January 8th, 2014
Ransomware is malware that takes control of a user’s computer and demands a payment to decrypt files. The most famous example of malware is currently Cryptolocker, which first began infecting users last fall. Since then, similar forms of ransomware have been springing up more and more, like the copycat Cryptolocker that targets P2P users. Danielle Walker of SC Magazine reports that the latest form of ransomware hasn’t yet been released, but is expected to be even more dangerous than Cryptolocker.
The name of the new malware is Prison Locker or Power Locker. Security experts first learned of its existence by monitoring underground forums where hackers gather to produce and sell their malware.
Prison Locker performs similarly to other ransomware. When a user is infected, a display window opens that can’t be exited. Other functions of Windows are disabled, as well as the user’s Escape key, Task Manager and Control-Alt-Delete. A user is locked out of their own computer and told they have to pay to regain control. While they’re locked out, files are also encrypted making it impossible for users to access their own data.
The reason many are calling Prison Locker and bigger threat than Cryptolocker is its use of more complex encryption. Prison Locker uses multiple encryption levels. The first of them, called BlowFish, generates a new key for each file it encrypts. That means it has to be broken, or decrypted, one file at a time. In addition, each BlowFish key is encrypted through another method with a unique key for each computer infected. All of this encryption is perceived to be “unbreakable”.
The current asking price for Prison Locker is $100, which suggests it will be widely used soon. The other takeaway from these reports is that ransomware is on the rise. Because of its invasive nature and the ability to directly profit off of each infection, criminals will be using ransomware more often and producing more throughout 2014.
If your computer is infected with any type of malware, call Geek Rescue at 918-369-4335 for help.
December 30th, 2013
The malware being used by hackers and their tactics are changing all the time. Throughout 2013, we’ve seen new threats emerge. Robert Lemos of Dark Reading lists some of the advanced attacks we saw in 2013 and how businesses should be changing their security infrastructure to protect against similar attacks in the future.
This form of ransomware began infecting users over the summer. Since then, it claimed an estimated 200-thousand victims in its first 100 days in the wild. Cryptolocker encrypts files stored on a user’s computer and demands a ransom before giving the key to decrypt. For businesses, educating users on how to avoid malware is imperative. Unlike some other forms of ransomware, Cryptolocker is not a bluff and will encrypt and destroy files if no payment is given. The best way to prevent that damage is to avoid malicious files from ever reaching your network.
This year, we saw more instances of attacks filtering through service and technology providers in order to reach their intended targets. This was demonstrated by the Syrian Electronic Army’s headline making attacks against the New York Times and other media outlets. In the New York Times attack, hackers tricked the domain registrar to transfer ownership of ‘nytimes.com’ to them. For businesses, this underscores the importance of selecting the right suppliers. Not only do you need to be wary of who you are working with, but you also need to be able to monitor them in real-time to stay ahead of any emerging threats.
Distributed Denial of Service attacks have been around for years, but 2013 saw them grow in size and scope and also become harder to recognize. Hackers use these attacks to flood websites and applications with requests, which either cause them to shut-down, or at least cause them to slow down and make it difficult to respond to legitimate requests. To increase the capabilities of DDoS attacks, hackers have begun to use reflection attacks, where mis-configured servers amplify the size of an attack. This is a threat that not only isn’t going away, but it’s increasing in frequency. Being aware of the capabilities of DDoS attacks and having a plan in place in case your organization is targeted is important.
These are threats that all businesses need to be prepared for and plan for. There are a number of ways to secure your organization, and each threat demands a different action.
For help with your company’s security, contact Geek Rescue at 918-369-4335.
December 11th, 2013
Ransomware has been a concern for internet users for some time now, but experts are predicting that the malware will affect more victims than ever before in 2014. As Warwick Ashford of Computer Weekly reports, hackers are producing malware kits that allow ransomware to be created more easily.
Ransomware is a type of trojan malware. It locks a computer or encrypts the data stored on it and demands a payment to unlock or decrypt it. The specific tactics taken are different from attack to attack, but usually victims find that their payment doesn’t restore their computer.
Researchers have discovered conversations on hacking websites about malware kits that make it easier to produce ransomware. These kits allow criminals without advanced knowledge of hacking to produce dangerous malware and even come with technical support. Kits can be used to produce all kinds of malware and the recent rapid rise of malware production is being attributed to their existence. Experts expect more ransomware to be produced with malware kits because it is an attack that directly leads to a payout, unlike other threats that require multiple steps to become profitable.
The best way to protect yourself from ransomware and other malware is to prevent it from infecting your computer in the first place. Be extremely cautious of untrusted email attachments and links in the body of emails. Try not to visit any untrusted websites and trust your browser when it warns you about potential dangers.
It’s also important to keep all applications, especially your antivirus program, updated. Backing up files is also helpful so that if some files are encrypted or damaged, you’ll be able to restore them.
If your computer is infected with malware, don’t pay a ransom. Bring your device to Geek Rescue, or call us at 918-369-4335.
December 6th, 2013
Looking back at the year in cyber threats, 2013 featured a number of new innovations that allowed hackers to compromise security, infect systems and steal data. Adam Kujawa of Malwarebytes recently published his list of the biggest threats to your security in 2013. The threats included in this list are important to know because they’re likely to continue to be used throughout 2014, as well.
