August 21st, 2014
Google’s Chrome browser includes a number of useful features itself, but it also offers the opportunity to add features and capabilities through extensions. There are thousands of options for extensions offering a variety of functionality. Not all of these extensions are trustworthy, however. At Tech World, Jeremy Kirk reports that about 10-percent of Chrome extensions examined by security researchers were deemed either malicious or suspicious.
Researchers began looking closely at extensions due to concerns that they are the next attacking point for cybercriminals because of the potentially valuable information available through compromised web browsers. After examining 48-thousand extensions, researchers found 130 that were outright malicious and another 4712 suspicious extensions.
The flagged extensions were capable of various misdeeds, including affiliate fraud, credential theft, advertising fraud and social network abuse.
Much like malicious apps, extensions are granted permissions that give them a great deal of power. Malicious extensions have been observed intercepting web requests from the browser and injecting JavaScript into web pages. Researchers hope that the results of this study help to make clear that extensions need to be more limited.
If you’ve installed a malicious extension, you also won’t know about it right away. The extensions are designed to stay dormant until you visit a specific type of website. Even then, a typical user may not notice any malicious or suspicious behavior.
Google has already reacted to these findings and is attempting to make it harder for unofficial extensions, like those found outside of their Web Store, to be installed. It’s likely more changes will be implemented soon so that Google can exert even more control over extensions.
While some of the flagged extensions weren’t harmful to users, they still displayed activity that was suspicious in nature, like changing ads on a site. Some of these extensions have been downloaded millions of times.
If you’ve installed any extensions from outside of Google’s Web Store, your safest option is to uninstall it immediately. If you feel your computer has been compromised and may still be infected by malware, call Geek Rescue at 918-369-4335.
For your business solution needs, visit our parent company JD Young.
August 18th, 2014
Cryptowall is the latest ransomware malware to be claiming victims. Much like CryptoLocker, Cryptowall encrypts the files on a victim’s computer and demands a payment to decrypt those files. This malware is usually spread as an attachment on spam emails. A post at Spyware News details the Bank of America email scam that’s currently spreading Cryptowall.
If you’re not a Bank of America customer, it’s easy to ignore messages claiming to be from the bank about your account. Those that do have active accounts find the messages more believable, however.
Users are reporting seeing emails claiming to be from Bank of America with an attachment. The emails are from “Andrea.Talbot@bofa.com” and advises the user to open the attachment because it contains information about their account. The email contains an office phone number and cell number with an 817 area code and even includes a standard confidentiality notice at the bottom. The email appears to be legitimate except for the fact that no bank, much less on the size of Bank of America, would send confidential account information to customers this way.
The attached file is named “AccountsDocument.zip” but those that download it quickly discover that it’s malware. Specifically, it’s the Cryptowall virus that encrypts files.
For the time being, be extra cautious about opening any emails from Bank of America and don’t download any attachments. If you have questions about an email, always contact the institution named in the email directly, rather than downloading attachments or following links provided.
Unfortunately, if you’ve become infected by Cryptowall, or a similar virus, there’s often no easy way around it. If you’ve recently backed-up your system, you can restore the encrypted files after the malware has been removed. Otherwise, you may not be able to recover the encrypted files.
If your device is infected with malware of any kind, call Geek Rescue for help at 918-369-4335.
For business solutions needs, visit our parent company JD Young.
August 15th, 2014
Google’s Chrome browser has always been a leader in safe and secure browsing. If you’ve used Chrome before, you’ve likely been confronted with a warning that a page you’re trying to visit isn’t safe. You may have even seen a warning about a potentially malicious file attempting to be downloaded. On the Chrome blog, Google recently announced their latest addition to their Safe Browsing service, which expands its protection against suspicious downloads.
In current versions of Chrome, users are warned if a file they’re attempting to download contains warning signs that it might actually be malware. Starting soon, Chrome will automatically block malicious downloads. This will also now include downloads disguised as helpful that make “unexpected changes”. That refers to applications that change your browser’s homepage, or desktop, or add tool bars without your knowledge or consent.
When Chrome recognizes any of these types of files being downloaded, a warning will be shown informing the user that the download has been blocked. There’s certainly the possibility that a blocked download was actually legitimate, however, so users will have the option of restarting the download from their Downloads list.
Tools like this help keep malicious files off of your computer, but users shouldn’t rely on them completely. The best way to stay safe and secure is to stay away from low quality websites and to be cautious about downloading anything. These tools are a good safety net, but your browsing habits should be the first line of defense.
