Author Archive

Ransomware: Get Ready for Cyber-age extortion!
Tuesday, December 27th, 2011 | Author:

What if somebody comes and put your computer on gunpoint and ask you for extortion money? You must say, it’s totally insane, or how it can be possible? But, yes it’s true as hackers have stumbled upon this idea and given their bewildering ideas a chance to turn into reality. They are now up with their novelistic gimmick- Ransomware. Alike to its name, Ransomware is more an iniquitous-to-the-core contraption, which has been formulated to siphon out your money by evoking your internal fear.

What all it takes to be a ransomware?

The formulation of new marketing tactics by cyber thugs is on as usual, but now in a very different avatar. In professional lingo, Ransomware is a malicious code that has born with a sole instinct to lock down your valuable files into an encrypted archive and then asking for money in lieu of restoring these files. A fast picking trend, ransomware deals with data, files, and end-user manipulation.

Getting to extortion business

Let’s anatomize the very core of this extortion affair. It all starts when you visit any compromised site and get dirtied by this malware through drive-by-download attack. Once installed, this lout encrypts the crucial of your documents in an archive and then impels you to pay ransom money through services such as Paysafecard or Ukash, in order to swab its dabs of deviltry. Once the ruffian gets the whiff of your money, then only it releases the password to disengage the files. More advanced ransomware scenarios now influence multiple forms of end-user manipulation and extortion.

Some ransomware attacks engage mortification and panic as their cog to run over their victims. In such a scenario, victims are shown a falsified vision by making claims that ransomware has get onto their systems by visiting inappropriate websites and also due to storage of porn materials. In recent, a Trojan detected in the wild display phony messages from law enforcement agencies in Europe and asks the users to pay fictitious fines within 24 hours otherwise data will be erased from their hard drives. Moving a step ahead, some ransomware even cause the code to self destruct by employing stealth tactics, after encrypting user’s files, making the process of unlocking files a herculean challenge.

Finally, let’s end the discussion on a good note. The good news is that there is no need to trigger your panic button on hearing about ransomware. All you have to do is to keep your PC high on security rules such as using reliable firewalls, antivirus and antispyware and keeping them up-to-date with latest patches. That’s all very enough to stop you from paying ransom money for your PC.

Category: Malware, Online Security, Ransomware  | Tags: antispyware, antivirus, firewall, malicious code, Ransomware  | 36 Comments
Watch Out!!! A felon is adumbrating there
Monday, December 19th, 2011 | Author:

A flawless and secured PC experience, isn’t it appears what you have dreamt of? But wait a minute. It’s a dangerous world out there. Click on www. and hey, welcome to the hacker’s Shangri-La. A moment spent on internet and that’s enough to get your PC packed like sardines. The only difference is that here sardines are viruses, spyware, adware, rootkits and many such odds and ends. Rootkits especially are proving to be the effective scimitars for hackers to gouge out a hole into your PC’s fortification and then sabotage your personal and financial data in a hush-hush way.

A Rooty Affair

With its etymology lying in word “root”, a name of UNIX administrator, rootkit is a very potent tool in hacker’s kitty that assists the same to take the driver’s seat of your PC. The hacker installs a rootkit on your PC the moment it gets its access by exploiting user-level access or administrator-level access. This can be done either by taking advantage of the known remote vulnerabilities or by using local exploit or cracking administrator password. Once this schemer (rootkit) is in, a slew of cascading effects just get kick started. Equipped with an armada of wicked programs, a rootkit assures that its looting spree can be carried out in an infallible manner. The most infamous among these programs is backdoor, which assists the hacker in gaining unauthorized access of an entire system. The next in the line is the Packet Sniffer, which monitors the data travelling over a network, TCP/IP or other network protocol. Finally, not to forget the log-wiping utilities that masks the lists of actions that have occurred, which assists the mugger to swab down the traces of its devilry.

What’s in the name?

Many versions but with a sole endeavour to ransack the confidential data, that’s what forms the part and parcel of the rootkit contraption. LRK, tOrn, Adore, NTROOT, NTKap, Nullsys and many, many more, the list of these iniquitous charms go on inexhaustible. But techheads pigeonhole the rootkits in two separate categories. The one labelled as conventional is termed as Application rootkit which replaces the useful application with the trojaned file for opening the entry doors for the hackers. As these conventional rootkits can be ensnared by security software, the caballers have come up with second generation of reprobates known as Kernel rootkits. These rootkits establish themselves in the most reliable kernel layer of the operating system to escape from detention. As these can circumvent conventional system integrity checker at application layer, kernel rootkits have came to be the toughest one to confiscate.

