December 11th, 2013
Ransomware has been a concern for internet users for some time now, but experts are predicting that the malware will affect more victims than ever before in 2014. As Warwick Ashford of Computer Weekly reports, hackers are producing malware kits that allow ransomware to be created more easily.
Ransomware is a type of trojan malware. It locks a computer or encrypts the data stored on it and demands a payment to unlock or decrypt it. The specific tactics taken are different from attack to attack, but usually victims find that their payment doesn’t restore their computer.
Researchers have discovered conversations on hacking websites about malware kits that make it easier to produce ransomware. These kits allow criminals without advanced knowledge of hacking to produce dangerous malware and even come with technical support. Kits can be used to produce all kinds of malware and the recent rapid rise of malware production is being attributed to their existence. Experts expect more ransomware to be produced with malware kits because it is an attack that directly leads to a payout, unlike other threats that require multiple steps to become profitable.
The best way to protect yourself from ransomware and other malware is to prevent it from infecting your computer in the first place. Be extremely cautious of untrusted email attachments and links in the body of emails. Try not to visit any untrusted websites and trust your browser when it warns you about potential dangers.
It’s also important to keep all applications, especially your antivirus program, updated. Backing up files is also helpful so that if some files are encrypted or damaged, you’ll be able to restore them.
If your computer is infected with malware, don’t pay a ransom. Bring your device to Geek Rescue, or call us at 918-369-4335.
December 11th, 2013
Recent reports revealed that the FBI has been able to remotely activate webcams and log keystrokes without any evidence to users that they’re doing it. These tactics have been used to investigate crimes, but they reveal the capabilities of hackers. If the FBI has the ability to remotely access your webcam and log your keystrokes, then so do criminals. Mathew J. Schwartz of Information Week published some tips that help protect specifically against these kinds of threats.
- Anti-keyloggers and antivirus
Antivirus and anti-malware programs are important to your computer’s security, but they don’t protect against every threat. Most are unable to detect a keylogger. But, there are programs specifically designed to thwart a keyloggers attempts. These programs don’t identify and remove this type of malware. Instead, they encrypt or scramble your keystrokes so that no other program can record them. Even anti-keyloggers won’t completely protect you, but they’re useful against the most common keylogger malware.
Attacks through your email are the most common ways malware, like keyloggers or webcam hijackers, find there way onto your computer. To protect yourself, be extremely cautious about what emails you open, what links you follow and what attachments you download. Generally, if you’re not expecting an email, you don’t need to read it or download any attachments. It’s also important to keep your browser, operating system and antivirus software updated to protect against the latest threats.
- Be protective of passwords
Too many users are willing to input passwords to their most valuable online accounts in low security situations. If you arrived at a site by clicking a link in your email, don’t put your password in. It’s possible that, even if the site looks legitimate, it’s a spoofed version of the actual site. Instead, put the URL into your browser yourself. If you’re using public or unsecured WiFi, it’s also not a good idea to log-in to any accounts. These networks allow hackers to easily intercept data, which means you could be handing them your log-in credentials. Wireless keyboards also pose a problem. Recent keyloggers have been able to intercept data from wireless keyboards.
If you’re worried about remote activation of your webcam, which allows you to be photographed or recorded without your knowledge, there’s one surefire way to protect yourself. Cover your webcam. Hackers are able to activate your webcam without any of the notification lights coming on. So, you’ll never know for certain that you’re safe, unless the webcam is covered. The most popular method is to cover it with a bandage when you’re not using it. This way, no sticky film gets on the camera lens itself.
Hackers are continually evolving their tactics and, as technology improves, their capabilities increase.
If your computer is infected with malware, or you’d like to improve the security at home or at your business, contact Geek Rescue at 918-369-4335.
December 10th, 2013
Security experts often preach about the importance of keeping antivirus programs up to date in order to identify and prevent the latest threats. But, Jeremy Kirk reports at PC World that a new piece of malware is undetectable for most antivirus programs, even when they’re fully updated.
The malware is called ‘ISN’ and is able to hide disguised as a module for Microsoft’s Internet Information Services, IIS, which is included with the Windows operating system. ISN is classified as a malicious DLL, or dynamic link library. Its installer contains four different versions of the DLL with each being compatible with different versions of Windows and Microsoft IIS.
Once installed, ISN steals data from Web-based forms. So far, it’s been used to steal credit card data from payment forms on e-commerce sites, but could be used to steal log-ins and any other important information you put into a form online. ISN can also be configured to monitor activity on a specific website.
