Archive for the Category ◊ Malware ◊

The 5 coveted delivery channels of Malware you must be well acquainted of
Tuesday, April 10th, 2012 | Author:

Off late, malware economy is proving to be a lucrative deal for cyber outlaws and there is no nook which has been left unscathed from this usher of despondency. Anytime, anywhere malware can reach at you and that too at times when you are least cagey. But then, the prudent way is to turn every stone to trace out the pugmarks of devilry before they could land up through the doorway of your very own duck diamond. Getting cyber looted and ending with spoofed credentials is just not affordable in the times when most of your financial tomes are lying on the cyber racks.

‘Push-Pull’ affairs

Clearly pigeonholed into two distinct branches, web threats can be Pushbased or Pullbased. Putting forth techniques such as phishing, spam or DNS poisoning (pharming), the main schema of Pushbased threats is to entice a user to malicious (often spoofed) web sites, which then serve the pivotal function of gathering information or infusing malware. Often monikered as “drive-by” threats, “Pull-based threats” have been known to ensnare any naïve visitor despite of safety measures. The core line of action involves infecting legitimate web sites, which then unwittingly transmits malware to visitors or alter search results to take users to malicious sites.

The Deadly Five

Count on the variety of ways malware can arrive at you to ransack your cyber integrity:

• Banner ads

It’s time to give a bid adieu to genuine advertising as “malvertising” is sooner going to outpace everything in coming future. Especially, if you’re a tech novice, probabilities run too high that you might stumble upon an authentic-prototype malicious banner ad by chance and once you click on it, you end up finding yourself in a bigger conundrum. This ad page may direct you towards a website where you are being told to download a .pdf file, heavily infested with malicious coding or you are being asked to unveil your financial details in order to wind up the downloading task properly.

• Downloadable documents

Downloadable docs in form of MS Word or Excel formats can prove a fitting medium to dispense malicious code far and wide. In this line of action, users are lured to open a Word or Excel file which already contains a preinstalled Trojan horse.

• Keyloggers

Innocent users are coaxed and cajoled in myriad of ways to download keyloggers, which then keep a strictly keen eyes on every of your digital movements. The screen shots of your credit card and other vital information are then taken before being packed and send across to muggers.

• Man-in-the-middle

In this modus operandi, users are made to believe that they are reaching out to an authentic website but on the other side of the picture, cybercriminals are collecting the crucial login ids and passwords or in some cases may commandeer the whole login session, where malicious financial transactions are conducted stealthily.

 

Category: computer, Keylogger, Malware, Online Security, Phishing  | Leave a Comment
What to do in case you fall a victim to identity theft?
Wednesday, March 28th, 2012 | Author:

It goes without saying that jitteratis are no sooner getting any respite from growing cyber melancholies. Whether its virus attack, hacking, phishing or more recent-identity theft, cyber freebooters have decided not to give a sigh of relief to internet denizens in coming future. Identity thefts have come to lie as a recent hobby horse of bandits and statistics also hold the truthiness of this very fact. Around 4% to 6% percent of U.S. population have reported to be an unwary victim of one or other kind of identity theft. So what to do if you also come to lie as a hapless muggee of identity theft? Read on to know more on how to escape the lurid identity theft experience if you happen to stumble upon by chance.

Know first the tell-tale signs of disaster

A bad credit report stating missing payments or receiving unfamiliar IRS filings at your name, these are sure shot signs that freebooters have ran over your hard earned deposits. Then, while on shopping, if your credit cards get rejected because of a recent deciphered fraud or you happen to receive unpaid traffic tickets at your name, or there is a windfall of court action notices, the signs are very clear that it’s time to run for an immediate action as you have come to lie as an apple of hacker’s eye.

Get into action mode for your stolen identity

  • Set a “fraud alert” on your account

When you place a fraud alert with credit bureaus, it will discourage the marauders from further creating sham accounts under your name. Soon after you can get a free copy of your credit report, which you can review in thorough to spot from where the first signs of forgery have initiated.

  • Notify creditors to keep them aware

The next very step to ensure that no stone remains unturned is to reach out to your credit card provider, telephone and internet service vendors to keep them well noted of the fact that you have been beleaguered.

  • Do away with tampered accounts

Have a closer eye on accounts, which you think might have been messed about and it’s always advisable to close these accounts before they get into troublemaker mode.

