New Malware Petya Locks Down PCs Until Ransom Is Paid

malwareA new piece of malware is making the rounds using the cloud storage service Dropbox. This ransomware named Petya is reportedly able to lock you out of your computer and forces you to pay ransom to regain access to your files.

According to a report from Trend Micro Petya is being distributed via email. The package is included in a email message from a professional looking for work, which contains a Dropbox link that will supposedly allow the recipient to download their resume.

The file is a self-extracting executable that installs a Trojan which blocks any security software and downloads the Petya ransomware. Once that is completed the real attack gets started.

Petya overwrites the master boot record of the infected computer, causing a blue screen of death. When you try to reboot, you will see a bright red screen with an ASCII skull and crossbones. There’s no way of escaping this because safe mode and system restore points have been disabled.

You are then informed your computer has been locked with a “military-grade encryption algorithm” and only way to get your files back is the dark Web and pay for a key with bitcoin. The going rate is $431, and that doubles if the victim doesn’t pay within a certain time period.

This is a very nasty piece of malware and proves criminals are always developing new methods of attack. To avoid being targeted you must be vigilant about links in emails from unknown senders.

New Zombie Making Exploit Discovered

 anti malwareRecently a new (zero-day) exploit that attacks Adobe Flash Player and distributed through the Angler Exploit Kit, delivers malware that takes control of your computer to commit click fraud. This exploit is spreading extremely fast and has now been detected on some of the top 500 most visited websites.

I recommend you update to the latest Adobe Flash player, which has been recently patched. Be sure to uncheck the optional offer for the McAfee Security Scan Plus utility if you don’t need it. If you already have good anti virus software installed, you don’t need this extra program

Read More Here

Unwanted Programs Bundled With Downloaded Programs

pupsPotentially unwanted programs, also known as PUPs, are a real threat. A July 2014, blog post on CERT.org shows the pervasiveness of such programs on search engine results, software portals, popups, ads, etc.

 

 

Hi, it’s Will. We are all probably annoyed by software that bundles other applications that we didn’t ask for. You want a specific application, but depending on what the application is, where you downloaded it from, and how carefully you paid attention to the installation process, you could have some extra goodies that came along for the ride. You might have components referred to as adware, foistware, scareware, potentially unwanted programs (PUPs), or worse. Sure, these may be annoyances, but there’s an even more important security aspect to these types of applications: attack surface.

Recently I was working in a virtual machine, and I needed to extract an archive. 7-Zip seemed like a reasonable choice, so I used the default search engine in the default browser in the virtual machine.

I encountered quite the minefield, and I hadn’t even gotten to the point of downloading anything yet! It’s not that any of the sites outlined in red are necessarily malicious, but rather, if 7-zip is installed from any of those sites, I will likely end up with additional unwanted software. This got me wondering about what sort of software other folks might be downloading.

There are sites that are known for bundling installers for the purpose of generating advertising revenue, such as Download.com, Softonic.com, or Winstally.com. Let’s look at a single download from one of the many sites where you can download software, in particular, KMPlayer from CNET Download.com. I chose this application from the list of popular downloads that Download.com provides. In any given week, this application is downloaded approximately half a million times.

Read The Rest Of the Article Here

Call Ace Computer Guy to remove potentially unwanted programs from your computer.

Windows Custom Settings Is A Fake Anti-Virus Program

Windows Custom SettingsI am going to be as concise as possible. Windows Custom Settings is a fake anti-virus program with the only purpose of its existence is to scare you by displaying nonexistent security threats and convince you pay for the imaginary services it offers.

How do you know you’ve been attacked by it? Well, if you start noticing annoying pop-ups, occasional system crashes, slow system performance, unexpected loading of web pages or blocking exe files from running, then you may infected.

Here’s a word of advice – don’t take seriously any of the alerts or scan results it shows you because none of them are true. And what you should do is stay away from this application, and in case this advice comes a bit too late, then get rid of this bogus anti-virus program as soon as possible.

Use the best anti virus software available. I recommend Avira antivirus software.