If any of your devices have been infected with malware, or just need a tune-up, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 13th, 2014
In the past, most forms of malware would not run on virtual machines, which was a way to avoid detection and study. That now seems to be changing, however. Jeremy Kirk reports at Computer World how malware has changed its tactics and why malware producers are now interested in infecting VMs.
To understand the reasoning behind wanting to infect VMs, you only need to understand that most malware is created to infect as many users and environments as possible. If there’s a limitation that the malware won’t run on VMs, that greatly limits the potential for infection. This is particularly true with VMs becoming more typical in many businesses’ infrastructure.
Instead of ceasing operations on VMs, malware now is being produced with the goal of moving from a virtual machine to its host server, which could then give it access to many more environments.
Malware is typically easy to detect if it begins executing immediately after being downloaded, however. So, to avoid detection on VMs, malware comes with a delay. Before decrypting and launching their payload, malware waits a few minutes, or until a specified number of left mouse clicks are made by the user. This is usually enough time for security programs to label the file as harmless and move on.
Over the past two years, security firm Symantec studied 200-thousand samples of malware and found that only 18-percent stopped working on a virtual machine. While this does introduce the possibility of malware spreading from VMs to servers, it also creates an opportunity for researchers. Now, they’ll be able to study malware in a detached environment.
Unfortunately, since 18-percent of malware still disappears on a virtual machine, hardware is still needed to be sure that all infections are found.
For help removing malware from your devices, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 12th, 2014
Have you ever thought that Facebook would look better in a different color than the traditional blue? Many users have had that thought and have attempted to add a Facebook app to their profile that would allow them to change the color of their personal Facebook experience. As Dave Smith reports for Business Insider, the Facebook Color Changer app is malware that sends everyone who clicks on it to a phishing website.
More than 10-thousand users have reportedly been affected by the color changer app. Users who click through to the malicious phishing site have their Facebook logins stolen so the scammers can spam their friends with more fake offers.
Additionally, some users have reported that the website they’re directed to also asks them to download other files. Differing reports say users are directed to download a video or another app. These files are also malicious but so far it’s unclear what kind of damage they’re capable of.
If you’ve mistakenly added the color changer app to your Facebook profile, or any other app that you need to remove, you can do so by visiting the Settings menu. That’s the one with the small lock icon in the top right corner. From there, click on ‘Apps’ in the menu on the left and find the apps you want to remove in the list. Click the ‘X’ by the app name and it will be removed.
In the case of the color changer app, you’ll also want to run a full virus scan of your computer and change your Facebook password.
If you’re still interested in changing the color of Facebook, there are more legitimate ways of doing it. If you’re using Chrome there are add-ons available that can change Facebook’s color scheme. Always do some research before adding extensions or apps of this nature, however, as they’re ripe targets for scams.
If your computer, or other device, has been infected with malware, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 11th, 2014
Having your smartphone stolen is bad news for a number of reasons. Beyond the fact that you now have to replace your phone, you also run the risk of having valuable data stolen from it. Texts, pictures, passwords and other files are all vulnerable when your smartphone is stolen or even lost. But, there are ways to protect your data before this scenario plays out. At Gizmodo, David Nield explains a few methods for securing your smartphone’s data so a thief can’t access it.
Every smartphone includes the option to lock the screen, but an estimated half of users don’t use any type of lock function. This becomes especially problematic when your phone is stolen, or you just leave it behind or unattended for a few minutes. Many users are reluctant to put a lock in place because they don’t want to have to enter their PIN each time their screen goes to sleep. But, for Android users, there are apps available that only put locks in place when you leave your house or workplace. Or, you could use a lock pattern instead of a number combination. Anything is better than leaving your phone completely vulnerable.
Much like lock screen functions, remote features that both wipe your smartphone’s data and locate the device are available to all users. They just need to be set up or activated. Unfortunately, many users either don’t know about them, or fail to activate them before they need them. Apple, Android and even Windows phones all have the capability to be remotely wiped and located in the event they’re lost or stolen. Do some research and make sure you’re prepared with your device.
Keeping strangers from poking through your phone is half the battle, but the other half is getting that data back. If you regularly create back-ups of your most important files, you’ll never have to worry about losing them. This comes in particularly handy if you find yourself needing to remotely wipe your phone. You can do so even if you’re not positive it’s been stolen because you’ll have back-ups of everything readily available.