  • Reach out to local law enforcement agencies

It’s always best to place your complaint with the police of your area, which will assist you to make your creditors believe of the fraud.

  • Keep a tight watch on your financial records

A monthly review of your bank and credit card statement can help you to trace out any loopholes and manage the situation accordingly.

Along with all these you can also file a claim with your insurance provider and Federal Trade Commission as a stitch on time can always save nine.

 

Ounce of prevention is better than pounds of cure

And as always, it’s prudent to look for preventive measures rather than going for cure. Therefore, a wise man approach is to be at an arm’s length from hackers menace and this you can ensure by sealing the key vulnerabilities in your cyber security.  This can be done easily by not going for unsolicited emails and by keeping your password least guessable. Also, you should ensure to log off properly while you’re over with your net banking operations. Not clicking on pop-ups can be really beneficial. Also, to undo the danger set in by malware most commonly used by hackers these days, it’s advisable to look out for genuine antivirus and antispyware programs. Going for effective tech support can prove its fittingness as a redeemer to keep hackers and their missionaries i.e. viruses, malware and botnets at bay always.

 

 

 

Category: Antivirus, computer, identity theft, Malware, Online Security, Tech Support  | Tags: antivirus, Cyber Security, Identity Theft, Malware, password, tech support  | Leave a Comment
Ransomware: Get Ready for Cyber-age extortion!
Tuesday, December 27th, 2011 | Author:

What if somebody comes and put your computer on gunpoint and ask you for extortion money? You must say, it’s totally insane, or how it can be possible? But, yes it’s true as hackers have stumbled upon this idea and given their bewildering ideas a chance to turn into reality. They are now up with their novelistic gimmick- Ransomware. Alike to its name, Ransomware is more an iniquitous-to-the-core contraption, which has been formulated to siphon out your money by evoking your internal fear.

What all it takes to be a ransomware?

The formulation of new marketing tactics by cyber thugs is on as usual, but now in a very different avatar. In professional lingo, Ransomware is a malicious code that has born with a sole instinct to lock down your valuable files into an encrypted archive and then asking for money in lieu of restoring these files. A fast picking trend, ransomware deals with data, files, and end-user manipulation.

Getting to extortion business

Let’s anatomize the very core of this extortion affair. It all starts when you visit any compromised site and get dirtied by this malware through drive-by-download attack. Once installed, this lout encrypts the crucial of your documents in an archive and then impels you to pay ransom money through services such as Paysafecard or Ukash, in order to swab its dabs of deviltry. Once the ruffian gets the whiff of your money, then only it releases the password to disengage the files. More advanced ransomware scenarios now influence multiple forms of end-user manipulation and extortion.

Some ransomware attacks engage mortification and panic as their cog to run over their victims. In such a scenario, victims are shown a falsified vision by making claims that ransomware has get onto their systems by visiting inappropriate websites and also due to storage of porn materials. In recent, a Trojan detected in the wild display phony messages from law enforcement agencies in Europe and asks the users to pay fictitious fines within 24 hours otherwise data will be erased from their hard drives. Moving a step ahead, some ransomware even cause the code to self destruct by employing stealth tactics, after encrypting user’s files, making the process of unlocking files a herculean challenge.

Finally, let’s end the discussion on a good note. The good news is that there is no need to trigger your panic button on hearing about ransomware. All you have to do is to keep your PC high on security rules such as using reliable firewalls, antivirus and antispyware and keeping them up-to-date with latest patches. That’s all very enough to stop you from paying ransom money for your PC.

Category: Malware, Online Security, Ransomware  | Tags: antispyware, antivirus, firewall, malicious code, Ransomware  | 36 Comments
Watch Out!!! A felon is adumbrating there
Monday, December 19th, 2011 | Author:

A flawless and secured PC experience, isn’t it appears what you have dreamt of? But wait a minute. It’s a dangerous world out there. Click on www. and hey, welcome to the hacker’s Shangri-La. A moment spent on internet and that’s enough to get your PC packed like sardines. The only difference is that here sardines are viruses, spyware, adware, rootkits and many such odds and ends. Rootkits especially are proving to be the effective scimitars for hackers to gouge out a hole into your PC’s fortification and then sabotage your personal and financial data in a hush-hush way.

