malware Archives - Page 15 of 29

Online COVID-19 Scams to Be Aware of

Covid Scams, Hacking, malware, Ophtek, Security, Security ThreatsCovid Scams, hacking, malware, Ophtek, securityOphtek, LLC

Jan 2021

COVID-19 has changed the way we live our lives and, not surprisingly, hackers are trying to take advantage of the fear factor behind the virus.

No aspect of life is off-limits to a hacker; if they can turn a situation to their advantage then they will. And this means that all sense of morals and ethics go out of the window. COVID-19, of course, has caused great fear and panic since it emerged, so it’s a subject people take very seriously. And it’s this investment in fear that hackers are looking to exploit. As with most online scams, if it sounds too good to be true then it usually is. But some people are willing to take a risk when COVID-19 is mentioned.

COVID-19 Scams to Look Out For

You should be aware of the usual online threats to look out for, but here are the specific COVID-19 scams you should be aware of at the moment:

COVID-19 Vaccine on the Dark Web: Now that vaccines have been approved in the fight against COVID-19, hackers have decided to exploit this demand. And that’s why it’s now possible to find listings for the vaccine on the dark web. Naturally, you should never buy medicine online unless this has been approved by your healthcare professional and the site is genuine. Very little on the Dark Web – an encrypted form of the internet – is genuine, so any marketplace listings that promise a COVID-19 vaccine should be dismissed.

Fake COVID-19 Mapper: Everyone has been intrigued as to the behavior of COVID-19 and its spread, so the opportunity to monitor its spread is appealing. However, hackers have used this curiosity to help spread their malware. Researchers have discovered a PHP malware dropper which disguises itself as a piece of COVID-19 mapping software. Using a compromised website, hackers encourage visitors to download and install the mapping software. But all that is installed is software which downloads further malware.

Sinopharm Vaccine Presentation: The story and science behind each vaccine is of great interest to most of the population. After all, vaccines make for a strong debate at the best of times. But the sudden emergence of COVID-19 has really focused our attentions. The Sinopharm vaccine from China is a legitimate vaccine, but hackers are using a PDF file containing presentations to hide a malicious payload. Lurking within the PDF is the Zebrocy malware which steals data from infected users and uploads it to remote servers.

How to Combat COVID-19 Scams

The urge to click on sensational news and promises regarding COVID-19 is strong, but it’s crucial that you think long and hard before clicking. There are numerous COVID-19 scams in the digital wild and they are only going to get more sophisticated. As with all online scams and malware, make sure you practice the following:

Verify Links Before Clicking: It’s very easy to design a link which sends you somewhere else instead of where the URL promises. However, it’s equally easy to discover the true destination of this link. Therefore, always hover your mouse cursor over email and website links to display the true URL contained within.

Run Anti-Malware Software: One of the surest ways to stop malware is by using anti-malware software on your PC. These apps are regularly updated to the latest threats and can provide instant protection.

Install all Updates: Malware often takes advantage of outdated software, so make sure that all your software is up to date. All you need to do is install all updates and upgrades as soon as they become available – your PC should automatically prompt you to install these when available.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Five Signs That You’ve Been Hacked

Hacking, malware, Ophtek, Security, Security Threatshacking, malware, Ophtek, security, vulnerabilityOphtek, LLC

Dec 2020

Having your organization’s network breached is a major cyber disaster, so identifying a breach quickly is crucial. But how do you know you’ve been hacked?

Protecting your organizations networks and data is essential, but with the huge number of hacks taking place it’s not easy. And if a breach occurs this can cause multiple problems for your business such as data theft, ransomware demands and damaged networks. When it comes to these attacks then there’s one factor which is essential: speed. The sooner you realize you have been hacked, the sooner you can set about cleansing your system. Hackers may be evolving their methods to become even stealthier, but there are still certain tell-tale signs that you’ve been hacked.

You may not be aware of these indicators, so we’re going to share five signs that you’ve been hacked.

What Are the Signs of Being Hacked?

The most obvious indicators of your PC being hacked are the following:

Password Not Working: One of the simplest signs of falling victim to a hack is when your password isn’t working. Sure, there’s a chance that you’ve mistyped it or simply forgotten it, but alarm bells should start ringing if you’re convinced you’ve got it right. And, if you have activated two-factor authentication and this is also not working, it’s likely your login credentials have been breached.

