()

()

Malware: How an accountant’s computer might unknowingly have revealed clients’ financial data

SEQUIM — The owner of a local computer repair company is warning area accountants to be vigilant against a digital thief capable of stealing sensitive information about their clients.

“We need to be aware of this,” said Jim Manderscheid, vice president and co-owner of Quality Assured Computer Services at 680 W. Washington St., Suite B-101.

“And I don’t care who is working on their computers, just as long as their customers are safe.”

Manderscheid discovered malicious software, or malware, in late March while providing routine services on a computer belonging to a local accountant.

He encourages area residents to question their certified public accountants about their security status.

“Go to your CPA and have them give you some sort of verification that they have a clean bill of health” and are “scanning their computers daily or weekly,” he said.

And if an accountants discovers they have been hacked, they should notify their customers and law enforcement immediately, Manderscheid added.

Malware is software used to disrupt computer operations, gather sensitive information, or gain access to private computer systems.

While servicing the computer last month, “what I found was disturbing, especially during tax season.” Manderscheid said.

“I found a single, serious malware tool hiding, embedded in the system” known as “MSIL.HackTool.IdleKMS.”

“This may have been a spurious or accidental infection that may be just bad luck,” Manderscheid said.

“But since it was just one malware specific to information harvesting, it was probably done with malicious intent.”

One possible avenue of invasion “would be to introduce it into your computer via a flash drive file,” Manderscheid speculated.

“Or they have set up an account with you and are sending you an email. And on that email you were looking at a QuickBooks file, or some sort of financial file, and that came onto your system.”

After being installed on a targeted computer, MSIL.HackTool.IdleKMS — also known as Trojan.Win32.IdleKMS.deinuh Artemis!1FADEE024CBE Suspicious_Gen4.FTGGO — proceeds quietly with its purpose of collecting sensitive financial information including social security numbers, birthdays and addresses.

It is probably more damaging than simply having a person’s debit or credit card information stolen, Manderscheid said.

“If it happens, it can be a very catastrophic event for the customer base.”

The malware is used in a way “similar to keystroke loggers, [which] keep track of keys pressed and transmits the data to a hacker, who can then use this information to access password-protected accounts, or to spread malware, or viruses, or perpetrate identity theft,” Manderscheid said.

“If this hack has been exploited, then all data on the CPA’s computer has been compromised. This is similar to the [recent] hacking of Target, Home Depot, Chase, and others. But since these large corporations have stepped up their security measures, it has become harder for the hackers to break in.”

That has made smaller businesses with less resources for digital security an appealing target.

“Most likely there is a computer, or relay of computers, that harvest all the information slowly over time so as not to be detected,” Manderscheid said.

“Not being detected while executing its main objective is the primary role of malware.”

The best way to defend against the malware is to prevent it from installing in the first place through the use of anti-virus software that is updated and operating correctly, Manderscheid said.

And folks should be skeptical about downloading or opening files embedded in emails, even from people they know.

For more tips about how to avoid malware infection, go online to http://tinyurl.com/PDN-Protect.

________

Sequim-Dungeness Valley Editor Chris McDaniel can be reached at 360-681-2390, ext. 5052, cmcdaniel@peninsuladailynews.com.

More in News

No refunds issued for Fort Worden guests

Remaining hospitality assets directed by lender

Community survey available for school superintendent search

The Port Angeles School District Board of Directors is… Continue reading

Report: No charges in fatal shooting

Prosecutor: Officers acted appropriately

A group demonstrates in front of the Clallam County Courthouse on Lincoln Street in Port Angeles on Monday. The event, sponsored by the Clallam Palestine Action Group, was set on Martin Luther King Jr. day for a national mobilization for peace and justice, according to a press release. They were to focus on workers’ rights, immigrants’ rights, environmental justice and a free Palestine. (Dave Logan/for Peninsula Daily News)
‘Peace and justice’

A group demonstrates in front of the Clallam County Courthouse on Lincoln… Continue reading

Timeline set for Port Angeles School District search

Board expects to name leader in March

Gesturing toward the Olympic Mountains, Erik Kingfisher of Jefferson Land Trust leads a site tour with project architect Richard Berg and Olympic Housing Trust board trustee Kristina Stimson. (Olympic Housing Trust)
Jefferson Land Trust secures housing grant from Commerce

Partner agency now developing plans for affordable homes

Chaplain Kathi Gregoire poses with Scout, her 4-year-old mixed breed dog. Scout is training to be a therapy dog to join Gregoire on future community calls with either the Clallam County Sheriff’s Office or the Washington State Patrol. (Clallam County Sheriff’s Office)
Clallam County chaplain adding K9 to team

Volunteer duo working to become certified

Steve Mullensky/for Peninsula Daily News
About 700 participants took part in the 2025 People's March on Saturday in Port Townsend.The march went from the Quimper Mercantile parking lot to Pope Marine Park, a distance of 5 blocks. Formerly known as the Women's March, the name was changed this year to the People's March in order to be more inclusive.
People’s March in Port Townsend

About 700 participants took part in the 2025 People’s March on Saturday… Continue reading

Due to Helen Haller Elementary’s age, antiquated equipment, limited amenities, such as bathrooms, costs for renovation and many other factors, Sequim School District leaders are proposing a new elementary school as part of the Feb. 11 construction bond. (Matthew Nash/Olympic Peninsula News Group)
Sequim school bond aims to address safety

Special election ballots mailed Wednesday

Clallam County Fire District 3 firefighters look to contain a fire in 2024. Calls for fires were down last year, but general calls for service were up from 2023. (Beau Sylte/Clallam County Fire District 3)
Fire districts in Sequim, Port Angeles see record numbers in 2024

Departments adding staff, focusing on connecting patients to resources

Rod Dirks enjoys affection from his 2-year-old daughter Maeli, who expresses confidence that doctors will heal her dad’s cancer. (Emily Matthiessen/Olympic Peninsula News Group)
Sequim man fighting rare form of cancer

Family faces uncertainty buoyed by community support

Ballots to be mailed Wednesday for special election

Four school districts put forward measures