Talk:Clampi (trojan)

It should be noted

It should be noted, that this trojan uses is self-encrypting, packed and using a virtual machine to protect its code. Furthermore all network communication is encrypted using blowfish. — Preceding unsigned comment added by 89.144.192.162 (talk) 21:16, 17 July 2013 (UTC)

External links modified

Hello fellow Wikipedians,

I have just modified one external link on Clampi. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://web.archive.org/web/20090802114351/http://www.networkworld.com:80/news/2009/072909-clampi-trojan.html to http://www.networkworld.com/news/2009/072909-clampi-trojan.html

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 16:56, 25 November 2016 (UTC) This is a Virus that is used very frequently from "Tech Support" scammers. They will show you this in hopes that you will trust that they are trying to help you when actually they only want to log into your personal account information to attempt to scam money. — Preceding unsigned comment added by 47.40.254.110 (talk) 12:46, 13 February 2020 (UTC)

Semi-protected edit request on 3 December 2016

please change data to information Tony876543 (talk) 22:42, 3 December 2016 (UTC)

 Done Thanks again, Dawnseeker2000 23:44, 3 December 2016 (UTC)

Semi-protected edit request on 3 December 2016

Clampi is a man-in-the-browser trojan that can transmit financial and personal data from an infected computer to a third party please change infected to compromised Tony876543 (talk) 22:46, 3 December 2016 (UTC)

 Done Thanks, Dawnseeker2000 23:43, 3 December 2016 (UTC)

Semi-protected edit request on 25 July 2018

Add a warning to people that scammers pretending to do Microsoft Support often point to this page as a scare tactic and that they should stop communicating with them immediately. 173.177.41.82 (talk) 02:30, 25 July 2018 (UTC)

 Not done for now: WP:NOTMANUAL, describing in prose might be better JTP ^{(talk • contribs)} 05:03, 25 July 2018 (UTC)

While not "standard" I don't see anything within WP:NOTMANUAL that disallows placing a temporary notice on top of the page. Sure, initially I planned to note what I've seen within the page text itself but that would easily be sidestepped by the scammers. What they're doing is opening the Wikipedia page on the victims machine and quickly highlighting the first few lines. They then close it and move on with the scam. By placing a warning block on the top of the page the user will see it prior to what the scammer highlights and hopefully defeats the scammer. I'm not sure why you decided to remove the block without even discussing it (WP:AGF). ≡ JE ▪ Talk 06:14, 25 July 2018 (UTC)

I don't understand why you threw AGF at me. I did assume good faith, but we as an encyclopedia are not meant to help our readers with their problems, we are meant to inform them. Instead of saying "Hey, you're being scammed," a more encyclopedic way of doing so would be adding it in prose. JTP ^{(talk • contribs)} 19:02, 25 July 2018 (UTC)

The concern here is that scammers are using Wikipedia, a service that is considered reputable, as a method to confirm their malicious attempts to extort money from those who aren't technically capable. This article is at best a stub that has been in a way hijacked for their use. We place all kinds of templates on articles that describe issues with it and I see no difference here. I'll see if there is a way I can tactfully add mention to the recent use in a way that can't be ignored by the scammers but I can't find references beyond screen captures of scammers doing this. Lastly, my reference to AGF is due to how you reverted the edit and resolved a request with "Not done for now" that was already "resolved" by placing a warning. If you disagreed with my method I would have appreciated a note about it; not telling the other editor it won't be done and quietly reverting. Wish you well. ≡ JE ▪ Talk 19:44, 25 July 2018 (UTC)

Additionally, I used the template Template:Warning as described, " It should be used sparingly and only for important warnings about an article or a user that cannot be shown using a more specific template. Please only use it when something is seriously wrong and other people might not otherwise know about it. Less important comments should be put as regular text on the page's talk page instead." I felt and continue to feel that an article targeted for use by a bad actor to confirm their activities looks poorly on Wikipedia especially when an editor tries to help curb the malicious use only to have that effort subverted. Truly nothing personal with you; I get you're following what you feel is appropriate. But I disagree the warning isn't appropriate. ≡ JE ▪ Talk 19:53, 25 July 2018 (UTC)

I don't feel like getting into a never-ending debate, do what you feel is best, I don't care. JTP ^{(talk • contribs)} 20:49, 25 July 2018 (UTC)

Agreed; I've simplified the notice, re-added it and will remove it in a week. Again, wish you well! ≡ JE ▪ Talk 21:16, 25 July 2018 (UTC)