Your Browser Keeps Redirecting: If you discover that your internet browser is behaving strangely then this is a sign you have been hacked. Your browser should, for example, open up with either your company home page or Google, but a hacked browser is likely to take you straight to a malicious website. Such a website will prompt you to download files in an attempt to infect your PC with malware. If this happens then you need to close the browser as soon as possible and advise an IT professional.

Your Anti-malware is Disabled: It’s unlikely that you will ever need to disable your anti-malware software, so any indication of this being disabled could signal a hack. After all, hackers want to make their life as easy as possible. Therefore, if they take control of your PC, the simplest way to download malware undetected is to disable your defenses. Make a point of regularly checking the status of your anti-malware software to stay safe.

A Mouse Cursor With a Mind of Its Own: Your mouse cursor should, if you’re not moving the mouse, stay still. You may occasionally get a small amount of movement from hardware issues, but any significant movement indicates a hack. If your PCs defenses have been breached then hackers can easily take control of your PC. And this can be evident from unauthorized activity taking place on the screen. So, if you find that applications are being launched without your permission, power off your PC and immediately get it investigated.

Your PC is Slowing Down: A PC can slow down when it’s processing multiple tasks at once, but one which is slowing down for no particular reason is one to be suspicious of. It could be, for example, that your PC has fallen victim to a botnet and your PCs processing power is being harnessed for attacks elsewhere. If, after restarting your PC, it continues to lag then it’s critical that you take the necessary measures to isolate that PC before looking deeper.

For more ways to secure and optimize your business technology, contact your local IT professionals.

PowerPepper Malware is the Master of Evasion

attachments, malware, Ophtek, PowerPepper, shell terminalsmalware, Ophtek, PowerPeppet, security, vulnerabilityOphtek, LLC

Dec 2020

There’s only one thing worse than malware and that’s malware which is difficult to detect. And PowerPepper is incredibly difficult to detect.

Discretion is one of the most crucial aspects of any form of hacking. A well-executed hack should remain invisible to the victim for as long as possible. Such a scenario allows a hacker to cause maximum damage and also gives them time to cover their tracks. Thankfully, good security practices should either eliminate this risk from happening or, where anti-malware apps are in place, provide an early warning. But hackers are well aware of these defenses and are constantly trying to outwit them.

The emergence of the PowerPepper malware demonstrates that hackers have (temporarily) succeeded in hiding their activities better than ever before.

What is PowerPepper?

PowerPepper, discovered and named by Kaspersky, is a new strain of malware which is believed to have been designed by hacking group DeathStalker. Active since 2012, DeathStalker has made a name for themselves by developing numerous strains of innovative malware. Complex delivery chains are their trademark, but what really stands out is their dedication to evading detection. And PowerPepper is the latest development in DeathStalker’s abilities.

First discovered in May 2020, PowerPepper allows hackers to carry out shell commands from a remote location. But what is a shell command? It’s not something that the average PC user will ever carry out, but a shell command allows you to control your computer by using commands entered with a keyboard through special apps such as Terminal. Naturally, this is a highly valuable app to exploit and DeathStalker have made sure that PowerPepper is not detected. It does this by filtering the clients MAC address, tailoring its processes to deceive anti-malware tools and evaluating mouse movements.

For PowerPepper to take hold, of course, it needs to get on to a victim’s PC. And it does this through a variety of spear phishing campaigns. These attacks utilize both malicious links and email attachments in a number of ways aimed at reducing detection e.g. hiding malicious code in embedded shapes in Word documents and using compiled HTML files to obscure malicious files.

How Do You Protect Your PCs?

PowerPepper has already gone through a number of changes since it was first discovered, so keeping on top of it is difficult for even the most knowledgeable PC user. However, there are plenty of preventative measures you can take:

Install all Updates: One of the surest methods to protect your PC systems is by ensuring all their software and hardware is up to date. This is easily achievable by installing all the relevant updates your system needs. The last thing that you want to present malware with is a back door entry point, so eliminate this by installing all updates.

Restrict Access to Shell Terminals: There’s little need for your PC users to have access to shell terminals, so it makes sense to restrict this access. By removing this privilege you are also removing the risk of hackers taking control of such a powerful app.

Be Wary of Attachments: Malware such as PowerPepper makes its way through the digital landscape thanks to a lack of vigilance on the part of PC users. This is most often demonstrated by opening malicious email attachments. Therefore, it’s crucial to evaluate all email attachments before opening them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

How to Stop Your PC Crashing at Startup

Ophtek, pc crash, pc startup, startup problemsmalware, Ophtek, pc crash, pc startupOphtek, LLC

Nov 2020

It’s highly frustrating when a PC crashes during the startup process. However, there is always a reason behind every crash and this means it can be fixed.