Ransomware wasn’t new in 2013, but hackers have used it to inflict more damage this year than ever before. This particularly scary brand of malware is capable of locking down a user’s computer and encrypting their personal files. A payment is then demanded to restore the system, but most users find that even after paying their computer is still useless. This year, many forms of ransomware were disguised as government agencies investigating a crime. In some instances, an individual’s webcam was hijacked so an image of the user could be displayed along with a note claiming that their internet history included some illegal activity. Because of it’s jarring nature, law enforcement has cracked down on ransomware and production seems to be down.
Making its debut in September of this year, Cryptolocker did an astonishing amount of damage in a short time. It’s a form of ransomware that demands a payment to decrypt your files. The difference is, Cryptolocker does a better job encrypting files than most ransomware. It actually uses a double encryption, which is so strong it would take a normal desktop system an estimated 6.4-quadrillion years to break it without a key. Needless to say, no one has broken the encryption yet. Cryptolocker also puts a time limit on a user’s decision. They’re asked to pay for the key to decrypt their files, but if they don’t make a payment within a day or two, the key to the encryption is threatened to be erased from its remote storage. Currently, the best way to stop a Cryptolocker attack is to keep it from infecting your computer in the first place.
With more and more users with smartphones, it was expected that more malware would be produced specifically for the mobile audience. There was more mobile malware produced in 2013 than any previous year and most of that was for the Android operating system. Threats included malware that could make texts and phone calls without the owner of the phone knowing and malware that spoofed banking security precautions to steal log-in information. There were also instances of a smartphone’s camera being hijacked. The capabilities of malware for smartphones will only increase with time and, unfortunately, many users continue to use a smartphone with little to no security in place.
Potentially Unwanted Programs, or PUPs, are certainly not new, but 2013 saw them become much more harmful than ever before. Seasoned internet users will have dealt with PUPs before as an inclusion with other downloads or as something they never meant to download in the first place. Commonly, a toolbar or search agent will appear that a user doesn’t actually want, but, except for being a nuissence, it doesn’t do any real harm. In 2013, these PUPs began to include a Bitcoin miner, which could potentially cause significant damage to some types of systems.
New threats pop-up every day. That’s why it’s extremely important to keep antivirus programs and other security software up to date with the latest definitions. All applications need to be regularly updated to close off security holes that have been exploited in the past.
If your system is infected with malware, or you’d like to improve your device’s security before it’s attacked, contact Geek Rescue at 918-369-4335.
November 21st, 2013
Spam emails began as a nuisance, but one that ultimately wouldn’t harm your computer. Since those early days, spam has evolved to be much more malicious. Now, spam often is the first step to infecting your machine with malware, trojans, keyloggers and viruses. Spam can be used to steal your identity and hold your computer for ransom. Jeff Orloff of The Email Admin posted some threats to be on the look-out for and some tips for how to stay safe.
Cryptolocker is the latest threat making headlines. The trojan is a form of ransomware that first surfaced in August. Most commonly, it stems from an email attachment that infects the victims computer when it’s downloaded. The cryptolocker is then able to encrypt certain types of files on your system and holds them for ransom. To decrypt the data, a payment is required. Often, there is a deadline that goes along with this demand for money. While some users report they’ve paid the ransom and their files were encrypted, others have paid and seen no results. Unfortunately, even professionals struggle to decrypt files that have fallen victim to a cryptolocker.
In less than a week, more than 12-thousand users reported being infected by a cryptolocker in the US. This isn’t the only threat to your security that strikes through email. Cryptolocker is just the latest.
Email security is essential for both your business or your home network. There are a number of options for enhanced email security, but regardless of what you choose, make sure it includes some vital features. Your security software should scan incoming email for known threats and separate those that are potentially harmful. Email protection has to be more intelligent than ever to properly protect you. Spammers are constantly updating their tactics to get around spam filters.
Geek Rescue offers a number of options to keep you safe from the latest cyber threats. Call us at 918-369-4335 to find out how we can protect you.
July 24th, 2013
We’ve all been conditioned to be afraid of viruses on our computer and for good reason. Viruses slow down performance, cause crashes and cost you money. Drew Pindle recently addressed this topic for Digital Trends and revealed why it’s a good idea to learn some tell-tale signs that you may have a virus hiding on your computer, how to get rid of it and how to avoid getting it in the first place.
One of the most obvious signs that you’ve got a virus is pop-ups. To be fair, even with a well-configured, up-to-date web browser, you could still see a couple pop-ups now and then. This doesn’t necessarily suggest you’ve got a virus. However, if you’re seeing pop-ups when you aren’t even using your browser, a virus is the likeliest reason. There are a number of malware removal tools available to help you in this case. For a thorough cleaning, call Geek Rescue and they’ll remove the malware from your computer to stop the annoying pop-ups.
