Trickbot Malware Shows that Hackers are Getting Cleverer

Hackers, malware, Ophtek, Spam, , , ,
21
Jul 2020

Malware is a thorn which we find in our sides on a regular basis. But what happens when this thorn becomes even harder to tackle? The answer is Trickbot.

First released in 2016, Trickbot has made its name by using a variety of attack methods. The malware has been shown to steal Bitcoin, target banks and harvest login credentials. Naturally, this makes it a very dangerous piece of malware. But as with a virus that attacks humans, this malware is constantly changing its DNA. New features have regularly been added to Trickbot which not only makes it harder to detect, but also makes it more dangerous.

Trickbot has the potential to cause significant damage to your IT setup, so it’s important to know what you’re up against.

The Lowdown on Trickbot

The most common infection method used by Trickbot is through the use of malicious spam campaigns. Emails that pretend to be from financial institutions are used to distribute infected attachments and URLs that the victims are urged to action. And, once the payload has been activated, it’s unlikely that the victim will be aware. Trickbot will communicate with a remote command and control centre almost silently and, at the same time, infect other PCs on the same network.

Trickbot’s Latest Trick

As we mentioned earlier, the hackers behind Trickbot thrive upon their ability to evolve the malware. And their latest upgrade to Trickbot is both innovative and deceptive. This is most keenly demonstrated by its ‘anti-virtual machine’ strategy. One of the safest ways for security professionals to analyze malware is within a virtual machine environment. Therefore, in order to hide its operations, Trickbot will stop working when it detects a virtual machine.

And, believe it or not, one of the simplest ways to do this is to analyze the PCs current screen resolution. Any screen resolution that is set to 1024×768 and below will cause Trickbot to terminate its operations. This means that security researchers using a virtual machine to will draw a blank. This is a very clever technique and is one that allows Trickbot to reactivate once the PC is restarted into a higher resolution.

How Do You Stop Trickbot?

Anti-malware software such as Malwarebytes is capable of detecting and removing most strains of Trickbot, but there will always be a slight delay when it comes to new strains. And, of course, you should never rely on removing infections as the best strategy for defense. Instead you should make every effort to prevent infection in the first place. This can be achieved in the following ways:

  • Evaluate All Incoming Emails: It’s essential that your staff is aware of the dangers of phishing emails. Thankfully, the tell-tale signs are easy to detect and, with this knowledge to hand, it should become much harder to fall victim to Trickbot. 
  • Avoid Malicious Websites: Given their deceptive nature, it’s easier said than done to avoid malicious websites. However, it’s crucial that you have the ability to identify malicious websites. This will severely limit the chances of downloading malware such as Trickbot. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Taking Care of your External Hard Drive

Backup, Backup Strategies, Data Storage, External Hard Drive, Ophtek, , ,
14
Jul 2020

We process and evaluate a huge amount of data every day, so external hard drives are vital for our storage needs. But how do we get the best out of them?

Capable of holding up to 12TB (that’s 12,000GB) and easily connected via USB, external hard drives are an affordable solution to data storage. However, when a device is holding so much data it’s important that you know how to use it properly. An external hard drive which is used correctly and maintained will keep your data safe for years. But one which is mismanaged can soon lead to a data disaster. And no business needs that.

Luckily, we’ve put together a few pointers on the best ways to use an external hard drive.

Getting the Best Out of Your External Hard Drive

Making sure that your device remains operational and productive is simple as long as you follow these best practices:

  • Don’t Move Your Drive When Transferring Data: Beneath their solid exterior, external hard drives are delicate pieces of kit. This is particularly true for Hard Disk Drives which contain spinning and moving parts. Therefore, moving or jostling your external drive when it is transferring data has the potential to not only damage the device, but also create data errors. Make sure that your device is properly connected, on a flat surface and not in the way of your general PC activities e.g. using the mouse and keyboard. 
  • Format Your Drive as NTFS: There are many reasons for formatting your external hard drive, but it’s important that you format your drive as NTFS. Using this method, as opposed to FAT32, is perfect when your device is mostly used with Windows PCs. NTFS formatting provides faster results and has the added bonus of making your drive less susceptible to disk failure. 
  • Run CHKDSK: Better known as Check Disk, CHKDSK is a handy system tool which should regularly be used to check the status of your external drive. It has the capacity to identity any file system errors and repair them. This gives you the dual benefits of a stable folder structure on your device and less chance of it crashing. 
  • Better to Repair than Replace: It can be frustrating when an external hard drive fails, but it’s often simpler to replace a troublesome device rather than repairing it. The labor, and associated costs, to repair an external hard drive will usually be more expensive than a replacement. And, as our next point will show, this shouldn’t compromise your data too much. 

