Author Archives: Paul Rosarius

Global police operation disrupts aggressive Cryptolocker virus

US authorities named Russian national Evgeniy Bogachev as the face of a malicious software scheme responsible for stealing millions from people around the world, after a successful campaign to disrupt two major computer networks.

Digital police from across the globe announced they had seized control over the weekend of two computer networks that had been used to steal banking information and ransom information locked in files on infected computers. But they warned people with infected computers to take action now to prevent further attacks.

US and European officials announced they had managed to crack the malicious software (malware) known as Gameover Zeus that had been used to divert millions of dollars to bank accounts of criminals. The authorities have also cracked Cryptolocker – a viral scam that shutout hundreds of thousands of users from their own computers and ransomed the data.

The UK’s National Crime Agency (NCA) told British victims that they have a two-week window to protect themselves, after working with the FBI, Europol and other law enforcement bodies to temporarily seize control of the global network of infected computers.

The US authorities identified Bogachev, of Anapa in the Russian Federation, as Gameover Zeus’s main administrator. At a press conference, deputy attorney general James Cole called him “a true 21st-century criminal who commits cybercrimes across the globe with the stroke of a key and the click of a mouse …These crimes have earned Bogachev a place on its list of the world’s most-wanted cyber criminals.”

According to the FBI’s “cyber most wanted” list Bogachev has been using variants of the Zeus malware since 2009 and communicates using the online monikers “lucky12345” and “slavik”. Gameover Zeus (GOZ) started appearing in 2011 and is believed to be “responsible for more than one million computer infections, resulting in financial losses in the hundreds of millions of dollars”.

“He is known to enjoy boating and may travel to locations along the Black Sea in his boat,” according to the FBI.

The Cryptolocker software locked PC users out of their machines, encrypting all their files and demanding payment of one Bitcoin (currently worth around £300, or $650) for decryption.

It’s believed Cryptolocker, which the FBI estimated acquired $27m in ransom payments in just the first two months of its life, has infected more than 234,000 machines.

A chief suspect from Russia has been identified, but is still at large, Troels Oerting, head of Europol’s European Cyber Crime Centre (EC3) told the Guardian. He said other arrests related to the operation were “in progress”.

The global effort to stop the spread of the Cryptolocker ransomware has focused on its delivery method, GOZ. The malware connected infected machines by peer-to-peer connections – in theory making it harder for the authorities to track and stop.

GOZ was designed to steal people’s online banking login details, who were usually infected by clicking on attachments or links in emails that looked innocuous. However, it also dropped Cryptolocker on their computers.

“Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals,” said Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit.

“By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them. Whether you find online security complicated or confusing, or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action.”

Affected users are being advised to update their operating system software and security software, and also to “think twice before clicking on links or attachments in unsolicited emails”.

Not-for-profit body Get Safe Online has worked with the NCA to launch a dedicated section of its website to provide guidance and tools, although at the time of publication the website appeared to be offline.

Behind the scenes, the law enforcement groups have been taking over points of control in GOZ’s peer-to-peer network: an action known as “sinkholing” in the security world. By doing this, they have been able to cut off criminal control over the infected computers.

Dismantling peer-to-peer operated malware is difficult, but it has been done before: for example one case of a data-stealing virus called ZeroAccess, which infected as many as 1.9m PCs in 2013.

In that case, security researchers from Symantec managed to send lists of fake peers to infected machines, which meant they could no longer receive commands from the controllers of the malicious network, known as a botnet.

Symantec researchers said today that key nodes in GOZ’s network had been disabled, along with a number of the domains used by the attackers.

Oerting told The Guardian the entire GOZ’s operations infrastructure had been sinkholed, meaning the malware should “not reappear for … considerable time”.

Although arrests have not yet been made, Oerting believes the eventual impact will be “great”. “[It will not last] forever, but the infrastructure is gone and the criminals will have to build and distribute from scratch,” he added.

Source The Guardian
http://www.theguardian.com/technology/2014/jun/02/cryptolocker-virus-nca-malware-protection

Watch out for fake virus alerts

Watch out for fake virus alerts

Rogue security software, also known as “scareware,” is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions.

How does rogue security software get on my computer?

Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the web.

The “updates” or “alerts” in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.

Rogue security software might also appear in the list of search results when you are searching for trustworthy antispyware software, so it is important to protect your computer.

What does rogue security software do?

Rogue security software might report a virus, even though your computer is actually clean. The software might also fail to report viruses when your computer is infected. Inversely, sometimes, when you download rogue security software, it will install a virus or other malicious software on your computer so that the software has something to detect.

Some rogue security software might also:

Lure you into a fraudulent transaction (for example, upgrading to a non-existent paid version of a program).

Use social engineering to steal your personal information.

Install malware that can go undetected as it steals your data.

