this. I would hope that I never get something like this, and if I did that, I would be able to handle getting rid of it.

    This is my website: http://www.quicknperlwiz.com/
This discussion has been closed.