malicious websites Archives - Page 2 of 3

5 Forms of Hacking Which You May Not Be Familiar With

Free WiFi, Hacking, malicious code, malicious extensions, malicious links, malicious websites, Ophtekmalware, Ophtek, phishing, public wifi, ransomware, security, vulnerabilityOphtek, LLC

Jun 2022

All organizations are at risk of being hacked, and that’s why we’re familiar with the most common forms of hacking. But what about the lesser-known hacks?

With 300,000 new strains of malware being created every day, it comes as no surprise to discover that some of these are less familiar than others to PC users. And it’s this lack of familiarity which makes them so dangerous. Not only is it harder to be on your guard against them, but there’s also the small problem of not knowing how to remove them from an infected system. However, a little bit of education goes a long way. And that’s why we’re going to give you the lowdown on 5 forms of hacking which you may not be familiar with.

The Hacks You Need to Know About

Attack strategies such as phishing and ransomware are well known, so it’s time to learn about the lesser known cyberattacks you need to be prepared for:

SQL Injection Attacks: SQL is a common coding language used to design and manage databases, many of which are connected to a public facing website. Typically, these databases will hold significant amounts of secure data e.g. personal details and financial information. As a result, these are highly attractive targets for hackers. Attacks are made on these databases by injecting malicious SQL code and manipulating the server’s responses in numerous ways. This strategy allows hackers to gain access to unauthorized information and steal it.

Man in the Middle Attacks: using compromised IoT devices, or simply taking advantage of poorly secured public Wi-Fi, a Man in the Middle Attack allows threat actors to access your network connections. It’s a scenario which grants hackers the opportunity to monitor your communications and data transfers in real time. Therefore, confidential data can be stolen and traffic redirected with ease.

Brute Force Attacks: this is one of the oldest hacking strategies devised by hackers, but it doesn’t grab the headlines in the same way modern threats such as ransomware do. However, it remains an effective strategy, and one which is only getting more sophisticated. As the name suggests, brute force attacks launch a relentless campaign whereby a bot will try numerous login credential combinations until it finds the correct one to breach your security.

DNS Cache Poisoning: a DNS server takes domain names, such as ophtek.com, and translates them into an IP address which can be used to deliver data between two points. However, if a threat actor identifies a vulnerability in a DNS server, they can inject false data into its cache. This ‘poisoning’ of the DNS cache means that internet traffic will be directed away from its intended location, and this will most commonly be re-routed to a malicious website.

Fake Public Wi-Fi: hackers will go as far as setting up a fake public Wi-Fi which uses your company’s name or one that sounds similar. For example, a visitor to a Starbucks café, may detect a wireless network with a name such as “St@rbucks Free Wi-Fi” and assume it’s genuine. However, connecting to a public connection such as this opens a whole world of potential trouble. And, don’t forget, your own employees are also at risk of connecting their work devices to a fake Wi-Fi network, the result of which will expose your genuine network.

As with the most common forms of hacking, understanding the basics of good IT security is the most effective way to minimize the chances of these rarer attacks.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Chrome Users Targeted by Malicious Websites

anti malware, Google Chrome, malicious websites, Ophtek, SecurityAnti- malware, Google Chrome, malicious websites, Ophtek, securityOphtek, LLC

Nov 2021

Google’s Chrome browser is one of the most popular choices for accessing the internet, but this popularity makes it an enticing target for hackers.

A substantial number of business activities are conducted online in the 21^st century. Accordingly, most organizations find themselves accessing the internet with a browser almost every minute of the day. But each time we venture online we open ourselves up to numerous security threats. Malicious websites, of course, are a well-known security risk. At the heart of these threats is a determined effort to conceal their malicious payload. And that’s why a malicious website can be difficult to spot.

Chrome has an estimated userbase of 2.65 billion users and, as such, presents the perfect opportunity for hackers to cast their net far and wide.

How Chrome is Targeted

This latest malware attack specifically targets Chrome users who are running the browser on the Windows 10 operating system. Upon visiting an infected website, Chrome’s legitimate ‘advertising service’ delivers an advert which claims that Chrome requires updating. However, the advert contains a malicious link. Clicking this link will take you to a website entitled ‘chromesupdate’ which is designed to look like an official Google site. Unfortunately, it’s far from genuine.

The only thing that you will be able to download from this malicious website is malware. The payload in question is typical of modern malware, its main objective is to harvest sensitive data and steal cryptocurrency. Therefore, any login credentials you enter, while your PC is infected, can be logged and then transmitted to a remote server. Worst of all, the malware also grants remote access to your workstation. This opens you up to further malware downloads and, potentially, harnessing your machine into a DDoS attack.

