Malware, or malicious software, is computer code designed to disrupt, disable or take control of your computer system. It comes in many forms, usually hidden in another file or disguised as a harmless app. It works by taking advantage of technical flows or vulnerabilities in your hardware OS and software. Malware comes in many forms.
Ransomware locks infected systems until the victim pays a ransom to unlock it. Credential Stealers are used to get usernames and passwords for email and other accounts. Banking Trojans are more specific, targeting your banking usernames and passwords. Key Loggers can record your keystrokes to get passwords, account numbers and more. Attackers can use a set of software tools called Rootkits to get control of your systems.
With a Cryptocurrency Miner an attacker can takeover your computer to generate cryptocurrency, like Bitcoin. If you unwittingly install a Botnet your computer can become part of a network of injected systems used to send spam and launch large scale attacks. To activate most malware requires a key ingredient, people. Attackers must find ways to trick people into running a malicious file, opening an infected file or clicking an unsafe web link.
Stopping malware starts installing Malwarebytes on your computer. Malwarebytes protects you against malware, ransomware, malicious websites, and other advanced online threats that have made traditional antivirus obsolete and ineffective
You hear it all the time: don’t open emails from people you don’t know, and don’t click on links in emails you don’t trust. But that isn’t enough. A lot of times, malicious links can come from friends who have been infected, or from emails that look legitimate, but are actually fake. This is known as phishing.
If you want to be truly secure, it’s best to never click on links in emails. But that’s not always realistic. The middle ground option is knowing how to investigate a link before you click on it.
First, check is if this link goes where it says it goes. If you hover your cursor over the link, the destination should pop up at the bottom of your browser window. If it doesn’t, right-click on the link and select “Copy link address.” You can then paste this somewhere safe such as a new Notepad document and examine it.
If the link says “ebay.com”, but the real destination says “ebay.clickme.com”, something is suspicious, don’t click on it. Remember, just because it has the word “ebay” in it doesn’t mean it’s going to ebay. eBay needs to be before the “.com” to be truly legitimate.
Ransomware bursts in to your PC, encrypts your files and hold them for ransom payment. According to Sonicwall, ransomware attacks rose from 3.8 million in 2015 to 638 million in 2016, an increase of 167 times. You must defend yourself from these malicious thieves who only seek to separate you from your hard earned money.
Some common-sense habits can help mitigate your exposure to malware and ransomware:
- Keep your PC up to date via Windows Update
- Ensure you have an active firewall and antimalware solution in place. A good third-party antimalware solution is recomended.
- Ensure that Adobe Flash is turned off, or surf with a browser, like Google Chrome, that turns it off by default.
- Turn off Microsoft Office macros, if they’re enabled.
- Don’t open questionable links, on a webpage or especially in an email. The most common way you’ll encounter ransomware is by clicking on a bad link.
- Stay out of the bad neighborhoods of the Internet because the risks increase if you’re surfing where you shouldn’t.
For dedicated antimalware protection, consider Malwarebytes 3.0, which is advertised as being capable of fighting ransomware.
Ransomware encrypts and locks up the files that are most important to you. There’s no reason to leave them vulnerable. Backing them up is not an option anymore, so back up your data frequently. When you use an external hard drive to perform incremental backups, detach the drive when finished to isolate that copy of your data. This is VERY important because ransomware will also encrypt any attached drives.
I additionally recommend you take advantage of secure cloud storage provided by Carbonite.
Ransomware is an ominous reminder that people mean you harm. Treat your PC as part of your home by securing it from outside threats and you’ll rest easier knowing you’ve protected.
A new piece of malware is making the rounds using the cloud storage service Dropbox. This ransomware named Petya is reportedly able to lock you out of your computer and forces you to pay ransom to regain access to your files.
According to a report from Trend Micro Petya is being distributed via email. The package is included in a email message from a professional looking for work, which contains a Dropbox link that will supposedly allow the recipient to download their resume.
The file is a self-extracting executable that installs a Trojan which blocks any security software and downloads the Petya ransomware. Once that is completed the real attack gets started.
Petya overwrites the master boot record of the infected computer, causing a blue screen of death. When you try to reboot, you will see a bright red screen with an ASCII skull and crossbones. There’s no way of escaping this because safe mode and system restore points have been disabled.
You are then informed your computer has been locked with a “military-grade encryption algorithm” and only way to get your files back is the dark Web and pay for a key with bitcoin. The going rate is $431, and that doubles if the victim doesn’t pay within a certain time period.
This is a very nasty piece of malware and proves criminals are always developing new methods of attack. To avoid being targeted you must be vigilant about links in emails from unknown senders.
When you’re downloading free programs onto your computer, chances are you’re also installing PUPs, or Potentially Unwanted Programs. Here’s how they get on your computer, what they do, and how to remove them.