It’s also a good idea to change passwords on accounts you have an app for, like social media or banking apps, to keep strangers out. You can also look into two-factor authentication to make accounts safer, but that won’t help as much in the event that someone else has control of your device.
If you need help securing any of your devices, or your having other issues with them, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 8th, 2014
Earlier this year, malware called Lurk was discovered infecting users with vulnerable versions of Adobe Flash. That same malware continues to count victims, but has altered its tactics slightly. At Dark Reading, Kelly Jackson Higgins reports how Lurk is embedding malicious code inside an image to infect users.
Steganography is the term used to describe this type of attack and it’s one that’s well-known in the intelligence and security community. In this particular scheme, iFrames on websites are used to infect users with security flaws in their version of Adobe Flash. This would be users who haven’t updated recently. Popular and legitimate websites were used to spread this malware. Rather than downloading a malicious file, which can be easily spotted by antivirus programs, Lurk is downloaded as an image with malicious code embedded within it.
Experts say this method isn’t complex, but because it’s difficult for security applications to spot it, it can be extremely effective. Attackers using this scheme have reportedly infected 350-thousand users over just a few months and netted hundreds of thousands of dollars in profit.
The profit comes in the form of click-fraud. The image file that a user unknowingly downloads contains an encrypted URL, which is used to download more files. Those are used to earn clicks on ads and websites that in turn make the attackers money.
The Lurk attack remains active and experts believe steganography will be used in more attacks in the coming months. To protect yourself, make sure to update and patch all programs, especially Adobe Flash, each time an update becomes available.
If you’ve been the victim of an attack, call Geek Rescue at 918-369-4335.
For your business solutions needs, visit our parent company JD Young.
August 7th, 2014
Last year around this time, the media was buzzing about the impending reveal of the latest iPhone, the 5S. This year, Apple seems to be following a similar schedule and is set to reveal details of the iPhone 6 in about a month. While no one knows for certain what details the iPhone 6 will feature, there are some educated guesses available. At Gizmodo, Adam Clark Estes lists what you can expect the newest iPhone to include and when you can get your hands on it.
It seems fairly obvious that the newest iPhone will be dubbed the iPhone 6, but this year’s release is a little different than in the past. Apple is reportedly planning to unveil two models of their latest smartphone at the same time. Each will have a different size, a 4.7-inch screen and a 5.5-inch screen, so it’s unclear how they’ll be named. One popular guess is that the smaller display version will get the name iPhone 6, while the larger display, which could also include beefier specs, will be called iPhone 6 Air.
Remember when smartphones began using Gorilla Glass for their screens and you were told that it could withstand anything and wouldn’t shatter? Turns out, as evidenced by everyone’s cracked iPhone screens, that wasn’t the case. Now, a new, sturdier alternative is available for smartphone screens. It’s called sapphire glass and Apple has already invested in it heavily so it seems clear that they plan to use it in their devices soon. It’s reportedly stronger than steel and harder than Gorilla Glass, which is supposed to make cracked screens a thing of the past.
The fact that the battery will be improved in the iPhone 6 seems like a foregone conclusion, but the question remains just how much of an upgrade Apple will make. The iPhone 5S lags far behind the batteries featured in other flagship smartphones like Samsung’s Galaxy S5. The likely conclusion is that even the iPhone 6’s battery will fail to meet that lofty standard. It’s likely that the smaller iPhone 6 will get a slight bump in battery capacity, while the larger model gets a more significant increase, but stays far from the top of the line battery seen from other manufacturers.
With the release of a new smartphone also comes the release of the latest operating system, iOS 8. There’s far more known about the newest iOS than there is about the iPhone 6 because its been made available to many in the media already. The look and feel is largely the same as iOS 7, but there are some interesting new features including HealthKit, which can sync with wearable devices and deliver in-depth information about the user’s health. There are also improvements with the Camera app, continuity between devices and compatibility with third-party keyboards.
The estimated cost of the iPhone 6 models can only be based on previous releases, but Apple has generally stuck to the same ballpark upon release. With 2 models available, especially with one featuring the large screen users have been asking for, it’s likely that the 5.5-inch model would start at about $300 with contract for the smallest hard drive. The 4.7-inch model would likely be about $200 for a similar hard drive. The release of the iPhone 6 will also bring down the cost of previous iPhones, however, so if you don’t need to be on the cutting edge, you could get a great bargain. The iPhone 5S will likely drop to $100.