Launch pop-up windows with false or misleading alerts.

Slow your computer or corrupt files.

Disable Windows updates or disable updates to legitimate antivirus software.

Prevent you from visiting antivirus vendor websites.

Rogue security software might also attempt to spoof the Microsoft security update process. Here’s an example of rogue security software that’s disguised as a Microsoft alert but that doesn’t come from Microsoft.

Example of a warning from a rogue security program known as AntivirusXP

Example of a warning from a rogue security program known as AntivirusXP.

For more information about this threat, including analysis, prevention and recovery, see the Trojan:Win32/Antivirusxp entry in the Microsoft Malware Protection Center encyclopedia.

To help protect yourself from rogue security software:

Install a firewall and keep it turned on.

Use automatic updating to keep your operating system and software up to date.

Install antivirus and antispyware software and keep it updated. Windows 8 includes antivirus protection that’s turned on by default. If your computer isn’t running Windows 8, download Microsoft Security Essentials for free.

Use caution when you click links in email or on social networking websites.

Use a standard user account instead of an administrator account.

Familiarize yourself with common phishing scams.

If you think you might have rogue security software on your computer:

Scan your computer. Use your antivirus software or do a free scan with the Microsoft Safety Scanner. The safety scanner checks for and removes viruses, eliminates junk on your hard drive, and improves your PC’s performance.

Get help from a Microsoft partner. If you have trouble removing the software yourself, you can enter your zip code to find experts in your area.

Check your accounts. If you think you might have entered sensitive information, such as credit card numbers or passwords into a pop-up window or at a rogue security software site, you should monitor your associated accounts. For additional information, see Email and web scams: How to help protect yourself.

If you suspect that your computer is infected with rogue security software that is currently not detected with Microsoft security solutions, you can submit samples using the Microsoft Malware Protection Center submission form.

Source Microsoft.com
http://www.microsoft.com/security/pc-security/antivirus-rogue.aspx

Hackers Crave Patches for Windows XP

Hackers now crave patches, and Microsoft’s giving them just what they want
At least one of next Tuesday’s updates looks like an excellent candidate to hackers as they sniff for bugs in the now-retired Windows XP
By Gregg Keizer
May 11, 2014 08:31 AM ET
5 Comments
inShare17
Computerworld – Hackers will have at least one, perhaps as many as four, patches next week to investigate as they search for unfixed flaws in Windows XP, the 13-year-old operating system that Microsoft retired from support April 8.
“Come Tuesday, Microsoft will be patching some vulnerabilities in Windows, and it is realistic to assume that at least one of these will also affect Windows XP,” said Kasper Lindgaard, director of research and security at Secunia, in an email Friday. “Generally speaking, newly discovered vulnerabilities in XP will be unpatchable for private users, and therefore we will see a rise in attacks.”
On May 13, Microsoft’s regularly-scheduled monthly Patch Tuesday, the Redmond, Wash. company will issue eight security updates for its software. But because it has stopped providing updates to owners of Windows XP PCs, those customers will not see any of the eight.
Hackers looking for vulnerabilities in Windows XP will be using the patches to find vulnerabilities in XP, Microsoft and security experts have said. By conducting before- and after-patch code comparisons, attackers may be able to figure out where a vulnerability lies in Windows 7 — which will be patched — then sniff around the same part of XP’s code until they discover the bug there. From that point, it will be relatively straight forward for them to craft an exploit and use it against unprotected XP PCs.