Warning

@JE: is the warning banner really appropriate? Wikipedia:No disclaimers in articles and it's not really our problem how others link to or re-use our articles. – Finnusertop (talk ⋅ contribs) 09:12, 10 September 2018 (UTC)

I wouldn't consider it a disclaimer. I would consider it more a warning that the article is being hijacked for scamming operations. I noted above that there was precedence (along with a template.) At one point it was being used heavily by scammers. I'm sure now they've moved on and the warning could be removed. Again, this article is closer to a stub than anything with substance. Scammers were using the fact that it was Wikipedia and quickly highlighting the first line (remotely) as a form of conformation. Wikipedia is a place for information obviously.. and in this case the information needed to be boldly described. ▪ JE ▪ (Talk) 03:08, 20 September 2018 (UTC)

(User talk:JE) If you don't like it then improve it! They use it because it's a stub and says scary stuff. It WAS an important first in banking trojans, however it's hasn't been activacted for over a decade so I tried to change it to reflect that more. I can't find confirmation the the russian hacker group abandoned it, only info that that the code was never shared or sold online and was only used by one syndicate. I'm fine with changing it to "it WAS a banking trojan", in fact I'll be wp:bold and do it right now. Technophant (talk) 09:04, 2 June 2020 (UTC)

• DONE. Looks a bit better. Please keep in mind the Kaspersky article was likely updated around 2010 at the latest and this is virus will only be found on archive disks. Technophant (talk) 09:25, 2 June 2020 (UTC)

Semi-protected edit request on 4 February 2020

• • • • • Reminder to any helper to read the discution before positionning oneself or making any comments ***** — Preceding unsigned comment added by 132.203.171.109 (talk) 23:12, 6 February 2020 (UTC)

Add this line as information regarding one of the current modern use of this virus at the end of the (only) paragraph : The virus is also often used as an excuse by scammers to pressure individuals into sending them money for the removal of a fake virus while it is posing as a cleaning software.Cite error: A <ref> tag is missing the closing </ref> (see the help page).

}} Warren Walker — Preceding unsigned comment added by WarrenWalker (talk • contribs) 8:16, 21 May 2020 (UTC)

ENOUGH ALREADY!! with the templates @Kitboga (streamer)

I've researched every singe source available on the web and have done a major revision of the article. Any edit trying to put a warning template has been done in good faith and I've attempting to put the article in to proper time frame (circa 2009) as well as including a reference to modern appropriated. The wp:lead says ATM "Clampi IS a strain of computer malware that affecteD Microsoft Windows personal computers." Please strongly consider keeping this. It's the best way of phrasing a complicated situation in everyday english. I'm a technical person who has taken technical writing classes and has no problem writing this s**t up for computer people, however I'm also a self-employed computer technician and I prefer to work instructing the elderly. I'm also an avid YouTuber/watcher musician (technophant's channel on YouTube) and a fan of Kitboga (streamer) I'm not insensitive to how important it is that this article reflects the best and most accurate information available.

Previous Wikipedians have assumed that if the wiki is changed the scammers will change their script. India has 850M+ citizens and an estimated 1M telephone support specialists. They take profitable scripts and steal/share them and are remarkably stupid about changing things that are profitable. I'm personally surpised the Tree command still works, however it looks just like the output from an antivirus so basically what's profitable is proliferated. Technophant (talk) 11:45, 2 June 2020 (UTC)

Requested move 2 June 2020

The following is a closed discussion of a requested move. Please do not modify it. Subsequent comments should be made in a new section on the talk page. Editors desiring to contest the closing decision should consider a move review after discussing it on the closer's talk page. No further edits should be made to this discussion.

The result of the move request was: page moved. Technophant (talk) 22:41, 2 June 2020 (UTC)

---

Clampi → Clampi (trojan) – An obsolete computer virus common in 2009, now found on the web as a Vietnamese word? and an Italian surname and also referring to musicians. Suggest rename from common proper noun in namespace. Technophant (talk) 13:57, 2 June 2020 (UTC)

More research shows that Clampi is varient the italian name Ciampi, as in the ex-president of Italy Carlo Azeglio Ciampi. The immigrations officials in Ellis Island often just wrote down what they heard and it's easy to see how that change could happen. Even reading this without my glasses I can barely tell the two apart. Technophant (talk) 22:29, 2 June 2020 (UTC)

I self-closed this a few hours after opening. There's too much going in with Covid and George Floyd to worry editors about vintage computing trivia. Technophant (talk) 22:40, 2 June 2020 (UTC)