A Rooty Affair

With its etymology lying in word “root”, a name of UNIX administrator, rootkit is a very potent tool in hacker’s kitty that assists the same to take the driver’s seat of your PC. The hacker installs a rootkit on your PC the moment it gets its access by exploiting user-level access or administrator-level access. This can be done either by taking advantage of the known remote vulnerabilities or by using local exploit or cracking administrator password. Once this schemer (rootkit) is in, a slew of cascading effects just get kick started. Equipped with an armada of wicked programs, a rootkit assures that its looting spree can be carried out in an infallible manner. The most infamous among these programs is backdoor, which assists the hacker in gaining unauthorized access of an entire system. The next in the line is the Packet Sniffer, which monitors the data travelling over a network, TCP/IP or other network protocol. Finally, not to forget the log-wiping utilities that masks the lists of actions that have occurred, which assists the mugger to swab down the traces of its devilry.

What’s in the name?

Many versions but with a sole endeavour to ransack the confidential data, that’s what forms the part and parcel of the rootkit contraption. LRK, tOrn, Adore, NTROOT, NTKap, Nullsys and many, many more, the list of these iniquitous charms go on inexhaustible. But techheads pigeonhole the rootkits in two separate categories. The one labelled as conventional is termed as Application rootkit which replaces the useful application with the trojaned file for opening the entry doors for the hackers. As these conventional rootkits can be ensnared by security software, the caballers have come up with second generation of reprobates known as Kernel rootkits. These rootkits establish themselves in the most reliable kernel layer of the operating system to escape from detention. As these can circumvent conventional system integrity checker at application layer, kernel rootkits have came to be the toughest one to confiscate.

Rooting out!

Few simple steps and you will remain at a safe distance from the rootkit assault. Here are some of them:

  • Firewall all the networks.
  • Grant admittance to the concerned users that are needed to perform their jobs to avoid any kind of unauthorized access.
  • After a system is installed, take inventory of what is running.
  • Enable secure communications such as VPNs and Secure Shell.
  • Periodically monitor all log-files.
  • Install host and network based intrusion detection systems.
Category: Malware, Online Security  | Tags: administrator-level access, Adore, Application rootkit, backdoor, hacker, Kernel rootkit, log-wiping utilities, LRK, NTKap, NTROOT, Nullsys, Packet Sniffer, rootkit, tOrn, user-level access  | 130 Comments
Blended Threats: An execrable concoction of Cyber-age freebooters
Wednesday, December 14th, 2011 | Author:

Malware landscape in today’s time, cease to know any form of boundaries. This boisterous trend is lately catching up as modern malware can now land up through multiple vectors ranging from unsolicited emails to compromised websites and never to forget the ever-favourite social networking sites. Pacing towards the zenith, blended threats have had incredible success at causing infection due to the systematic approach by professional Internet hackers in what has become a highly lucrative industry. The same has been confirmed by Microsoft that has estimated in 2009 that blended threats has been responsible for distributing malware infection among 30% of home PCs and 4% of corporate computers.

A Salver of Choices

Blended threats have become coveted conduit for malware writers to gratify their iffy intents as now they have multiplicity of choices. These range from envenoming search engine results that use popular search terms leading to malicious websites or to social networking sites that enables hackers to promulgate the malicious URL links to contacts by compromising accounts that are legitimate. But it’s still the email that holds high regards among the virus writers. Now no more malicious email attachments, as inserting a seemingly legitimate URL link directing to a malicious website will do all wonders for hackers without any risk of being caught.

The line of attack

It all starts with hacking of a legitimate website by a hacker using automated tools for placing the malware- a radical shift from the conventional approach where the site is developed by the hacker for launching a systemic attack. Next in the line comes the dissemination task where the unsolicited emails (spams) containing the URL of these compromised websites are sent to the end-users through botnets, often in low levels to escape from getting revealed. This circumvents the traditional Email antivirus gateways which do not identify them as impending threats and they pass on unnoticed to the user. Once the user receives the mail and clicks on the rooted link, a Pandora box of systematic multi-level attacks gets unplugged and the malware gets installed onto the user’s PC by “drive-by download” attack. Bit by bit an appalling drama unfolds as the user’s PC becomes a cog of botnet which is further being deployed to spread spam and blended threats.

Category: computer, Malware, Online Security  | Tags: Blended Threats, botnets, drive-by-download attack, email spams, malicious email attachments, Malware  | 103 Comments
Counterfeit Security Software feeding scare in the minds of Cybernauts for eliciting money
Friday, December 09th, 2011 | Author:

A multi-million dollar alcove for cyber criminals, that’s what perfectly defines the internet in today’s time. This evolution is now paced with the ingression of fake security software which has outsized the cybercrime industry into a profitable deal and thus luring more and more newbie to join the bandwagon. The new tactics is to create hysteria among the netizens by generating fake scans and then enticing them to buy the product for restoring their systems. The result- birth of a new malware called “Scareware” that let your nerves run amok by making you feel that your system has been compromised but in actual it’s a fabricated melodrama to further drive you towards a gaping ensnare.

Typology of Scareware

Each passing day the number of scareware released is skyrocketing, giving wakeful nights to the netheads and techheads to deal with this unrelenting challenge. According to an estimate, the number of scareware programs released till 2010 has exceeded 500,000. Cloud Protection, Cloud AV 2012, Security Guard 2012, System Security 2011, Advanced PC Shield 2012, Internet Security 2011, 2004 Adware/Spyware Remover & Blocker, Ad-Eliminator, and the list stretches to 100,000 of these rogues. Out of these, Internet Security 2011 rogue antispyware is one of the most difficult to remove among all rogue programs, as it has been commissioned to get bundled with a rootkit that terminates and then denies future access to any program that scans a particular process.

To give it a real outlook, some fake AV applications even assume the appearance of legitimate products such as Microsoft Windows Defender to further assist in the trickery that the program is legitimate and useful. Taking this a step further, some rogue programs such as WiniGuard operated under multiple of names (more than 30 names) to keep itself charged up for alluring new victims.

The Big Game

The key charade of the scareware is to create a deceptive perception among the PC users that their PC has been infested to prompt them for a castigatory action. It all starts by producing the fake scans and exaggerated results showing abundance of malware and viruses in the system. All these appear to be very legitimate to the users. Furthermore, some scareware even show the legitimate Windows Registry keys as the malware. Once the user gets inveigled, he is then compelled towards purchasing the fake program. In the core of all this lies the veiled axiom, that is to sell as many copies of the rogue software as possible to mint easy money.

Take the scare out of Scareware

Here are few of the do’s and don’ts so that scareware doesn’t make the fool out of you:

  • Keep your firewall updated and in action all the times.
  • Check the installation settings for patches and updates to your operating system, office software, and web browsers to automate the process as much as possible.
  • Install software to filter hits for search engines within your browser and always go for updated browser versions.
  • Always bank upon the genuine antivirus and antispyware software.
  • Prevent JavaScript from running in your browser, and activate it only in case the site is trustable.
  • Install all the Windows Critical Updates to prevent spyware and adware from sneaking into your PC from your back.
Category: Malware, Online Security  | Tags: 2004 Adware/Spyware Remover & Blocker, Ad-Eliminator, Advanced PC Shield 2012, Cloud AV 2012, Cloud Protection, Internet Security 2011, Microsoft Windows Defender, Scareware, Security Guard 2012, System Security 2011  | 116 Comments
Shhhhhhhhhh!!! Someone is eyeing your PC
Friday, December 02nd, 2011 | Author:

Espionage has got a new phizog. Cannier than Mata Hari and Belle Boyd, the stage is now set for the latter-day firebrands. Here, it is not anyway correlated to the cosmos as these moles are more akin to the virtual cyber world. In apposite terms, we classify them as “Spyware” or the cyber sleuths, bespoken to siphon out the dearest of your data.

The genealogy of spyware

An incongruity on what can be classified as spyware and what not has rendered a similar ambiguity on what it means to protect against them. A stroll through technical jargons and you are met with a caboodle of convoluted definitions. Data gathering programs that are installed with the user having the prior knowledge of it, doesn’t qualifies as a spyware, if the user fully understands what data is being collected and with whom it is being shared. Then, what all it takes to be a spyware?

  • Adware

With advertisements built into software, adware can serve as effective spying tool. Once this con finds out that you are sitting online, it channelizes a surge of popups and popunder ads towards the PC. More to this, it tracks and stores the information of your viewing habits which is further sold on to marketing companies, which draw on this information to inundate your inbox with junk emails.