If you can follow the advice above then you should be guaranteed a hassle-free experience with your external drive. And you can rest assured that your data will be safe and available at all times.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Major Spyware Risks Found Within Google Chrome Add-ons

extensions, Ophtek, Security, Security Threats, , ,
07
Jul 2020

Google’s Chrome is the most widely used browser on the internet, but this dominance also makes it a major target for hackers.

The popularity of Chrome means that it’s a vital asset for PC users and this applies to both domestic and business settings. One of the major advantages of Chrome is that it’s supported by a vast database of add-ons. These add-ons, which are coded by official developers or third-party coders, can be installed within seconds and provide an enhanced browsing experience. But the ease with which these add-ons can be released makes them a security risk.

This risk has been brought into sharp focus by a security lapse which has led to 32 million downloads of malicious spyware. And this startling figure is why we’re going to take a closer look at the situation.

What is a Chrome Add-on?

You may be wondering what a Chrome add-on is and it’s a good question which we will quickly cover. Add-ons, also known as extensions, allow users to modify Chrome in a way which adds extra features and accessibility e.g.  Save to Google Drive. The add-ons are built using web technologies such as JavaScript and are embedded into the user’s browser where they can be turned on and off.

How Has Spyware Infiltrated Chrome Add-ons?

Security researchers have discovered that a number of Chrome add-ons have not been delivering the benefits they promise. These particular extensions, available for free, advertise themselves as providing services which include converting files to different formats and warning about malicious websites. However, these add-ons contain a nasty surprise in the form of spyware. And this spyware has been used to record browsing data and login credentials. Around 70 suspicious add-ons, all uploaded with fake contact details, have been identified and since removed by Google.

How Can You Protect Yourself Against Malicious Add-ons?

The busy digital age we live in means it’s easy to lose focus with what’s happening on our screens. But vigilance is crucial when it comes to threats such as malicious add-ons. Therefore, it’s important that you practice the following when working with extensions:

  • Check Permissions: Whenever you install an add-on it will detail the permissions that it requires to run. These could range from asking for permission to access your hard drive through to analyzing your browsing data. An add-on which asks for a large number of permissions should immediately ring alarm bells. Most important, however, is the nature of these permissions. Anything which feels too invasive should be declined and an alternative sought. 
  • Audit Your Add-ons: It’s always a good idea to monitor the add-ons you have installed in your browser. Any that you deem as no longer necessary should be removed; auditing your add-ons should be carried out every month. This will ensure that your browser does not become bloated with add-ons and minimizes the risk of rogue extensions being present. 
  • Ask a Professional: If in doubt, always reach out to an IT professional before installing an add-on. Their experience of identifying malicious software will allow them to quickly determine whether it is safe or not. And, don’t forget, only ever consider an add-on which provides an invaluable benefit. Otherwise it is recommended to continue without it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Best Ways to Keep Your PC Organized

Best Practices, Ophtek, Organize, PC, Security, Updates, , , , ,
30
Jun 2020

The workplace can be a very stressful environment, so it’s vital that you keep organized. Key to this organization is a PC which doesn’t cause you stress.

It’s likely that your PC is your most important tool at work. After all, they can do almost anything from creative tasks through to data handling and communicating. But this is only possible if your PC remains organized. A badly organized PC will not only hinder your productivity, but it can have a negative impact on the health of your system.

The best workplaces avoid these shortcomings by making sure that employees follow simple, yet effective methods for organizing their PCs. And, as luck would have it, we’re going to share these with you today.

