Always Providing You With Ongoing Information

Posts tagged ‘Malware’

UK Researcher Who Stopped WannaCry outbreak Arrested in U.S.

A security researcher Marcus Hutchins, 22, a British national, who in May stopped an outbreak of the WannaCry ransomware has been arrested and detained after attending the Def Con conference in Las Vegas. Hutchins was arrested at Las Vegas airport on Wednesday by US Marshals, several close friends have confirmed.

A Justice Department spokesperson has confirmed on the phone that his arrest is in relation to his alleged role “in creating and distributing the Kronos banking Trojan.”

The indictment was dated July 11, about two weeks before he flew to the US to attend the annual security conference. The Justice Department has been after those involved with the notorious Kronos malware for more than two years.

Hutchins, also known as @MalwareTechBlog, stormed to fame after he found a kill switch in the malware, known as WannaCry, amid a global epidemic of ransomware. Hutchins registered a domain name that stemmed the infection.

He was hailed as a hero for stopping the attack, which gripped UK hospitals and other major industries around the world.

 

 

 

Advertisements

Reporting or Avoiding Malware/Ransomware

knickers3_001

What you should Do

  • Contain the attack: Disconnect infected devices from your network to keep ransomware from spreading.
  • Restore your computer: If you’ve backed up your files, and removed any malware, you may be able to restore your computer. Follow the instructions from your operating system to re-boot your computer, if possible.
  • Contact law enforcement: Report ransomware attacks to the Internet Crime Complaint Center, FBI’s Cyber Division (CyWatch@ic.fbi.gov or 855-292-3937) or an FBI field office. Include any contact information (like the criminals’ email address) or payment information (like a Bitcoin wallet number). This may help with investigations.

Install Reputable Security Software: Your computer should have anti-virus and anti-spyware software, and a firewall. Viruses can be planted in emails or attachments to emails, in programs or files that you download, and even in Web sites that you visit. These viruses have the potential to wipe out your computer files.  Anti-virus software scans everything that enters your computer, looking for these viruses. Spyware is software that tracks your computer activity, gathering information without your knowledge. Anti-spyware software blocks or removes spyware. You may obtain the anti-virus and anti-spyware software separately or as a package. For lists of security tools from legitimate security vendors, visit staysafeonline.org.

Use a Firewall: A firewall is a virtual barrier between your computer and the Internet. Everything coming into or leaving your computer must go through the firewall, which blocks anything that doesn’t meet specific security criteria. Before purchasing separate firewall hardware or software, check your operating system to see if there is a built-in firewall and whether it is turned on.

Update Operating System and Software Frequently: Computer and software companies frequently update their programs to include protection against new security threats. Update your operating system and software whenever new versions become available gives you an added measure of security. If available, activate automatic security updates so you will be alerted when updates are issued.

Avoid “Free” Security Scans: Be suspicious of an offer of a “free security scan,” especially when faced with an unexpected pop-up, email, or an ad that claims “malicious software” has been found on your computer.

Create and Protect Strong Passwords: Create strong email passwords and protect them with the following tips:

  • The longer the password, the tougher it is to crack.  Use at least 10 characters.
  • Mix letters, numbers, and special characters.  Try to be random – don’t use your name, birthdate, or common words.
  • Don’t use the same password for different accounts.  If it’s stolen from you, it can be used to take over all your accounts.
  • Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password.
  • Keep your passwords in a secure place, out of plain sight.

Use a Pop-up Blocker: Don’t click on links or open attachments in emails unless you know what they are, even if the emails seem to be from friends or family.

Use the Spam Filter: Utilize your email program’s automatic spam filter, which reduces the number of unwelcome email messages that make it to your inbox. Delete, without opening, any spam or “junk mail” that gets through the filter.

Backup Important Data: Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.

 

 

Android Users ,There’s A New Malware On The Loose

afro_001

There’s a new type of malware on the loose—and over a million Android devices have already been infected. Although, most of the infected devices are in Asia, 19 percent of them are in America, and 13,000 more devices are hacked each day. It’s the largest breach of Google accounts ever, and it’s definitely cause for concern.

You can pick up the malware aka Gooligan, by downloading seemingly harmless apps from sources other than the Google Play store. Once downloaded, Gooligan gains access to all of your data, including Gmail, Google Docs, Google Drive, Google Play and more.

Even though Gooligan has access to a lot of your personal data, it doesn’t appear to use it. Instead, Gooligan downloads apps from Google Play in a scam designed to collect advertising revenue. These apps may provide Gooligan’s creators with cash for each download or show ads to generate income. Compromised Google accounts may also leave reviews on these fraudulent apps to make them appear more legitimate to other users.

Here’s an easy way to check if you’re infected. Security firm Check Point has created a tool that shows if your email address is among the compromised accounts. If your device is compromised, you’ll want to do a clean installation of Android on your device

How to keep your device secure

  • Install the latest version of Android, including the security patches. Your carrier should provide instructions when updates are available.
  • Don’t download apps from anywhere other than the Google Play store. Newer versions of Android will warn you if you try to download apps from elsewhere. Pay attention when it does!
  • Run a reputable anti-virus application. While anti-virus protection can sometimes be frustrating — anti-virus apps can accidentally identify non-malware as malware — it can help keep your phone secure. Try AVAST, AVG, Kaspersky, McAfee or Norton, all of which are free and known for their solid desktop anti-virus protection.

Watch Out For “Ransomware”

 

Snapshothat8new8_001

A new malware called Ransomware is part of a phishing campaign and sending thousands of ominous-looking emails that contain the recipient’s home address.The email demands money for an arbitrary service, along with a link that purports to be an “overdue invoice.

When you click that link and open the file (which looks like a Word document), and you’ll become the latest victim of Ransomware — that is, malware that encrypts your files and locks you out of your computer until you pay a ransom.The longer you wait, the larger the ransom you must pay.

More Reading here

 

Syrian Electric Army Hacked CNN

Snapshotwinter5_001

 

Hacker aka “Th3 Pr0,” decided to hack CNN when saw something on Twitter he did ‘nt like.  A recent report that alleged Bashar al-Assad’s regime is guilty of “systematic torture and killing” of thousands of detainees. Th3 Pro and another  hacker of the Electric Syrian Army sent their first fake tweet from CNN’s official Twitter account. More fake tweets included @NatlSecurityCNN@CNNSitRoom and @CNNPolitics. as well as CNN’s official Facebook page.

It seems that hackers got control of  CNN’s social-media by relying on a wave of phishing emails to CNN employees. The emails were well written in good English and contained links that looked legitimate and appeared to come from real CNN email addresses. Researchers say the Syrian Electric Amy’s attack on CNN was highly effective, and that similar hacks will continue until employees learn to detect suspicious emails, avoid clicking on links without double-checking them first and never give up their credentials.

Tag Cloud

%d bloggers like this: