Google Archives

A recently discovered vulnerability appears to allow threat actors to hack into your Google account, even if you change your password.

Given that there are 1.8 billion people actively using Gmail, it should come as no surprise that Google accounts represent a mouthwatering target for hackers. Google claims that their users are protected by world-class security and, on the whole, it is a secure system. No infrastructure, however, is 100% safe. Threat actors are industrious individuals and won’t rest until they’ve tried every avenue to compromise a system. Unfortunately, for Google and its users, this is exactly what’s happened.

Losing Control of Google

Google accounts are highly valuable to their owners. Packed full of apps such as Gmail and Google Drive, there’s a lot of personal data involved. A new vulnerability, attributed to a flaw in Google cookies, gives access to these accounts over to threat actors. Worst of all, this can be achieved time after time. Sure, you can try changing your password, but they will still be able to unlock your account.

The attack starts when a user unwittingly allows malware to be installed on their PC. This malware then gets to work by searching for and identifying any Google login tokens, which are typically stored in the application’s local database. These stolen tokens can then be used to trick Google’s API interface.

One of the main duties of a Google API is to help sync the various Google services across one account. So, for example, if you were logged into Google Drive, you wouldn’t have to log into Gmail as well. The threat actors exploit a vulnerability with Google cookies to create new cookies which can be used to gain unauthorized access to the compromised account. And this trick can be completed multiple times. Changing your password, naturally, would be the simple choice here. But even doing this still grants the hacker one more chance to access your account.

The vulnerability in question is currently being sold by threat actors online, with at least six hacking groups advertising it. These threat actors also claim that that this vulnerability has been redesigned to tackle the efforts Google has taken to shut this exploit down.

Keep Your Google Account Safe

No one wants to lose their Google account, aside from the loss of personal data, there’s also the sheer inconvenience of having to create a new account and updating any services associated with your original account. Accordingly, make sure you play safe by following these best practices:

Use multi-factor authentication: at present, Google hasn’t revealed whether multi-factor authentication will prevent this vulnerability from seizing control of your account. However, if you don’t have it activated, you need to make this a priority as it’s one of the simplest ways to add extra security to your account.

Do not download suspicious software: the first stepping stone for the threat actors to compromise your Google account involves installing malware on your PC. This gives them a foothold to begin stealing your Google login tokens. Therefore, you need to remain vigilant as to the software you’re downloading. The most obvious question to ask here is whether the download comes from an official source.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Malware Makes Its Way into Search Engine Ads

Google, google ads, malware, Online Security, Ophtekgoogle, Google ads, malware, Ophtek, securityOphtek, LLC

Apr 2023

Search engines are the gateway to the internet, but there’s a very real chance they may just be serving up malware each time you use them.

We all use search engines on a daily basis – with Google being the most popular choice – and, to be honest, we probably take them for granted in terms of security. However, the FBI is now warning that search engine results may represent a significant threat to the security of your PC. As with most security threats, this new technique relies on deception; in this instance, the threat actors are harnessing the power of search engine advertisements.

Due to our reliance on search engines, it’s important we understand the nature of this latest threat. And, to help you protect your IT infrastructure, we’re going to take you through the basics of this attack.

Malware by Advertising

Whenever you put a search request into, for example, Google, you will receive a long list of search results. The higher a result is, the more clicks it’s likely to get from people searching for that term. Search engines understand the importance of ranking high in their results and, therefore, they make it possible for people to pay to advertise at the very top of the search results. These advertisements look almost identical to the organic search results, with only a small “Ad” tag next to them. Accordingly, these can easily be mistaken for organic search results.

Despite many of these advertisements being legitimate, and merely paying to skip to the top of the search results page, the FBI has discovered many of these advertisements are linked to malware. Threat actors are purchasing advertising space which appears to be for genuine companies, such as finance platforms, and using very similar URLs to tempt people into clicking their link. However, these links are simply a way to redirect people to sites looking to distribute malware. Worse still, the advertisements used will often display a URL to a genuine site, but redirect you to an altogether different site.

Stay Safe from Fake Ads

The last thing you want to do is fall victim to a fake ad, after all you may simply be searching for somewhere to go and have lunch. Therefore, it pays to stay safe and know how to protect yourself from fake search engine ads. You can do this by practicing the following:

Check that top result: remember, it’s important you know what you’re clicking on, so make sure you double check any results at the top of Google. While, for example, it may look like a search result for Bank of America, the actual URL within the result may be slightly different e.g bank0famerica.com. And, if you click on it, you could quickly find yourself on a malicious site.

