March 2021 - Ophtek

What’s a Keylogger? And How Do You Beat One?

anti malware, Cyber Security, keylogger, malware, Ophtek, spywareCyber Security, keylogger, malware, Ophtek, spywareOphtek, LLC

Mar 2021

One of the simplest forms of spyware you can run into is a keylogger. Capable of stealing large amounts of data, a keylogger is simple yet dangerous.

In the world of cyber-security, keyloggers are a frequently mentioned hacking device. But what exactly are they? And what should you do if you fall victim to one? These are important questions as keyloggers can cause immense damage. The main interest of a keylogger is data. In particular, keyloggers have an intense hunger for personal data. Login credentials, banking details and social security information are all at risk. Therefore, it’s critical that you know what a keylogger is, how it works and how to protect yourself.

Luckily, we’ve put together a quick guide to give you the lowdown on keyloggers.

A Beginner’s Guide to Keyloggers

As we have established, keyloggers thrive upon harvesting data from their victims. The simplest way that a keylogger can do this is by monitoring and recording the keystrokes that are made on an infected PC. The software behind a keylogger is simple and can quickly be installed on a PC either manually, through an infected website or as part of a malware package. Once it’s installed, the keylogger will work silently in the background as it records data. The harvested data will then be routinely transmitted to a remote server.

A keylogger can quickly harvest data that puts both organizations and their customers at risk. Not only can personal details be stolen and used for criminal means, but financial accounts can also be compromised. Almost all modern malware will contain some form of keylogger; this is unlikely to change while users continue to use their keyboards to enter data into PCs. But you don’t need to fear keyloggers. As long as you know how to protect your PC then you should be able to benefit from peace of mind.

Beating Keyloggers

It’s impossible to provide 100% protection against keyloggers, but it’s possible to strengthen your defenses to their maximum. And you can do this by carrying out the following:

Anti-Spyware Software: Most malware protection suites will contain some form of anti-key logging tool, but these are also available as standalone apps. By comparing the files present on a PC against a database of malicious tools, anti-spyware software can identify keyloggers and safely remove them.

Two-Factor Authentication: One of the best methods for thwarting hackers is by using two-factor authentication. Organizations can easily generate unique authorization codes that are forwarded to an individual’s phone/personal device. These one-off codes ensure that employees can gain access to their network, but, even if this code is harvested, it is useless.

Monitor Network Activity: A keylogger will need to contact its remote server to transmit its stolen data. But, to do this, it will need to leave your network. And this network activity can easily be monitored at your end. Any unusual traffic or external destinations should be investigated immediately and blocked if any malicious activity is suspected.

Install all Patches: Keyloggers are often able to make their way onto a PC due to vulnerabilities created by outdated software. Thankfully, as long as you regularly install all updates as soon as possible, you should significantly slash your chances of falling victim to a keylogger.

For more ways to secure and optimize your business technology, contact your local IT professionals.

CopperStealer Malware Shows the Dangers of Illegal Downloads

CopperStealer, Cyber Security, Data Security, Illegal Downloads, malware, OphtekCopperStealer, Cyper Security, Illegal Downloads, malware, OphtekOphtek, LLC

Mar 2021

The world of illegal downloads is a dangerous place to travel to and the emergence of the CopperStealer malware demonstrates why.

Ever since the dawn of the world wide web, there have been illegal downloads. And pretty much anything that runs on a PC can be downloaded illegally. The new Kings of Leon album, the latest Marvel movie or even the most up-to-date version of Microsoft Office can be found online for zero dollars and zero cents. However, the fact that these downloads are illegal means that, aside from the fact that you’re committing a felony, you could download more than you bargained for.

CopperStealer is the perfect example of this dangerous activity, so we’re going to show you exactly what can happen.

What is CopperStealer?

The CopperStealer malware is believed to have been active in the wild since 2019, but its malicious activity has only just been detected. CopperStealer relies on illegal downloads to infect workstations and does this by either masquerading itself as, for example, a Windows 10 install file or by bundling itself with a genuine piece of software. Either way, when the person downloading the file tries to install their illegal software, they will inadvertently install CopperStealer on their system. This allows the malware easy access to PCs and does it with the help of the unwitting victim.

Once CopperStealer has taken hold on a PC it begins working quietly in the background as it harvests user information. In particular, it’s exceptionally hungry for login credentials; details for major platforms such as Amazon, Google, PayPal and Twitter have all been targeted by CopperStealer. These are all websites that are used by organizations to store huge amounts of personal data, so the threat that CopperStealer represents is serious. As well as this major threat, CopperStealer also finds time to download additional malware in order to compromise infected systems even further.

How To Protect Yourself from CopperStealer

There is one simple move you can make to defend yourself against CopperStealer: don’t get involved with illegal downloads. Not only is there the threat of unwanted malware being bundled with them, but you risk installing unpatched software without the safety net of available support. Thankfully, CopperStealer is far from sophisticated, certainly compared to other contemporary malware, and can easily be removed with anti-malware software such as AVG and Kaspersky products. Naturally, you will want to make sure that your anti-malware application is fully up to date to protect against all the latest threats.

Final Thoughts

The temptation of illegal downloads, especially when we are living in a time of economic turbulence, is strong, but it pays to resist it. If, for example, your PayPal credentials are stolen then you and your customers could face some significant financial hardship. Therefore, it’s crucial that you always pay for your software. This will, as discussed, ensure you receive regular updates and patches as well as providing you with peace of mind that your software is clean.