How to Protect Your Browsing

Chrome is targeted by this latest campaign due to the manipulation of a Windows environment variable which allows Chrome’s advertising service to be exploited. The simplest way to avoid this attack is by using a different browser. But there’s a much bigger picture at play here. A better approach is to use the browser you are most comfortable with but remain vigilant. To do this, make sure you follow these best practices:

Disable Download Privileges: It’s very easy for a busy employee to lose focus for a second and click on a malicious download. But, in the case of this specific threat, an application update should be something that an IT professional handles. To minimize the risk of malicious downloads taking place, disable download privileges for your employees.

Use Anti-Malware Software: Malicious websites can be detected prior to accessing them thanks to the power of anti-malware software. Backed by huge databases, which are regularly updated, anti-malware software can instantly alert users when they try to access websites known to be malicious.

Don’t Be Rushed: The main strategy employed by malicious websites will be to instill a sense of urgency into their call-to-actions. For example, the threat of an imminent infection if a Chrome update is not installed is designed to create urgency. And it’s this urgency which can catch you off guard. So, if you feel that a website is rushing you into making a decision, always make sure you speak to an IT professional before going any further.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Malware Links Are Being Spread Through YouTube

antivirus software, malicious links, malicious websites, malware, Ophtek, Updates, YouTubeAntivirus software, malicious links, malicious websites, malware, Ophtek, updates, youtubeOphtek, LLC

Nov 2021

YouTube is one of the most popular destinations online thanks to the entertainment it offers. But where there are lots of people, there are always hackers.

Close to 43% of internet users visit YouTube at least once a month, so this is a significant amount of traffic. Accordingly, this presents hackers with a huge audience to target. Hacking YouTube directly is difficult, so hackers are unlikely to succeed in embedding malware into videos. However, you can embed URLs into video descriptions. These are usually used to redirect the viewer to a destination that is related to the contents of the video. For example, a video advertising a brand’s product may include a link to that product in the video description. But the truth is, this link could take you anywhere.

Spreading Malware on YouTube

Using malicious links on YouTube is nothing new, but security researchers have noted that this technique has been growing in popularity recently. In particular, two specific Trojans have been detected: Raccoon Stealer and RedLine. One of the main reasons that hackers have been targeting YouTube is down to the Google accounts they have already stolen. Setting up a YouTube channel requires you to have a Google account, so it makes sense for hackers to take advantage of YouTube.

The fake YouTube channels are then used to host videos related to topics such as VPNs, malware removal and cryptocurrency. Each video will center around a particular call-to-action, most likely involving the download of a tool e.g. a malware removal application. Viewers will be encouraged to download this from the link in the video description. These links appear to either use a bit.ly or taplink.cc address to redirect users to malicious websites. The users are then instructed to download the relevant tool. Unfortunately, all it will download is malware.

This malware is used to scan PCs for login credentials, cryptocurrency wallets and credit card details before transmitting it to a remote server. The hacker behind the attack can then harvest this data and continue to steal further data from the victim.

Remaining Vigilant Online

The number of threats we face daily seems to be rising daily and it may feel that being vigilant online is an exhausting job. However, it’s crucial for your safety that you remember the basics of online security:

Be Wary of All Online Links: Even the biggest and most secure websites are at risk of being compromised. YouTube is one of the most popular sites online and yet it still houses hackers in plain view. Therefore, the likelihood of coming across malicious links online is highly likely. Therefore, verify all links before clicking them. A good way to do this is by highlighting the link, copying it and then posting it into Google to see if it brings up any red flags.

Always Use Antivirus Software: It’s likely, at some point, that you will fall for an infected link at some point. But this doesn’t mean you should remain at the mercy of the malware. You can limit the damage caused by malware by always using antivirus software. This will automatically scan your PC throughout the day and identify any malware. In many cases it will even check all downloaded files and scan them before opening.

Install All Updates: Many strains of malware will rely on your PC being home to vulnerabilities in software and hardware. However, by regularly installing upgrades and patches, you can ensure that these holes are plugged to prevent hackers getting a foothold. Make sure that you set all updates to automatic to give yourself maximum coverage in terms of protection.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Fake Amnesty International Campaign Delivers Malware

Fake Amnesty Int'l website, malicious websites, malware, Ophtek, Pegasus spyware, Sarwent malwarefake websites, malicious websites, malware, Ophtek, pegasus spyware, sarwent malwareOphtek, LLC

Oct 2021

The Pegasus spyware has made headlines around the world, but it appears that the anxieties around Pegasus are being used to spread further malware.