The only way it’s been detected has been by antivirus programs flagging it as potentially harmful due to its activity. ISN will send the information it steals to a third party, which sets off alarms for some security applications. By that time, however, your information has likely already been stolen and put in the hands of a criminal.
The good news is that ISN attacks are not believed to be widespread. The capabilities of this malware and its ability to stay undetected make it a likely candidate to be used in more attacks in the coming months.
Running an effective, updated antivirus is still a vital practice for staying safe from most threats, but as ISN malware shows, it doesn’t keep you completely protected. In addition to security software, you must also practice safe surfing and avoid potential threats before they have a chance to infect your machine. Email attachments, untrusted downloads and malicious links are usually at the heart of any malware infection. Be extremely cautious about where you go online and what you allow onto your computer.
If malware has infected your PC, or you’d like to improve your security, call Geek Rescue at 918-369-4335.
December 10th, 2013
Malware being made specifically for mobile devices is growing rapidly thanks to the number of smartphone users also growing. Hackers target any device that could be profitable for them, which is also why most mobile malware is a threat to Android users, who make up most of the mobile audience. One recently discovered threat is drawing interest from security experts because it marks a jump in the capability of malware attacks. As Graham Cluley writes on his security blog, MouaBad.P is a piece of Android specific malware that’s capable of making phone calls without user interaction.
MouaBad is a family of mobile malware that allows hackers to control a smartphone remotely. In earlier instances, this malware was used for sending text messages to premium numbers, which charged the users. MouaBad.P is the first time experts have observed the ability to remotely make phone calls without any user interaction.
The malware typically makes it onto a smartphone through an infected app. Once installed, Mouabad.P is able to make phone calls while your screen is off and your phone is locked. It stays hidden by ending all calls once you turn your screen on. It does leave a trail, however. By checking your call logs, you’ll be able to tell if a third party has been making phone calls without your knowledge.
Currently, this type of attack has only been seen in Chinese-speaking regions. Mouabad.P is specifically made to target these countries and won’t work for smartphones outside this region. However, its existence suggests similar threats could be coming to the US soon.
To keep your phone safe from all threats, be extremely cautious about what you download. Also, make sure you’re running an effective, updated security app at all times.
If your smartphone or any other device is infected with malware, bring it to Geek Rescue or call us at 918-369-4335. We’ll clean off the malicious apps and files and help you better secure your device against the next attack.
December 9th, 2013
Worldwide, Android is actually the more popular choice for smartphones than Apple devices. But, security issues are a common complaint of users and a common reason many opt for Apple instead. Bob Violino of InfoWorld reports that these concerns over security are mostly overblown, but points out the two risks that exist for all Android devices.
The Android version of the App Store is Google Play. It’s a marketplace where users can download all kinds of apps. But, it’s regarded as much less protected than Apple’s App Store. The nature of Android is that it’s open for development. This encourages new, innovative apps and features to be developed, but also allows for malicious apps to find their way into the marketplace. Many apps ask for more permissions than they need, even if they aren’t actively malicious. Performance issues and data loss are often attributed to a bad app. Because Google Play does not set up enough precautions to keep malicious apps out, it’s a legitimate concern for Android users.
In the context of the Android platform, fragmentation refers to the many different manufacturer’s and versions of the Android operating system that are currently running on users’ devices. Unlike Apple’s iOS that is consistent for all users, manufacturer’s are able to tweak and alter Android specifically for their devices and aren’t forced to roll out updates once they become available. The result of this is that outdated versions with security flaws are allowed to run, which is a danger to users and to any network they connect to. The majority of Android users are running out of date versions of the operating system. This poses a significant threat to businesses who allows employees to use their own devices on the company network.
The Google Play store and fragmentation are both legitimate concerns for security with Android. For individual users, being more cautious about what apps you download and being proactive about updating your device’s operating system both help to overcome these problems. For businesses, a robust compliance policy, an end to support for older versions of Android and other security provisions allow your company to use Android devices without as many security issues.
For help securing a device or a network, or to fix an existing problem with a device, come by or call Geek Rescue at 918-369-4335.
December 9th, 2013
It’s important to install updates and patches when they’re made available for all applications you use. These updates typically fix compatibility issues and security flaws that an application contains, so installing them keeps your computer safe from attacks and prevents crashes and freezes. Web browsers and antivirus programs are vital to keep updated, but arguably the most important is your operating system. Larry Seltzer of ZDNet reports that Microsoft is releasing 18 total updated on December 10. Most of these are to fix bugs in a version of Windows. Here’s a look at some of the most interesting available updates.
- Windows 7- Using AutoPlay after inserting an audio CD causes Windows Media Player to freeze. This bug seems to come into play only after installing Internet Explorer 10.
- Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2- This dynamic update helps “obtain critical driver, component and setup improvements during initial setup.”
- Windows 8, 8.1, Windows RT, RT 8.1- This update is for the Microsoft Camera Codec Pack. Without this update, you’ll be unable to view images from some cameras and RAW camera files won’t be viewable in Windows applications.
- Windows MultiPoint Server 2012, Windows 8, 8.1, RT, RT 8.1, 7, XP, Windows Server 2012, 2012 R2, 2008, 2008 R2, 2003- A variety of updates are available that are described only as “resolve issues in Windows.” Installing these fixes bugs and compatibility issues.
Many users won’t notice much of a difference in their Windows experience after installing these updates, but they are necessary to ensure that your system isn’t vulnerable to attacks or crashes. The idea behind Microsoft’s update releases is that most users will have problems fixed before they realize there was a problem.
If your PC is has issues, first make sure your operating system and applications are up to date. If the problems persist, bring your device to Geek Rescue or give us a call at 918-369-4335.
December 6th, 2013
Looking back at the year in cyber threats, 2013 featured a number of new innovations that allowed hackers to compromise security, infect systems and steal data. Adam Kujawa of Malwarebytes recently published his list of the biggest threats to your security in 2013. The threats included in this list are important to know because they’re likely to continue to be used throughout 2014, as well.
Ransomware wasn’t new in 2013, but hackers have used it to inflict more damage this year than ever before. This particularly scary brand of malware is capable of locking down a user’s computer and encrypting their personal files. A payment is then demanded to restore the system, but most users find that even after paying their computer is still useless. This year, many forms of ransomware were disguised as government agencies investigating a crime. In some instances, an individual’s webcam was hijacked so an image of the user could be displayed along with a note claiming that their internet history included some illegal activity. Because of it’s jarring nature, law enforcement has cracked down on ransomware and production seems to be down.
Making its debut in September of this year, Cryptolocker did an astonishing amount of damage in a short time. It’s a form of ransomware that demands a payment to decrypt your files. The difference is, Cryptolocker does a better job encrypting files than most ransomware. It actually uses a double encryption, which is so strong it would take a normal desktop system an estimated 6.4-quadrillion years to break it without a key. Needless to say, no one has broken the encryption yet. Cryptolocker also puts a time limit on a user’s decision. They’re asked to pay for the key to decrypt their files, but if they don’t make a payment within a day or two, the key to the encryption is threatened to be erased from its remote storage. Currently, the best way to stop a Cryptolocker attack is to keep it from infecting your computer in the first place.
With more and more users with smartphones, it was expected that more malware would be produced specifically for the mobile audience. There was more mobile malware produced in 2013 than any previous year and most of that was for the Android operating system. Threats included malware that could make texts and phone calls without the owner of the phone knowing and malware that spoofed banking security precautions to steal log-in information. There were also instances of a smartphone’s camera being hijacked. The capabilities of malware for smartphones will only increase with time and, unfortunately, many users continue to use a smartphone with little to no security in place.
Potentially Unwanted Programs, or PUPs, are certainly not new, but 2013 saw them become much more harmful than ever before. Seasoned internet users will have dealt with PUPs before as an inclusion with other downloads or as something they never meant to download in the first place. Commonly, a toolbar or search agent will appear that a user doesn’t actually want, but, except for being a nuissence, it doesn’t do any real harm. In 2013, these PUPs began to include a Bitcoin miner, which could potentially cause significant damage to some types of systems.
New threats pop-up every day. That’s why it’s extremely important to keep antivirus programs and other security software up to date with the latest definitions. All applications need to be regularly updated to close off security holes that have been exploited in the past.
If your system is infected with malware, or you’d like to improve your device’s security before it’s attacked, contact Geek Rescue at 918-369-4335.
December 6th, 2013
Standard USB connectors that help us attach our mouse, printer, digital camera, smartphones and more have been around for nearly two decades. It’s fair to say then that it’s time for an update on the design. As Sam Byford reports for The Verge, USB newest connector will feature an entirely new design that will allow for thinner devices.
The new connector, called Type-C, will be rolled out with the USB 3.1 specifications and should start hitting the market some time after the middle of 2014. The new design means that all of your older USB cables will be obsolete for new devices unless used with an adapter. However, Type-C aims to make a more universal connector that’s reversible. This means that both ends of the cable can be used right side up or upside down on nearly every device. Apple products are, of course, an expected hold out.