Always hover: the simplest way to determine the true destination of a link within search engine results is by hovering your mouse cursor over it. This will bring up a pop-up message which displays exactly where the link is going to take you.

Block Google ads: it’s possible to block Google ads from appearing in the search engine results page, all you have to do is install an ad-blocker such as Blockzilla. These apps filter incoming web pages – including search engines – and ensure any intrusive ads or promoted posts are blocked.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Glupteba Malware Returns With a Bang

Ad-Blocker, botnets, Glupteba, Google, malvertising, network activities, Ophtek, unauthorized proxiesad-blocker, botnets, Glupteba, google, malvertising, network activities, Ophtek, unauthorized proxiesOphtek, LLC

Jan 2023

Despite experiencing a major obstacle a year ago, in the form of Google’s anti-malware efforts, the Glupteba malware is back.

First discovered in 2011, Glupteba is a veteran of the malware scene, although one which goes through periods of intense activity before disappearing for years at a time. A classic botnet, Glupteba has always focused on stealing data, but it has also made sure it has a backup plan in the form of targeting router exploits. Therefore, the news of its re-emergence is troubling for your IT infrastructure. And, given that Glupteba has been updated to be even stronger than ever before, you’re going to need to be on high alert.

Thankfully, we’re on hand to look at this malware and provide some critical advice on how to protect your organization.

Glupteba’s Latest Campaign

Following Google’s disruption of Glupteba’s botnet, which operated on the blockchain, Glupteba went quiet for several months. However, in June 2022 it was discovered that a new campaign had been launched, one which remains active as of this time of writing. Glupteba’s latest strategy targets Windows devices and has set its sights on harvesting data, using infected devices to mine cryptocurrency and setting up unauthorized proxies.

Glupteba is transmitted via traditional infection methods which include malicious installers (typically promoting themselves as free software installers) and through malvertising campaigns. As Glupteba is blockchain enabled, this gives it the ability to constantly change the command and control servers it uses. And, as it uses blockchain transaction data (which cannot be erased) to facilitate its attack, it’s very difficult to make a dent in the power of Glupteba’s botnet. These attacks often employ TOR services as well, a move which makes tracing the attacks next to impossible.

Staying Safe from Glupteba

One word in particular keeps being used when discussing Glupteba’s latest campaign: resilient. The source of its resilience comes from its design, one that uses deception and stealth to protect its operators and ensure it continues to spread. But this doesn’t mean you need to fall victim to Glupteba. If you make sure you follow good cybersecurity practices, you should be able to keep your IT infrastructure safe. All you have to do is:

Understand the threat of malvertising: the internet is full of malicious adverts, but there are ways you can make your PC safer. The simplest way to do this is by installing an ad-blocker, these will block both irritating and malicious adverts, so it’s a win-win situation. Malvertising is also known to use exploits to spread its payload, so you need to make sure your browsers are fully patched and up to date.

Monitor network activity: as Glupteba is a botnet, its operations are likely to lead to a spike in network traffic. And, if unauthorized proxies have been set up, this network activity is likely to go stratospheric. Therefore, you need to keep your network activity monitored to help you analyze any anomalies which may act as an early warning system.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Google Workspace Business and How it Helps Businesses

automation, cloud computing, collaboration, Google, google workspace business, Securityautomation, cloud computing, collaboration, google, google workspace businessOphtek, LLC

Jun 2021

Any tool that can help businesses improve processes and enhance productivity is invaluable. And one such tool is Google Workspace Business.

An intriguing and powerful collection of business IT tools, Google Workspace Business has the potential to revolutionize the way your organization works. It’s a platform which embraces the benefits of cloud computing and allows you to take collaboration to a new level. The basic (and free) version of Google Workspace is certainly useful, but the enterprise Business version is packed full of additional features. And, in the current landscape of remote working, it’s an essential tool for businesses.

But what exactly can Google Workspace Business offer your business?