Rooting out!

Few simple steps and you will remain at a safe distance from the rootkit assault. Here are some of them:

  • Firewall all the networks.
  • Grant admittance to the concerned users that are needed to perform their jobs to avoid any kind of unauthorized access.
  • After a system is installed, take inventory of what is running.
  • Enable secure communications such as VPNs and Secure Shell.
  • Periodically monitor all log-files.
  • Install host and network based intrusion detection systems.
Category: Malware, Online Security  | Tags: administrator-level access, Adore, Application rootkit, backdoor, hacker, Kernel rootkit, log-wiping utilities, LRK, NTKap, NTROOT, Nullsys, Packet Sniffer, rootkit, tOrn, user-level access  | 130 Comments
Blended Threats: An execrable concoction of Cyber-age freebooters
Wednesday, December 14th, 2011 | Author:

Malware landscape in today’s time, cease to know any form of boundaries. This boisterous trend is lately catching up as modern malware can now land up through multiple vectors ranging from unsolicited emails to compromised websites and never to forget the ever-favourite social networking sites. Pacing towards the zenith, blended threats have had incredible success at causing infection due to the systematic approach by professional Internet hackers in what has become a highly lucrative industry. The same has been confirmed by Microsoft that has estimated in 2009 that blended threats has been responsible for distributing malware infection among 30% of home PCs and 4% of corporate computers.

A Salver of Choices

Blended threats have become coveted conduit for malware writers to gratify their iffy intents as now they have multiplicity of choices. These range from envenoming search engine results that use popular search terms leading to malicious websites or to social networking sites that enables hackers to promulgate the malicious URL links to contacts by compromising accounts that are legitimate. But it’s still the email that holds high regards among the virus writers. Now no more malicious email attachments, as inserting a seemingly legitimate URL link directing to a malicious website will do all wonders for hackers without any risk of being caught.

The line of attack

It all starts with hacking of a legitimate website by a hacker using automated tools for placing the malware- a radical shift from the conventional approach where the site is developed by the hacker for launching a systemic attack. Next in the line comes the dissemination task where the unsolicited emails (spams) containing the URL of these compromised websites are sent to the end-users through botnets, often in low levels to escape from getting revealed. This circumvents the traditional Email antivirus gateways which do not identify them as impending threats and they pass on unnoticed to the user. Once the user receives the mail and clicks on the rooted link, a Pandora box of systematic multi-level attacks gets unplugged and the malware gets installed onto the user’s PC by “drive-by download” attack. Bit by bit an appalling drama unfolds as the user’s PC becomes a cog of botnet which is further being deployed to spread spam and blended threats.

Category: computer, Malware, Online Security  | Tags: Blended Threats, botnets, drive-by-download attack, email spams, malicious email attachments, Malware  | 103 Comments
Counterfeit Security Software feeding scare in the minds of Cybernauts for eliciting money
Friday, December 09th, 2011 | Author:

A multi-million dollar alcove for cyber criminals, that’s what perfectly defines the internet in today’s time. This evolution is now paced with the ingression of fake security software which has outsized the cybercrime industry into a profitable deal and thus luring more and more newbie to join the bandwagon. The new tactics is to create hysteria among the netizens by generating fake scans and then enticing them to buy the product for restoring their systems. The result- birth of a new malware called “Scareware” that let your nerves run amok by making you feel that your system has been compromised but in actual it’s a fabricated melodrama to further drive you towards a gaping ensnare.

Typology of Scareware

Each passing day the number of scareware released is skyrocketing, giving wakeful nights to the netheads and techheads to deal with this unrelenting challenge. According to an estimate, the number of scareware programs released till 2010 has exceeded 500,000. Cloud Protection, Cloud AV 2012, Security Guard 2012, System Security 2011, Advanced PC Shield 2012, Internet Security 2011, 2004 Adware/Spyware Remover & Blocker, Ad-Eliminator, and the list stretches to 100,000 of these rogues. Out of these, Internet Security 2011 rogue antispyware is one of the most difficult to remove among all rogue programs, as it has been commissioned to get bundled with a rootkit that terminates and then denies future access to any program that scans a particular process.

To give it a real outlook, some fake AV applications even assume the appearance of legitimate products such as Microsoft Windows Defender to further assist in the trickery that the program is legitimate and useful. Taking this a step further, some rogue programs such as WiniGuard operated under multiple of names (more than 30 names) to keep itself charged up for alluring new victims.