If you’re thinking baskets of doe-eyed baby dogs, then you’re sadly mistaken. PUPs is the acronym that stands for Potentially Unwanted Programs. Also called bundleware, junkware, or PUAs (Potentially Unwanted Applications), PUPs are software programs that you likely didn’t want installed on your computer. Why not? Here are a few things that PUPs can do:
– slow your computer down
– display numerous annoying ads
– add toolbars that steal space on the browser
– some collect private information
PUPs often come bundled with software that you did, in fact, want to download. By swiftly clicking through an installation, it’s easy to miss the fine print and “agree” to these extra applications.
So why aren’t PUPs simply called malware? The makers of PUPs felt that since they included the information necessary for consent in the download agreement, they shouldn’t be lumped in with other malicious programs. (‘Cause everyone reads download agreements, right?) So cybersecurity company McAfee came up with the softer, less mal-sounding term “Potentially Unwanted Programs.”
Read the rest of the article here
Adobe released a patch for a critical vulnerability in Flash Player faster than it originally anticipated in response to high-profile cyber espionage attacks against governmental targets.
The most recent Flash Player updates released Friday address a flaw that’s already exploited by a Russian espionage group referred to as Pawn Storm, in addition to two other critical vulnerabilities reported privately to Adobe.
The CVE-2015-7645 vulnerability is actively exploited by the Pawn Storm group in attacks targeting several foreign affairs ministries from around the globe, security researchers from Trend Micro reported Tuesday.
Adobe confirmed the vulnerability Wednesday and initially scheduled a fix for this week. It then exceeded its own expectations and delivered the patch Friday October 16th.
Users of Flash Player on Windows and Mac are strongly advised to upgrade to version 184.108.40.206, and Linux users to version 220.127.116.110. Users of the extended support release should ensure that they’re running the most up to date 18.104.22.168 version.
Along with fixing CVE-2015-7645, the new updates also address two type other vulnerabilities– CVE-2015-7647 and CVE-2015-7648– reported by Google’s Project Zero team.
If left unpatched, all three flaws can allow attackers to execute arbitrary code on affected computers and take control of them.
There is a relatively active virus on the loose called CryptoWall 3.0. People experienced problems with this virus in recent days. The virus attacks .jpg, Office and other files and encrypts them so they’re unable to be opened. Unfortunately, the virus is also considered “ransomware” which means the author attempts to extort users into paying to get the encrypted files unlocked. Reports indicate that the initial ransom starts at $500.00 and the files may remain unavailable even after paying the fee.
My experience shows that multiple anti-virus programs have been unsuccessful at blocking this attack. We’ve also had mixed results when attempting to restore files from backups.
It appears that the virus is primarily being transmitted via normal methods: email attachments and embedded links within emailed documents. As always, be sure you know your sender before opening any attachments and, if uncertain about the message, contact the sender before opening the suspect email. If in doubt, delete the suspect email message. Several users have downloaded .zip, .pdf and .jpg files, plus other file extensions with .exe names. Unfortunately, this is quite common since organizations are reviewing job applicant credentials and are processing orders/tracking shipments: Both of these message types may include file attachments.
The virus has encrypted files on local hard drives, external drives (like backup systems) as well as flash drives and shared network locations. Again, there is no guarantee that we can restore files once they’ve been encrypted.
Once your computer has been infected we’ve see several hints:
1) Your Internet Explorer and/or Chrome browser home pages will be redirected to the Ransomware site.
2) Files with the following names will begin to appear in folders, on the desktop, on the network:
IF you see any of these files or if your browser home page is hijacked to a different location than normal, immediately shut down the computer in order to reduce the risk of further file corruption, then contact me.
Finally, I would not be a bad idea to have several flash drives in use as alternative backup options. Backup any critical files and keep rotating them every three days or so in case the last backup is already corrupted. Unfortunately, if the virus is already on your system then the backups files could be corrupted and useless.
With over 10,000 brand-new viruses reported per week, who wouldn’t like the piece of mind that their data is safe? Some viruses, such as trojans, can open up a back door entrance into your computer, enabling the bad guys to take over your system. From there they can steal your data, or use your computer as part of a “bot-net” to attack more powerful systems.
Other viruses, called scareware, will deceive you into believing that your computer system is seriously infected. Once you pay the “anti-virus” maker, they now have your charge card information to do with as they want. At Ace Computer Guy, our objective is to keep your computer free of threats and ensure the security of your data.
Lockport Il computer repair
Recently a new (zero-day) exploit that attacks Adobe Flash Player and distributed through the Angler Exploit Kit, delivers malware that takes control of your computer to commit click fraud. This exploit is spreading extremely fast and has now been detected on some of the top 500 most visited websites.
I recommend you update to the latest Adobe Flash player, which has been recently patched. Be sure to uncheck the optional offer for the McAfee Security Scan Plus utility if you don’t need it. If you already have good anti virus software installed, you don’t need this extra program
Read More Here