  • Cookies

Sweet name but not as sugary as it’s monikered! Cookies can also serve as effectual spyware tool as they are employed by the advertisers to track sales and clicks to better understand how best to spend their marketing budget.

  • Hostile Scripts and Dialers

These scripts and programmes are tailored to get hold of the local computer files for drawing together information about the user. Alternatively, they can force a modem to dial expensive toll calls or can capture every keystroke you make, creating jeopardy for your confidential information ranging from passwords to credit-card numbers.

  • Browser Redirector/Hijacker

More than just creating nuisance, these hijackers can play havoc with your homepage and search engine settings. Every time you are on the web browser you land up onto the page stifled with porn and ads. Incidentally, most browser hijackers are also data miners which can redirect your web browsing habits to a central database where it can be exploited by companies for minting extra dollars.

  • Keyloggers

Keylogger is a potent tool to scoop out the credit card details and other money related information from your PC covertly by keeping a record of your keystrokes. Email attachments and file download are among their preferred havens.

  • Trojans, Backdoors and Downloaders

And finally, not to forget the evil trinity of Trojans, backdoors and downloaders that form a safe conduit for flushing information valuables from your PC, clandestinely.

So, watch out before your privacy would become a far-flung trance forever!!!

 

 

 

Category: Malware, Online Security  | Tags: Adware, backdoors, cookies, downloaders, Keyloggers, Spyware, trojans  | 114 Comments
Rogue Antivirus: A Wolf in Lamb’s skin
Tuesday, November 22nd, 2011 | Author:

Does antivirus becomes rogue? Strange Indeed! But, beware!! a disguised coaxer is in ambush to give a heavy blow to your PC’s security. That’s what a rogue antivirus is all about, a turncoat that emulates your ever-chum antivirus but spews out slow poison by opening a conduit for a whole armada of malware and viruses.

Who they exactly are?

An entirely dedicated class of these rogue antiviruses is being used by the charlatans to defeat the very purpose of internet security. The most exemplary among these hoodlums is fake antivirus (AV) software that hoodwinks by making you believe that your computer is actually under threat. This it does by generating fake alerts which forms the perfect cog of its mortis operandi. Your agony doesn’t stops here as once you are convinced that your machine is at stake, you are then made to buy the commercial versions of the software. A single click and you land up in a fool’s paradise, a false sense of security while your PC is being looted from multiple sides. That’s not all as some AV software have the inbuilt ability to install a backdoor to let in more of its accomplice into your PC.

The Three Inroads

Out of many possible ways-in there are these three most popular ones:

• Social Engineering Techniques

This is the one which we have just discussed in the passage above. A fake scan generated by malware intimidates that your PC has been infected and then the whole drama unfolds. One click and a bag of troubles is at your doorstop. Many of the cyber ruffians use this technique to get hold of your credentials.

• Drive by Download Attack

In this type of attack, a website packed with malicious scripts is used by the cons to amplify their reach. In such a case, efforts are put in to enchant the maximum web traffic on the malicious web page and to accomplish this Blackhat search engine technique is used. Popular keywords, search phrases and most importantly current affairs form the part and parcel of this technique. If done in a proper manner, the landing page is ranked high and large traffic is diverted to the malicious site which forms the bringer for further promulgation of the rogue antivirus.

• Botnets

Last but not the least; Botnets are especially effective in promulgating the infection through a collection of compromised computers. Large botnets like Conficker and Koobface are also known to install AV software in the machines attacked by them.

The Prophylaxis

Prevention is always better than cure. This mantra upholds even in the web world. And moreover it’s not a rocket science. Just a few tips to follow and that’s well enough to keep fake antivirus at bay. Here’s a few of these do’s and don’ts:

• A strong firewall is always recommended for a fortified PC, so be sure for this. Also, not to forget the strong and reliable antivirus and antispyware is a must for your PC.
• Always make a point not to open the illegitimate links. Open the ones on which you can bank upon. And, especially be at a safe distance from the pop-ups.

• If there is a virus alert, don’t try to further work upon it. Just strike CTRL+ALT+DELETE on your keyboard and try to locate the masquerading urchin from the list of currently running programmes on Windows Task Manager and then exterminate it. A call to your Computer tech support service provider is always recommended after this.

Category: Antivirus, Malware, Online Security  | Tags: Online Tech Support, PCCare247  | 52 Comments