The Big Game

The key charade of the scareware is to create a deceptive perception among the PC users that their PC has been infested to prompt them for a castigatory action. It all starts by producing the fake scans and exaggerated results showing abundance of malware and viruses in the system. All these appear to be very legitimate to the users. Furthermore, some scareware even show the legitimate Windows Registry keys as the malware. Once the user gets inveigled, he is then compelled towards purchasing the fake program. In the core of all this lies the veiled axiom, that is to sell as many copies of the rogue software as possible to mint easy money.

Take the scare out of Scareware

Here are few of the do’s and don’ts so that scareware doesn’t make the fool out of you:

  • Keep your firewall updated and in action all the times.
  • Check the installation settings for patches and updates to your operating system, office software, and web browsers to automate the process as much as possible.
  • Install software to filter hits for search engines within your browser and always go for updated browser versions.
  • Always bank upon the genuine antivirus and antispyware software.
  • Prevent JavaScript from running in your browser, and activate it only in case the site is trustable.
  • Install all the Windows Critical Updates to prevent spyware and adware from sneaking into your PC from your back.
Category: Malware, Online Security  | Tags: 2004 Adware/Spyware Remover & Blocker, Ad-Eliminator, Advanced PC Shield 2012, Cloud AV 2012, Cloud Protection, Internet Security 2011, Microsoft Windows Defender, Scareware, Security Guard 2012, System Security 2011  | 116 Comments
Shhhhhhhhhh!!! Someone is eyeing your PC
Friday, December 02nd, 2011 | Author:

Espionage has got a new phizog. Cannier than Mata Hari and Belle Boyd, the stage is now set for the latter-day firebrands. Here, it is not anyway correlated to the cosmos as these moles are more akin to the virtual cyber world. In apposite terms, we classify them as “Spyware” or the cyber sleuths, bespoken to siphon out the dearest of your data.

The genealogy of spyware

An incongruity on what can be classified as spyware and what not has rendered a similar ambiguity on what it means to protect against them. A stroll through technical jargons and you are met with a caboodle of convoluted definitions. Data gathering programs that are installed with the user having the prior knowledge of it, doesn’t qualifies as a spyware, if the user fully understands what data is being collected and with whom it is being shared. Then, what all it takes to be a spyware?

  • Adware

With advertisements built into software, adware can serve as effective spying tool. Once this con finds out that you are sitting online, it channelizes a surge of popups and popunder ads towards the PC. More to this, it tracks and stores the information of your viewing habits which is further sold on to marketing companies, which draw on this information to inundate your inbox with junk emails.

  • Cookies

Sweet name but not as sugary as it’s monikered! Cookies can also serve as effectual spyware tool as they are employed by the advertisers to track sales and clicks to better understand how best to spend their marketing budget.

  • Hostile Scripts and Dialers

These scripts and programmes are tailored to get hold of the local computer files for drawing together information about the user. Alternatively, they can force a modem to dial expensive toll calls or can capture every keystroke you make, creating jeopardy for your confidential information ranging from passwords to credit-card numbers.

  • Browser Redirector/Hijacker

More than just creating nuisance, these hijackers can play havoc with your homepage and search engine settings. Every time you are on the web browser you land up onto the page stifled with porn and ads. Incidentally, most browser hijackers are also data miners which can redirect your web browsing habits to a central database where it can be exploited by companies for minting extra dollars.

  • Keyloggers

Keylogger is a potent tool to scoop out the credit card details and other money related information from your PC covertly by keeping a record of your keystrokes. Email attachments and file download are among their preferred havens.

  • Trojans, Backdoors and Downloaders

And finally, not to forget the evil trinity of Trojans, backdoors and downloaders that form a safe conduit for flushing information valuables from your PC, clandestinely.

So, watch out before your privacy would become a far-flung trance forever!!!

 

 

 

Category: Malware, Online Security  | Tags: Adware, backdoors, cookies, downloaders, Keyloggers, Spyware, trojans  | 114 Comments
Sort Out Your Antivirus Package Prudently
Wednesday, November 23rd, 2011 | Author:

Individuals and organizations always end up facing complicated buying decisions when it comes to buying anti-virus solutions. Often confused between brands such as Norton and Mcafee, Vipre and Avast,Kaspersky or Panda; not being able to make up their mind on how and which antivirus protection suite would best end up standing tall on their stringent requirements.

Why to go for antivirus software?


The negative impact from malware is perceived so threatening authorities such as HIPAA and PCI-DSS have laid out many regulations and standards to enlighten organizations about their potency. Giving way to a scenario where antivirus software is considered as quintessential in many organizations to prevent any malicious attacks on networks and systems.