Type-C hasn’t been seen by the public yet, but the connectors are expected to be about the same size as the current micro-USB connectors found on many phones, cameras and mp3 players. These smaller connectors allow devices to be thinner than ever before because they’re no longer bound to the bulky by comparison current USB plug ins. For example, the Samsung Galaxy Note 3 has been criticized for its seemingly over-sized USB port, which doesn’t seem to match with the rest of the device’s design.
At Geek Rescue, we know tech. If you’re experiencing problems with any of your devices, old or new, bring them in to one of our locations or call us at 918-369-4335.
December 5th, 2013
Spam and other online threats seem to multiply around the holidays. This can be attributed to the amount of time and money being spent online shopping for gifts. A post on the All Spammed Up blog lists some of the most common threats to watch out for this holiday season.
Everyone is looking for a deal this time of year. Unfortunately, hackers use this desire to steal your money or infect your computer with malware. Emails advertising popular products for incredibly low prices appear in your inbox, but they aren’t from a recognized store or website. These ads usually direct you to a website where you can order the product, but it will never arrive. Instead, your credit card information is usually stolen. These websites can also infect your computer with malware. If it seems to good to be true, it usually is.
Sending e-cards to friends and family is a popular practice. Criminals are now using e-cards, as well. Under the guise of a holiday greeting, hackers are able to infect your computer with malware. This scam continues because once one person falls victim, their email is hijacked and used to spread the malicious e-cards to other users. The message appears to be from someone you know, which increases the chance you’ll open it and also become a victim. To help separate legitimate cards from malicious ones, first check to see if they have used your full name. Legitimate e-card sites ask for the recipients first and last name, while most criminals won’t have either. You shouldn’t have to download any special application to view the card. Some legitimate sites will include a link in the email, but don’t follow those to be safe. You should be able to view the card by visiting the site directly.
With so much shopping being done and so many warnings about identity theft and credit card fraud, consumers are ripe for a banking scam. An email claiming that your bank account has been compromised appears in your inbox and provides a link to the bank’s website. You’re asked to log-in, or sometimes asked directly for your credit card or bank account number. This is not the way a legitimate bank does business, however. If you receive an email like this, it’s almost always a scam. If you want to check to make sure, go to the bank’s actual website and call their customer service number.
These scams are more common around the holidays, so be extra careful when shopping and surfing online.
For help improving the security on any of your devices, call Geek Rescue at 918-369-4335.
December 5th, 2013
Phishing emails are a dangerous threat to anyone with an email address. Usually, there are some obvious signs that suggest a scam, but as Paul Ducklin of Naked Security explains, the absence of these signs doesn’t necessarily mean an email is legitimate.
The goal of most phishing scams is to steal your password for an online account. The email could contain a link that takes you to a legitimate looking log-in page. When you try to log-in, however, your information is sent directly to the criminal behind the scam. There are also emails containing malicious attachments. If you download and open the attachment, your computer will be infected with malware that could have a number of uses.
Some users believe that if an email with no link in the message, and either no attachment, or an attachment that shows no signs of malware after scanning with a security applicati0n, that email must be safe. But, criminals have other methods for stealing information.
Because most hackers know that users have become more cautious when opening links and attachments in emails, they’ve altered their tactics. An email may claim to be from a legitimate company and contain no links. It could have a clean attachment. However, the attachment may be a .pdf or word document containing a message and a link to a website. Many users are fooled into thinking that the link in the attachment is safer than if it had appeared in the body of an email, but that’s not the case. Usually, the link found in the attachment will also direct you to a malicious site used to steal your log-in credentials.
These sites designed created specifically to steal passwords are dangerous. Many are designed so that the ‘close’ button on the log-in box acts the same as the ‘submit’ button. This means that even if you decide at the last second not to log-in and try to close the log-in box, any information you put in will be sent anyway.
Unlike legitimate websites, these scam sites also don’t use ‘HTTPS’. That makes them more vulnerable to ‘sniffing’, or other parties being able to intercept any information you send through the site. So, not only does the criminal running the scam have your password, but anyone monitoring the activity on the site could too.
The best option for preventing yourself from becoming a victim of a phishing scam is to avoid them all together. If an email arrives in your inbox, make sure it’s from a trusted source. Check the sender’s address. Often, scam emails won’t be from the domain of the company they’re impersonating. Also, don’t download any attachments unless you know exactly what it is. Don’t follow links provided in emails. If you want to visit a site, enter it directly into your browser to be sure you’re visiting the legitimate site, not a spoof.
Web and spam filters and antivirus programs are also useful in keeping you safe in case you do click something you shouldn’t have. For help improving the security on your home PC or at the office, call Geek Rescue at 918-369-4335.