For more ways to secure and optimize your business technology, contact your local IT professionals.

RAM: What Is It and Why Do You Need It?

Clipboard, Maximum RAM, Memory, Ophtek, RAMMaximum RAM, Memory, Ophtek, ramOphtek, LLC

Mar 2021

RAM is one of those terms which is frequently mentioned by IT professionals, but rarely understood by the average PC user. So, what is it?

Random Access Memory (RAM) may sound like a confusing combination of words, but without RAM your PC wouldn’t be able to do a single thing. Therefore, it’s as crucial. The most important element of RAM to focus on is the M for Memory. Much like humans, a PC needs memory to carry out certain tasks. However, RAM is different to human memory in numerous ways. And the best way to understand what it is and what is does is by looking at our lowdown on RAM.

What is RAM?

RAM is the part of a PC which acts as the machine’s memory. Information can be stored and read from the RAM in milliseconds. This allows the RAM to act as a temporary store for data that is either in use or will be required next. The speed with which this data can be accessed is exceptionally quick. Data can be accessed and processed in RAM much quicker than any hard drive, so it should always be the go-to option for loading applications. And, as you would imagine, the more RAM installed on your PC, then the quicker the performance e.g. applications loading quicker.

Why Do You Need RAM?

It wouldn’t be inaccurate to describe RAM as the backbone of your PC’s performance, but a more accurate term to use would be its memory. RAM allows you to carry out the following:

Switch Tasks: If you’ve ever switched between applications with the ALT + TAB shortcut then you have your RAM to thank. If you’re working in Excel and then move into Outlook, this order is stored in the RAM. That’s why, if you then press ALT + TAB again, your PC knows to send you back to Excel from Outlook.

The Clipboard: The ‘copy’ command is an invaluable process on PCs that allows you to copy information from one location and then ‘paste’ it into another. So, for example, you can copy a paragraph of text from Word and then paste it into an Outlook email. Once you copy the text in question, it is stored on the ‘clipboard’ which is located in the RAM.

Loading Applications:When you load up an application, RAM is the starting point. The application will partially be loaded into the RAM to facilitate a fast loading time. However, the application will not be fully loaded into the RAM. The operating system will then head to the hard drive to retrieve the next part of the application and move this into the RAM.

Final Thoughts

The minimum amount of RAM a modern PC should be running with is 4GB, but the amount required is dependent on your needs. If, for example, your PC work involves complex graphic rendering then you would need up to 32GB to handle your workload. RAM is a form of hardware which requires installing into your PC, so always seek advice to determine how much you need.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Microsoft Exchange Email Vulnerability Hits 30,000 US Firms Hard

Cyber Security, Data Security, email security, Hackers, Microsoft, Online Security, Ophtek, Software Security PatchesCyber Security, email security, hackers, microsoft, Microsoft patches, OphtekOphtek, LLC

Mar 2021

Vulnerabilities in the Microsoft Exchange Server software have led to 30,000 US businesses being hacked. And it’s a very dangerous hack.

A total of four vulnerabilities have been discovered in Microsoft Exchange Server (MES) which has allowed hackers to carry out numerous attacks. The hackers appear to be part of a Chinese cyber-espionage group who specialize in stealing email communications. It’s believed that hundreds of thousands of firms have been attacked with at least 30,000 of them being US-based. As email is a crucial part of any modern business, it’s not an exaggeration to say that the MES hack is a major threat.

What is the Microsoft Exchange Server Hack?

The MES hack appeared, at first, to be concerned with stealing email data from organizations that were running the server through internet-based systems. The four vulnerabilities, present through MES versions 2013 – 19, allowed the hackers easy access to emails. However, the hackers – who Microsoft have called Hafnium – did not stop at stealing emails. Once they had access to affected systems, they also installed a web shell. This granted Hafnium the opportunity to gain remote access and full administrator privileges. The web shell is password protected and ensures that disrupting the hackers’ access is highly difficult.

Microsoft quickly formulated a security patch to eliminate the vulnerabilities, but many organizations have failed to install the MES patch. As a result, these organizations remain at risk. And, to make matters worse, Hafnium still has them in their sights. Using automated software, Hafnium is actively scanning the internet for any organizations using unpatched versions of MES. This allows the hackers to continue their campaign of data theft and disruption. It also appears that Hafnium is not fussy about who they target. Industries as wide ranging as NGOs through to medical researchers and legal firms have all been infiltrated by the MES hack.

Protecting Against Vulnerabilities

When it comes to attacks such as the MES hack it’s vital that patches are installed as soon as possible. The longer your system is unpatched then the chances of it being breached are exceptionally high. And, if you give a hacker enough time, there’s the chance of additional malware such as ransomware being installed. Setting your updates to ‘automatic install’ is the simplest and quickest way to minimize this risk. This will ensure that any security updates are in place the moment they are available.

But you can’t rely on a patch alone. Patches are not always available in time. And this means that you run the risk of having your systems breached and data stolen. Therefore, make sure that you also implement these procedures:

Monitor traffic entering and leaving your network to identify any potential breaches. Unusual levels of traffic can often indicate that hackers have taken control of your network.

Segment your network where possible. By separating your network into several different segments, you are limiting the access that a hacker has if they infiltrate your system.

Employ two-factor authentication procedures for gaining administrator privileges. This should make it next to impossible for hackers to take full control of your network.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Monthly Archives: March 2021