The public will get their first official look at the iPhone 6 on September 9th, with the first opportunity to buy expected to be around September 19th.
At Geek Rescue, we fix smartphones of any make and model. If you’re having issues of any kind, call us at 918-369-4335.
And for your business solution needs, visit our parent company JD Young.
August 4th, 2014
An initiative in New York City would turn largely abandoned pay phones into WiFi stations to supply residents with free internet access. On the surface, this seems like a great deal, but there are inherent security risks connected to a free WiFi network. At Computer World, Evan Schuman discusses the potential dangers of a city-wide WiFi network and some dangers to be aware of for free WiFi in general.
The first aspect of such a network to be concerned about is who is providing it. Among the vendors that were invited to bid on New York’s proposed project were companies notorious for using and selling their users’ data, including Google. With no limitations in place, the vendor supplying these WiFi stations would be able to track users’ locations, what devices on the network are being used for and potentially even what is being transmitted over the network. All of this available data would likely be used or sold for advertising. But what happens if someone besides the vendor wants to steal this data?
In a city-wide WiFi network, users would never know who else was connected and positioned to steal anything transmitted over that network. For the same reasons that its dangerous to send important emails or make online payments in a coffee shop, it would be inadvisable to use a city-wide WiFi network for anything beyond casual web surfing. Even logging into social media sites could lead to attacks or hacks down the road.
Now think of these issues from a business viewpoint. Many employees are walking around with sensitive data on mobile devices. This company data becomes extremely vulnerable on an unprotected wireless network. This proposed network in New York, which other cities across the US are also considering, would be largely unprotected because it would be free to anyone, regardless of device or service provider.
There are options for security, even when connecting to a vulnerable network. Most notably, VPNs, or Virtual Private Networks can be used to keep other users from accessing your data. For Apple devices, the next operating system, iOS 8, is rumored to include security features to keep users safer on public WiFi. Still, there are plenty of concerns.
For help securing your own wireless network or device, or to recover from an attack, call Geek Rescue at 918-369-4335.
For business solution needs, visit our parent company JD Young.
August 1st, 2014
Waiting for a website to load is frustrating, which is why web browsers use a cache component. The cache stores bits of information from websites you’ve visited in the past so it can load them locally, rather than having to get them from the server again. However, using the cache isn’t always in your best interest. If a website has updated since you last visit, your cache may be loading an outdated version, or be unable to load the page completely. To prevent these cache errors, it’s recommended that you regularly clear it, as well as your cookies. A post at the Stott blog explains how to go about clearing your browser’s cache. Here are the details for the most popular browsers.
With IE open, click the gear icon in the top right corner. Then, find “Safety” in the menu and select “Delete browsing history”. This will bring up a window with a number of options. For this particular task, uncheck each option except “Temporary Internet files” and “website files” . Then click the “Delete” button and your cache will begin to be cleared. If it’s been awhile since this was done, it could take a few minutes before you can go back to using your browser as usual.
With Chrome open, click the menu button in the top right corner. From that menu, select “Tools” then “Clear browsing data”. This brings up a menu allowing you to select what types of files you’d like to delete and also how far back you want to delete them. Select “beginning of time” if you want to start over completely fresh. Hit the “Clear browsing data” button when you’ve made your selections and then sit back and wait.
In the Firefox browser, you’ll click the menu button and choose “Preferences”. This brings up a window where you’ll navigate to the “Advanced” tab, then click on “Network” and select “Clear Now” under the “Cached Web Content” section. Firefox also includes a feature that allows you to automatically clear the cache each time the browser is closed. To enable it, select the “Privacy” tab from the “Preferences” window. Then, in the “History” section, make sure it reads “Firefox will use custom settings for history.” Check the box next to “clear history when Firefox closes” then click the “Settings” button. This opens a window where you can select the type of files to be deleted. Check “Cache” and any other files you want to automatically delete and then click “OK”.
For Mac users with the Safari browser, there are a number of ways to clear your history. If you want to delete all files, go to “History”, select “Clear History” and click “Clear”. To set the history to delete automatically, go to the “Safari” menu, choose “Preferences” and click “General”. Choose the option you want under “Remove history items” and you’re done.
Clearing your web browser’s cache is routine but necessary maintenance.
For more serious issues, call Geek Rescue at 918-369-4335.
For business solutions, visit our parent company JD Young.