New Domen Malware is Highly Advanced and Dangerous

Domen, malware, Ophtek, pop ups, Security, Security Threats, , , ,
24
Sep 2019

There’s only one thing worse than malware: clever malware. If it’s clever then it will to be difficult to detect and remove. And Domen is exactly that.

You probably haven’t heard of Domen before, but that’s because it’s a brand new toolkit. And it’s a toolkit which is fiendishly clever. What a hacker classes as ‘good’ malware is one that is deceptive and skilled in the art of subterfuge. If it can adapt to different scenarios and conditions that it’s even better. And, again, Domen ticks these boxes.

It certainly doesn’t sound appealing, does it? And I’ll bet my bottom dollar that you don’t want your organization to fall victim to it. Well, to help you avoid the perils of Domen, let’s hold it up to the light and see what we can make of it.

What is Domen?

Social engineering is a key part of the modern hacker’s arsenal, so it’s no surprise to see Domen clutching it so closely to its digital chest. A toolkit, of course, is much more than one single application. As the name suggests, it’s packed full of different applications that can work individually or side by side to maximize its impact. Domen is most likely to be found housed within the code of a compromised website – sites based upon WordPress are particularly affected – where it lurks discreetly and quietly.

However, Domen will not lurk discreetly for long. Nonetheless, when it does make an appearance it takes a keen eye to spot that anything is amiss. The infected website will generate a pop-up window that contains a link to a malicious download. This download will initiate a PowerShell attack that leaves your PC at the mercy of hackers who will gain full control of it. Dangerous pop-up windows are nothing new, but Domen differs in that it’s adaptive to the PC it’s attacking.

Domen has been designed so that it identifies the operating system, the user’s location and their browser. It’s at this point that the social engineering aspect comes into play. Domen uses this unique data to tailor a specific pop-up window that urges the user to download a necessary update. So, for example, if you’re using a Chrome browser then a pop-up will appear for a Chrome update.  And, if you’re based in France, for example, the content will be written in French.

Protecting Your Organization from Domen

It’s important that you practice vigilance when working with PCs as malware is so prevalent in the digital age. Evidence of malware such as Domen being present can include:

  • Your default browser homepage changing to something new without your authorization
  • New software installed and loading at startup
  • Evidence of remote access to your PC taking place

Thankfully, the PowerShell attack – initiated by the download of a .hta file – can be thwarted by protecting yourself with any good cyber-security suite. The tools contained with these suites should be able to identify the malicious .hta file and prevent it from executing on your PC. However, this can all be prevented by being vigilant and ignoring any suspicious pop-ups.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are the Most Common Computer Network Problems?

Data Security, Internet, IT Best Practices, Network, Ophtek, Windows Server, wireless network, , , ,
10
Sep 2019

 

Getting to grips with problems relating to your computer network can be a frustrating affair, but it’s one which is likely to happen on a daily basis.

Computer networks are, after all, highly complex systems that comprise various components and are in use by multiple users. These structures may bring many benefits, but they can also be a recipe for disaster. And, if your network fails or experiences any issues, then your organization’s productivity is going to be affected.

Your main objective, with your computer network, should be to keep it online and functioning correctly. But you can only do this if you know what the most common computer network problems are, so let’s take a look:

  • Slow Connectivity: If there’s one thing that frustrates an employee then it’s slow connectivity over a network. PCs can grind to a halt and even the simplest task can take an age to complete. It’s often caused by large file transfers, so a limit should be put in place on the size that is permitted e.g. no email attachments that total more than 20mb as a standard rule. Sometimes this lag can also be caused by faulty network cards, so it’s important to investigate this possibility. 
  • IP Conflicts: Each PC on your network should have a unique IP address such as 209.85.255.255, but sometimes two PCs can be assigned the same IP address. And this can create major connectivity issues for both parties. Sometimes these conflicts will work themselves out, but you can help speed up the process. Restarting the router is the simplest approach as it should assign new IP addresses to every PC on the network. 
  • Unable to Connect to Local Printer: Printers on a network tend to be shared by multiple users, but occasionally an error can arise that leaves people unable to access the printer. This problem is often caused by a sharing issue whereby different security settings between PCs and the printers fail to agree with each other. When this occurs it’s recommended that you check firewall settings and that your Windows network adapters have printer sharing enabled. 

  • Faulty Cables: A computer network relies on cables to facilitate its connectivity. And when just one cable fails it can have massive implications for your network. However, it’s easy to overlook cables as the source of network issues. People tend to concentrate on software and hardware troubleshooting first. Nonetheless, investigating the condition of cables in the affected network area is vital. Cables can easily become dislodged or damaged, so sometimes the fix can be as simple as plugging them back in or replacing. 
  • Weak Wi-Fi Signal: If you rely on wireless connections in your organization then you will be well aware of the issues caused a weak signal. This can often be caused by environmental issues such as the presence of a microwave or even the layout of an office. It’s important to eliminate these factors to identify the cause of the fault. Alternatively the connection issues could be caused by out-dated firmware, so make sure all updates are installed. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Don’t Make these Password Mistakes

Ophtek, Password Security, PC Security, Security, , ,
03
Sep 2019

Your PC network’s first line of defense is usually a password. But if you’re working with bad passwords then you run the risk of compromising this security.

Almost every computer application requires a password to access it. And, in business, these passwords can provide access to numerous terminals and networks. A lot of data is available on these computer systems and this is why security should always be a priority. However, your security can only be as strong as your first line of defense. And if your passwords are weak then your organization’s security is going to be equally weak.

There are certain mistakes associated with weak passwords that need to be eliminated from your business to keep it safe and secure. Let’s take a look at some of the most common password mistakes:

  • Writing it Down: All over the country there are thousands of Post-It notes containing secure login details that are attached to PCs. This is a major security risk. Passwords need protection of their own. If they’re on display for the entire world to see then, that’s right, the entire world can take advantage of them. Instead, memorize the password or invest in a password manager. 
  • Sharing Passwords: Although not quite as severe as writing your password down, sharing passwords with colleagues is still a guaranteed method of weakening your password. It may feel as though sharing your password – if, for example, you’re away from the office and a colleague needs to access a document on your PC – is a safe move, but there is no guarantee that your PC will remain secure. If you do have to share your password then make sure you change it as soon as possible. 
  • Using the Same Password: You should never use the same password across multiple applications. If you do favor recycling your passwords in this manner then you can easily fall victim to password bots. These automated pieces of code are loaded up with login details – usually purchased on the dark web – and then instructed to try and gain access to other websites with them. So, if your LinkedIn login details have been hacked, it’s possible for a hacker to use a bot to try these details in Gmail, Twitter and Instagram. And, if the details are the same, you’re going to get hacked. 
  • Based on Personal Details: An easy method for formulating a password that you can remember is by basing it on some personal details. So, for example, you may use your date of birth or your mother’s maiden name. It’s unlikely you’ll forget these, so you won’t have to write them down and compromise their security. The only problem is that personal details can easily be accessed by others. And this is never truer than in the digital age where our personal details are splashed all over our social media accounts. 
  • Too Simple: A password needs to be complex, so working with passwords such as ‘123456’ and ‘Password’ is a poor strategy. However, due to the ease with which these can be remembered, many people use them as passwords. And hackers are aware of this. What you really want is a password which is unusually complex e.g. one that doesn’t contain recognizable words or number sequences.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More