Another sign of a virus is learning that your email or social media account sent out messages without your knowledge. Many of us have been the unfortunate victim of a hijacked, or hacked, email account. There are few things that make you feel as frustrated and helpless as learning your email spammed your entire address book. Viruses often do this as a way to spread to other computers. If you notice your email or social media account has been hijacked, change your passwords and scan for viruses. Consult the experts at Geek Rescue to help keep your email safe and eradicate harmful viruses.
This is one of the scariest virus signs. Ransomware does exactly what the name suggests. It holds your computer hostage and asks for payment. Usually, a message takes over your screen, which can even include an official looking government seal, informing you that your computer has been locked down until you pay some sort of “fine”. If this happens to you, don’t reveal any payment information because this is a scam. Unfortunately, it’s incredibly difficult to recover from this type of takeover. You’ll need a rescue disk, or the professionals at Geek Rescue. They have experience with ransomware and get you back on track quickly.
If you find your computer has grown sluggish and suddenly freezes or crashes often, that’s another sign of a likely virus. Your computer could deteriorate over time on its own, but if it goes from being fine one day to almost unusable the next, a virus is probably the culprit. Most likely, this virus can be spotted by opening task manager and looking for any suspicious programs that are running.
You may find that task manager, or other essential programs, won’t open on your computer. That’s probably because a virus is blocking them. They could even be blocking your antivirus software, which makes it a difficult fix. Bring your computer to Geek Rescue to get your computer cleaned and protected against future infections.
If you’ve made it this far into the article without any of these symptoms sounding familiar, you may be thinking your computer is completely clean. You may be right, but it’s just as likely that you have a particularly well-crafted virus hiding from you. The most effective and dangerous viruses don’t announce their presence. Instead, they infect your computer without noticeably affecting anything. In fact, some viruses have even been programmed to delete other malware to keep antivirus software from detecting an infection. To make sure your computer is infection-free and you’re safe, bring your computer to Geek Rescue to get your computer cleaned and protected against future viruses. Come by or call us at 918-369-4335.
July 17th, 2013
You’re at home surfing the web, as you’ve been known to do. You follow a couple of interesting links and suddenly find yourself in a dark corner of the internet. A page appears in your browser claiming to be controlled by the “FBI Cyber Department” or “FBI Cybercrime Division”. They tell you they’ve seized control of your browser, recorded your activities and you will face legal action unless you pay a sizable fine. To show they mean business, they flash a pop-up of displaying your current location.
Now what do you do? Attempting to leave the page only causes the cycle of messages to start over and trying to close the browser proves fruitless. Paying the fine, however, would be just as pointless.
This site is a scam, as you may have already guessed. It’s accurately called ransomware because of the way it holds your computer hostage and demands payment. Previously, we warned you about a virus that similarly locks down your computer. The virus is difficult to get around, but there are some things to try if you come across a ransomware site, as Topher Kessler details in his post at Cnet.
Because this site is based off a relatively simple JavaScript code, it can be thwarted by disabling JavaScript in your browser. This will be an option found in the settings. Once JavaScript is disabled, the window can be closed like normal.
If you can’t find the JavaScript option or don’t want to go that route, force quit the browser. Unfortunately, your browser may automatically take you to the last page of your previous browsing session, which puts you back where you started. There are ways to disable this function, however.
If you happen to be using Safari, simply reset it from the application menu. These simple fixes will allow you to regain control of your browser and your computer. If you continue to experience trouble or want to safeguard against other malicious attacks, Geek Rescue is always here to help. We have the experience and know-how to restore your computer after any attack and safeguard it for the future. Come by or call us at 918-369-4335.
July 12th, 2013
The FBI virus has been making plenty of headlines in the past few weeks. Since it’s capable of locking down your computer and attempts to extort money from its victims, there’s good reason for the media frenzy.
The virus, part of a classification called ransomware, uses an official looking FBI seal to make victims believe their computer has been locked due to illegal activity. A ransom is asked for to unlock the computer and keep the victim out of prison. A giveaway that the virus is a tool of scam artists is revealed, however, when the only acceptable payment method is an untraceable, prepaid credit card.
It’s frightening to think criminals from an ocean away can hijack your personal computer and demand money to let it go. Recent reports of FBI virus sightings reveal even more sinister characteristics though. As reported by an NBC affiliate, one teenager in a Chicago suburb says the virus first showed images of child pornography on her screen, then used her webcam to take her picture before locking down her computer and demanding $450.
Similar reports are cropping up all over the US. SILive has a story of an FBI virus victim in New York. WKMG in Orlando reported another case of the FBI virus in Florida, but this one had a slight twist. After the victim’s computer was locked down, a number listed as belonging to the Department of Justice appeared and connected the man to an accented voice claiming to be able to fix his computer for a fee of $189.95.
Officials warn that the virus likely infects your computer when you click on an email from an unknown sender or visit a harmful website. It then uses fear-based tactics to attempt to steal your money or personal information. The FBI virus is just like any other virus, however. It can be cleaned and your computer can be restored. The FBI, that’s the real FBI, recommends seeking help from a professional so you can be sure the virus is gone. Geek Rescue specializes in the identification and eradication of computer viruses. They save you from viruses like the FBI virus and safeguard your computer with the latest antivirus software to keep you safe. Call a Geek Rescue at 918-369-4335.