“Patches to the other Windows operating systems will be reverse engineered by hackers, seeking to discover which vulnerabilities were fixed by Microsoft, and if applicable, modified to work against Windows XP,” Lindgaard said.
He’s not the only one who believes hackers will leverage updates to find unpatched bugs in XP. So does Microsoft.
“After April [2014], when we release monthly security updates for supported versions of Windows, attackers will try and reverse engineer them to identify any vulnerabilities that also exist in Windows XP,” said Dustin Childs, director of Microsoft’s Trustworthy Computing group, last October. “If they succeed, attackers will have the capability to develop exploit code to take advantage of them.”
Four of the eight scheduled security updates that Microsoft plans to ship next week look like candidates for hackers because they will affect all client versions of Windows, including Windows Vista, Windows 7, Windows 8 and Windows 8.1. Before Microsoft stopped pushing patches to XP, it was rare for an update to fix one or more newer editions of Windows, but not patch XP at the same time.
One of the four will impact all instances of IE, so there’s a very high chance that that update would have patched the pertinent editions of the browser — IE6, IE7 and IE8 — on Windows XP if Microsoft had continued updating the old OS. The upcoming fix for IE was rated “critical,” Microsoft’s highest threat warning, and was also tagged with the phrase “remote code execution” in last week’s advance notification, meaning that if successfully exploited, attackers could hijack the PC and plant malware on its drive.
Two of the remaining three updates also strongly hint at XP vulnerabilities, albeit less threatening ones, since they will apply not only to the newer client editions, like Windows 7 and 8, but also to the still-supported Windows Server 2003, which has a considerable amount of code in common with XP.
The only good news, said Secunia last week, was that Windows XP’s retirement triggered a sharp decline in its share of U.S. PC operating systems. In the three weeks after April 8, XP’s share dropped nearly 17%, said the Danish security company.
The decline of one percentage point each week took Windows XP from an 18% share before retirement to 15% for the week April 23-29. The three-point drop represented one-sixth, or 16.7%, of the original 18% share.
Secunia measured operating system share by tallying the machines that accessed its patch management tools, including the free Personal Software Inspector (PSI), a utility that identifies out-of-date Windows applications and add-ons, then delivers security updates.
Other measurements of Windows XP, including a global estimate by Net Applications earlier this month, pegged Windows XP’s presence considerably higher, mostly because huge numbers of Chinese computers still run the OS. Net Applications reported that XP powered about 26% of all desktop and notebook personal computers in April.
StatCounter, an Irish analytics company, said that XP’s share in the U.S. averaged 13% last month, a drop from 15% the month prior.
Secunia’s numbers imply that the demise of patch support for Windows XP has prompted a significant portion of American die-hards to finally discard the operating system, presumably replacing it with Windows 7, 8 or 8.1, or in some instances, with a Mac or another type of computing device, such as a tablet.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg’s RSS feed . His email address is gkeizer@computerworld.com.
See more by Gregg Keizer on Computerworld.com.

Source Computer world
www.ComputerWorld.Com

10 Steps How to take care of your Laptop

1

Keep liquids away from your laptop. As tempting as it might be to drink coffee, soda, water or any other liquid near your laptop, accidents can happen all too easily. Alternatively, use a cup with a cover on it, so even if it does spill, the liquid doesn’t go anywhere. Spilled liquids may damage the internal microelectronic components or cause electrical damage. Short circuits can corrupt data or even permanently destroy some parts of the laptop. The solution is very simple: Keep your drinks away from your computer. Even if you are careful, someone else might spill your drink.

  1. 2

    Having antivirus software available is the best defence against a virus. Even if you know what you download, it could still contain a virus. If you choose not to have antivirus software you run the risk of a circuit error or software problem in your system. The virus may also slow down the system operations and performance.

  2. 3

    Keep food away from your laptop. Don’t eat over your laptop, the crumbs can fall between the keys and provide an invitation to small bugs or damage the circuitry. Worse yet, the laptop will look dirty if there are crumbs on it

  3. 4

    Always have clean hands when using your laptop. Clean hands make it easier to use your laptop touchpad and there will be less risk of leaving dirt and other stains on the computer. In addition, if you clean your hands before you use the laptop, you will reduce wear and tear on the coating caused by contact with sweat and small particles that can act upon the laptop’s exterior.

  4. 5

    Protect the LCD display monitor. When you shut your laptop, make sure there are no small items, such as a pencil or small ear-phones, on the keyboard. These can damage the display screen if the laptop is shut on them; the screen will scratch if the item is rough. Close the lid gently and holding it in the middle. Closing the lid using only one side causes pressure on that hinge, and over time can cause it to bend and snap.

  5. 6

    Hold and lift the computer by its base, not by its LCD display (the screen). If you lift it by the screen alone, you could damage the display or the hinges attaching the display to the base. The display is also easily scratched or damaged by direct pressure – avoid placing pressure on it.

  6. 7

    Don’t pull on the power cord. Tugging your power cord out from the power socket rather than putting directly on the plug can cause the cord to break off from the plug or damage the power socket. Also, if the power cord is near your feet, avoid kicking it accidentally; in fact, it is best to refrain from bumping into the plug at all because you could loosen it and eventually break it.

  7. 8

    Don’t roll your chair over the computer cord. Stick the cord onto your desk with tape or a special computer cord tie which can easily be undone when you’ve finished using the laptop. Always try to keep the cord away from the floor and your legs.

  8. 9

    Be sure to plug accessory devices into their proper slots. Always look at the symbols on the laptop carefully before inserting devices. Jamming a phone line into an Ethernet port or vice versa could damage the sockets, making it impossible to use them again. It is very important to observe this step.

  9. 10

    Handle any removable drives with care. CD drives that have been removed from your laptop could easily be crushed or dropped; do not be careless. If you are not putting them back into the laptop, put them straight into a storage box or case for safe keeping

  10. Source  WikiHow
  11.    http://www.wikihow.com

 

 

 

 

 

 

 

 

 

Contact us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Questions, issues or concerns? I'd love to help you!

Click ENTER to chat