The sophistication behind the Pegasus spyware and the near impossibility of detecting, let alone removing, it has proved to be a fearsome combination. Naturally, many users are becoming increasingly concerned that they could fall victim to it. While Pegasus is only being used to target high ranking individuals, the fact that the technology is available means that no one is safe. Concerns are running high and people are desperate to protect themselves.

This anxiety is now being targeted by hackers who have designed a malicious website which, far from offering protection, is packed full of malware.

The Malicious Website

The website in question has been set up to resemble that of the global humanitarian group Amnesty International. Hosted on this fake website is an application which claims to be an antivirus program capable of protecting users from Pegasus. However, this application is nothing more than a sham. Instead, users will find that they are downloading a strain of malware known as Sarwent. Active since 2014, the Sarwent malware may look like antivirus software, but it’s more concerned with setting up backdoor access, stealing data and accessing users’ desktops.

This version of Sarwent appears to have had its source code tinkered with to make it more effective. It immediately records information about the infected user – such as operating system, system structure and whether antivirus software is installed – and then begins receiving commands from a remote system. Hackers are gifted the opportunity to download further malware, transmit confidential nature to external users and take control of users’ PCs. The attacks have been detected globally with the US, UK, Russia and India all being affected.

Avoiding the Threat of Sarwent

The strategies and methods of attack employed by Sarwent have the potential to cause major damage. While it may not be quite as dangerous as Pegasus, it represents a significant headache to anyone who falls victim to it. You can avoid these IT disruptions by implementing these best practices:

Don’t Download from Unknown Sources: Malicious websites on the internet run into tens of millions and act as major security risks. Allowing employees to download software from unknown sources is a dangerous privilege to have in place. As the fake Amnesty International website has demonstrated, it’s easy to be manipulated into downloading dangerous software. Minimize the availability of download privileges within your organization to maximize security.

Learn How to Identify Malicious Websites: Key to avoiding malicious downloads is by understanding how to identify a malicious website. Always read URLs carefully to confirm whether it is the website it claims to be – spelling mistakes are a classic giveaway. Always hover your mouse over any embedded links to verify where the link will actually send you to. And, remember, if it sounds too good to be true then it probably is. Pegasus is a sophisticated spyware tool and is unlikely to be solved by a basic antivirus app.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Malware Hidden in Fake Microsoft DirectX Download Page

Antivirus, Direct X, fake emails, fake websites, malicious websites, Microsoft, Ophtekantivirus, Direct X, fake emails, fake websites, microsoftOphtek, LLC

May 2021

Microsoft is a name you should be able to trust. But, online, nothing is ever quite as it seems. And that’s why you need to be careful what you click.

DirectX is a crucial component when it comes to processing multimedia materials on Windows PCs. It has been in use for over 25 years now and is an established element of the Windows experience. But it’s this familiarity, and reliance on the software, which makes it the perfect target for hackers. Accordingly, security researchers have discovered a fake web page which claims to carry a genuine version of the software. Unfortunately, the only thing that this download contains is untold trouble and chaos for IT systems.

It’s always important to be aware of the latest threats, so we’re going to take you through the processes involved in this new attack.

Fake Website Spells Danger

The fake website in question has been set up by hackers to look like a genuine site offering a download of DirectX 12 for Windows. The hackers have been careful to disguise the website as genuine by putting some effort into its design. Most malicious websites are basic with the main emphasis being on a download button. While this latest website does rely on a download button, the designers have also included additional pages including: a contact form, copyright infringement details, a privacy policy and a legal disclaimer. This ‘extra effort’ is used in order to create a false sense of security.

Victims of this download scam are likely to find themselves at this website through a number of means: they may have received fake emails urging them to download a new version or they may have found the website through a search engine. Either way, the results of infection are the same. Clicking on the download page will forward users to a remote website where they are prompted to download the software. Two options are put forwards to the user: a 32-bit or a 64-bit version. Both files will then download further malware capable of the following:

Stealing confidential data such as login credentials by recording keystrokes
Unauthorized transmission of user files
Accessing a wide range of cryptocurrency wallets to steal funds

How to Avoid the Dangers of Malicious Websites

The threat of malicious websites is nothing new, but their continued presence online indicates that PC users need continual refreshers on them. Therefore, make sure that your staff practice the following:

Only ever download software from the manufacturer’s official website e.g. DirectX software should only be downloaded from Microsof t. And always double check that the website address is genuine. If in doubt, get an IT professional to verify it.

Understand the dangers of phishing emails and the best ways to identify what is genuine and what is fake.

Install anti-virus software on your PCs that evaluates websites and blocks those that are suspected of being malicious. This is a common feature of almost all anti-virus software and offers you a valuable moment of thought before proceeding.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 2 3 Next »

Category Archives: malicious websites