The Lowdown on Google Workspace Business

Introducing a new collaborative tool into any business needs to be managed carefully. But, with Google Workspace Business, you can be rest assured that the following benefits are worth it:

Collaboration: Google Workspace understands the difficulties of remote workers needing to collaborate with office-based workers; it solves this with a wide range of powerful collaborative tools. Documents can be edited and shared in real time. Video calls can be arranged through Google Meet and instant messaging is available in either group or individual chats.

Use Business Branded Email: One of the major benefits of Google Workspace Business is that it allows you to use an in-built email system – similar in design to Gmail – with your company domain name attached. Organizations, therefore, can harness the power of enterprise-level email services, but free themselves from the duties of maintaining an email server.

Unlimited Storage in Google Drive: Each employee who has an account registered with Google Workspace business will also be allocated a Google Drive account. And, in Google Workspace Business, an unlimited amount of space in Google Drive is on offer. Individuals can securely store all the files they ever need in the cloud and separate Teams accounts can also be set up.

Compatibility Across Devices: Whether you are using a laptop, mobile device or desktop, Google Workspace Business will work seamlessly across these different devices. A mobile device user can, for example, share and edit a spreadsheet with a remote colleague working on a desktop PC. The environment this creates is consistent for all users and ensures that productivity is optimized for all employees.

Powerful Automation: Using advanced AI, Google Workspace Business can automate simple tasks such as arranging appointments and scheduling meetings. Make Remote Working Easier with these PC TipsNaturally, this saves time for your business and allows it to be invested elsewhere. Additional features allow you to take advantage of autocomplete in Gmail to complete sentences while Google Sheets can carry out in-depth data analysis.

Enhanced Security: One of Google Workspace Business’ most crucial tools is Endpoint Management. This security suite grants you the power to manage multiple security settings, erase data from stolen devices, limit user access and many more powerful features. It’s an important feature in the world of remote working and guarantees you peace of mind that your digital workplace is secure.

For more ways to secure and optimize your business technology, contact your local IT professionals.

The Best Plugins for Browsing Safely in Chrome

Chrome, Google, Ophtek, Plugins, Securitychrome, google, Ophtek, PluginsOphtek, LLC

Dec 2019

Google’s Chrome browser is a popular browser and one that it is relatively secure. But it can be made even safer with the correct plugins.

It’s estimated that over half of all web traffic goes through Chrome browsers and this popularity is down to its innovation and simple interface. However, the success of Chrome has made it a target of hackers. And this has been highlighted by the recent WizardOpium vulnerability which required a swift patch from Google. There’s added danger for Chrome users from more generalized online threats such as malicious websites and data security concerns. Thankfully, help is at hand for web users in the form of security plugins.

And, to help you enhance your Chrome experience, we’re going to examine the best plugins for browsing safely in Chrome.

What is a Plugin?

You may not be familiar with plugins, so it’s probably a good idea that we start by explaining them. A plugin is a piece of software which, as the name suggests, ‘plugs in’ in to your browser. Acting as an additional software component, a plugin adds extra features to your browser. The types of plugin availability aren’t just limited to security features either. Adobe’s Flash player, for example, is probably one of the most well-known browser plugins.

Chromes Best Security Plugins

It’s now time to take a look at the best plugins for browsing safely in Chrome:

Ghostery: A privacy ad blocker, Ghostery grants Chrome the opportunity to block adverts and stop data trackers from harvesting your data. The plugin allows you to customize which ads and trackers remain active whilst blocking the more suspicious ones. And, best of all, by blocking ads and data trackers you will speed up the load time of webpages.
Web of Trust: It’s estimated that there are up to 18.5 million malicious websites online, so you need to be careful where you browse. With a plugin such as Web of Trust you can maximize your safety. Not only does Web of Trust advise you when you land on an unsafe website, but it also displays ‘reputation’ icons next to the results generated by search engines.
Blur: Passwords are a crucial element of safe web browsing, but they need to be kept secure. If your passwords are compromised then you’re at risk of having your personal data stolen. Blur helps you to avoid this. It’s a powerful plugin which can generate strong passwords while also encrypting and saving them. This ensures that there’s no need to memorize or write down you passwords; you can just click and go.
HTTPS Everywhere: The best websites are those with a URL which starts with https rather than just http. The additional S of https indicates that it’s a secure website. However, if you have installed the HTTPS Everywhere plugin then, in most cases, it will be able to automatically switch a http site to a more secure https version.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Category Archives: Google

What is a Plugin?