Software application at the end of the day coming in good towards minimizing any potential damage resulting from Worms, Trojans, Keystroke Loggers and Root Kits. But then as it is the case even though antivirus software installs are straightforwardly non-negotiable, the choices facing corporate anti-malware buyers are almost considered to be labyrinthine in their complexity.

Which antivirus solution to opt for?


Although it is possible to purchase single purpose antivirus solutions, a good majority of organizations find it easier to combine a number of functions into a single agent. For at the end of the day, benefits of any single agent include a smaller installation footprint and a single point of control for policy management.

However, names for a good deal of combined-function agents end up comprising of security suites, endpoint security and total protection. A bare minimum of what’s in a standard antivirus suite; inclusive of scanning for viruses as well as a personal firewall. And yes what’s more with such security suites considered to be mature in their overall orientation they have been offered by major players in a majority of antivirus industries over a number of years.

PCCare247 takes antivirus support to the next level


Taking multifunction antivirus support to the next level, companies such as PCCare247 have teamed up with names such as Avast to offer additional security controls comprising of full NAC integration (with quarantine and patching support), DLP (data loss prevention) functionality, file encryption Web2.0 (e. g. cross-site request forgery and cross-site scripting attacks) and browser protection, and messaging hygiene with anti-spam and instant messaging filtering. Controls one would end up considering as pivotal for safeguarding computers from a range of unscrupulous elements residing on the World Wide Web.

PCCare247 and Avast a force to reckon with in the antivirus industry have joined hands to offer computer users unique solutions for their fight against viruses, malwares and Trojans found in the cyber world. In fact, as it goes every solution offered guarantees PC users are bound to win their freedom against viruses.

Category: Antivirus, Online Security  | 65 Comments
Rogue Antivirus: A Wolf in Lamb’s skin
Tuesday, November 22nd, 2011 | Author:

Does antivirus becomes rogue? Strange Indeed! But, beware!! a disguised coaxer is in ambush to give a heavy blow to your PC’s security. That’s what a rogue antivirus is all about, a turncoat that emulates your ever-chum antivirus but spews out slow poison by opening a conduit for a whole armada of malware and viruses.

Who they exactly are?

An entirely dedicated class of these rogue antiviruses is being used by the charlatans to defeat the very purpose of internet security. The most exemplary among these hoodlums is fake antivirus (AV) software that hoodwinks by making you believe that your computer is actually under threat. This it does by generating fake alerts which forms the perfect cog of its mortis operandi. Your agony doesn’t stops here as once you are convinced that your machine is at stake, you are then made to buy the commercial versions of the software. A single click and you land up in a fool’s paradise, a false sense of security while your PC is being looted from multiple sides. That’s not all as some AV software have the inbuilt ability to install a backdoor to let in more of its accomplice into your PC.

The Three Inroads

Out of many possible ways-in there are these three most popular ones:

• Social Engineering Techniques

This is the one which we have just discussed in the passage above. A fake scan generated by malware intimidates that your PC has been infected and then the whole drama unfolds. One click and a bag of troubles is at your doorstop. Many of the cyber ruffians use this technique to get hold of your credentials.

• Drive by Download Attack

In this type of attack, a website packed with malicious scripts is used by the cons to amplify their reach. In such a case, efforts are put in to enchant the maximum web traffic on the malicious web page and to accomplish this Blackhat search engine technique is used. Popular keywords, search phrases and most importantly current affairs form the part and parcel of this technique. If done in a proper manner, the landing page is ranked high and large traffic is diverted to the malicious site which forms the bringer for further promulgation of the rogue antivirus.

• Botnets

Last but not the least; Botnets are especially effective in promulgating the infection through a collection of compromised computers. Large botnets like Conficker and Koobface are also known to install AV software in the machines attacked by them.

The Prophylaxis

Prevention is always better than cure. This mantra upholds even in the web world. And moreover it’s not a rocket science. Just a few tips to follow and that’s well enough to keep fake antivirus at bay. Here’s a few of these do’s and don’ts:

• A strong firewall is always recommended for a fortified PC, so be sure for this. Also, not to forget the strong and reliable antivirus and antispyware is a must for your PC.
• Always make a point not to open the illegitimate links. Open the ones on which you can bank upon. And, especially be at a safe distance from the pop-ups.

• If there is a virus alert, don’t try to further work upon it. Just strike CTRL+ALT+DELETE on your keyboard and try to locate the masquerading urchin from the list of currently running programmes on Windows Task Manager and then exterminate it. A call to your Computer tech support service provider is always recommended after this.

Category: Antivirus, Malware, Online Security  | Tags: Online Tech Support, PCCare247  | 52 Comments