Keeping Your PC Organized

You don’t need a degree in computer science to keep your PC organized. You just need to follow these best practices:

  • Tidy Up Your Desktop: A cluttered desktop quickly becomes difficult to navigate, so it’s crucial that you keep it tidy. Ideally, your desktop should only ever contain shortcuts to the apps you use the most. Saving random files to your desktop may seem quick in the short term, but, in the long term, it makes finding everything on your desktop more difficult. 
  • Audit Your Files: No two files are the same and, accordingly, they will all have different lifespans in terms of usefulness. A spreadsheet on outgoing costs, for example, is likely to be something you regularly use. But a spreadsheet detailing a one off order is going to experience less usage. Therefore, it’s a good idea to regularly go through your files and see which can be archived and which should be kept on your system. This will free up storage on your PC and allow you to find useful files more quickly. 
  • Use a Structured Folder System: Structure is the backbone of all organization and, as a result, it should be integrated into your folder system. And this should be more extensive that just moving everything into My Documents. Everyone, of course, will need and want a different system as our brains all work differently. But what’s crucial is that you breakdown all your files into their simplest terms e.g. specific client names and then into increasingly specific folders such as customer orders, correspondence and contact details. 

Final Thoughts

A well- organized PC allows an employee to work to their full potential. It’s essential that all your employees are in this position as it will provide a massive boost to your productivity. Best of all, the most effective solutions are also some of the easiest to implement. However, consistency is crucial when it comes to organization, so make sure these best practices are regularly followed.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Beware of Fake Resumes Packed with Malware

Hacking, malware, Ophtek, Security, Zloader, , , ,
23
Jun 2020

Hackers are keeping busier than ever and evolving their strategies almost daily; their latest method for attack is to target the humble resume.

Ask any HR professional to tell you how many resumes they receive in a week and they will be able to show you a mountain of them. Even in a business landscape which has changed dramatically over the last 20 years, a resume remains a crucial calling card for employment. And this is why hackers are keen to exploit them. It’s not just that a resume can easily be loaded with malware, it’s more that organizations are so familiar with them they are unlikely to suspect them.

Hackers, of course, thrive on complacency, so it’s time to take a look at what could be lurking inside that next resume.

Malware Laced Resumes

Resume themed scams are on the rise in the US and this latest installment centers around the use of the ZLoader malware. As with many strains of malware, ZLoader is designed to steal credentials. These credentials can include stored passwords and browsing histories, but also banking credentials. And what’s most concerning is that many of these infected resumes are being sent to financial institutions.

But what exactly do these compromised resumes look like? And how are they activated? Well, this is what happens:

  1. Recipient receives an email with a title along the lines of “Job Application” or “Advertised Job”.
  1. Upon opening the email, the recipient is encouraged to open an attached Excel document which claims to be a resume.
  1. If the Excel document is opened, the recipient is then prompted to activate a macro to enable the content.
  1. Unfortunately, activating the macro will only enable a download of the ZLoader malware to the recipient’s PC.
  1. One of ZLoader’s main attack strategies is to infect systems with a malicious app called Zeus which can record keystrokes and steal banking information.

How to Tackle Suspicious Resumes

ZLoader is a form of malware which has been around for several years now. And, thankfully, this means that many anti-malware tools are effective at identifying it and eliminating it. However, if ZLoader is only active for a few minutes it can steal valuable and damaging information. Therefore, it’s always advisable to practice the following:

  • Be Wary of Attachments: Even the most trusted source can be compromised and at the mercy of digital attacks. Say, for example, you receive a resume from a friend – does this mean you should open it without a second thought? The answer is no and this is because your friend’s email address could easily have been hacked. All email attachments should, as a result, be scanned with anti-virus software or checked by an IT professional. 
  • Never Enable Macros: A macro can be very useful for automating certain processes and features in an Office document. But this also makes them perfect for launching malware attacks. If you are ever prompted to enable a macro within an Office document you should verify that it is safe to run. And, again, this should be verified by an IT professional who will have more experience with malicious macros.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 40 41 42 43 44 57