All we want at the beginning of each day is an easy start, so a PC which boots up quickly with no problems is a big help in this respect. But a PC which struggles to startup correctly can seriously set you back. Not only does it leave your frustration levels skyrocketing, but it puts the brakes on your productivity. A PC, of course, is a complex device and occasional problems should be expected. Thankfully, PCs operate on logic, so rectifying a startup problem is simply a case of identifying where this logic has failed.

The Most Common Startup Problems

To help you overcome your startup woes, we’re going to examine the most common reasons why your PC is crashing at startup:

No Bootable Medium: If you are confronted by a black screen containing a message along the lines of “No Bootable Medium Found” then you are going to have a problem. What it means is that your PC is unable to boot from the hard drive it is programmed to. It could be that the order in which your PC is designed to boot from has become corrupted e.g. your PC heads straight to your D: drive rather than the C: drive. This can easily be checked and amended in your PC’s BIOS setup – this can be accessed by pressing a designated F key as your PC powers up.

Missing Files: If Windows is missing just one file then it can cause major problems for your PC. So, if a file has been mistakenly been deleted or moved from its correct location, it’s likely that problems will be around the corner. And this can include issues with your startup process. The simplest way to deal with these incidents is by repairing your Windows installation. In Windows 10 this can be initiated by running the ‘Reset This PC’ tool. However, it’s likely you will need to boot Windows in Safe Mode to access this if you are already having startup issues.

Malware: There are many types of malware which can cause your PC to crash during startup, so it’s important to consider this. Naturally, the only way to remove this problem is by removing the malware. But how can you do this when you can’t get into Windows? Well, again, this is where Safe Mode comes in. Although Safe Mode only gives you limited access to normal Windows operations, it does give you access to antivirus software. Therefore, you have the chance to eliminate any malware and restore your startup.

Hard Drive Data Cable: Your PC needs to be able to access your hard drive in order to boot up Windows, but problems can quickly occur if this access is restricted. And a failed hard drive data cable is one of the surest ways for this to happen. If your PC is regularly freezing at startup or entering reboot loops then it makes sense to try replacing this cable. If this solves the problem then you are good to go and, if it doesn’t, then you can investigate further solutions.

For more ways to secure and optimize your business technology, contact your local IT professionals.

The Malware That Cannot Be Deleted

Kaspersky, malware, Ophtek, Security, Trojansmalware, Ophtek, security, trojanOphtek, LLC

Oct 2020

Removing malware threats from your PC is the simplest way to keep it safe from the attentions of hackers. But what happens when you can’t delete it?

Anti-malware software is fantastic at providing you with a means of removing malware from a PC. It can quickly scan your PC for threats and delete them with the minimum of fuss. But the ease with which malware can be removed has provided hackers with an appetizing challenge. What if they could create a strain of malware which couldn’t be deleted? It’s been the holy grail for malware developers since the first virus was created. And it’s a quest which has now been achieved.

A form of malware that cannot be deleted presents many problems for PC users, so let’s take a look at what it consists of.

The Invincible Malware

The unnamed malware was recently discovered by security giants Kaspersky and has left even them scratching their heads at its origin and construction. What they do know is that it’s a highly persistent threat and one that has been designed to resist deletion. It succeeds with this strategy as, rather than targeting a PC’s hard drive, it focuses its attack on a PCs motherboard. In particular, this new malware targets PC’s Unified Extensible Firmware Interface (UEFI). The approach of exploiting the UEFI is novel as it is involved in booting up a PC. Therefore, it is separate from your hard drive and will remain untouched by any operating system reinstalls.

Once the UEFI malware is in place it acts much like any conventional malware. Its first task is to create a Trojan file in the Startup folder under the name of IntelUpdate.exe. Without some in-depth investigation, the average PC user is unlikely to know this is even present. But even if it is noticed, and a user decides to delete it, the IntelUpdate app will simply reinstall once the PC is rebooted. And it’s an app which will cause your PC further troubles. IntelUpdate will not only install further malware, but it will spy on your PC activity and transmit data and files back to a command and control server which appears to be located in China.

How Do You Defeat the Undeletable?

The prospect of a malware strain which cannot be deleted may leave you wondering how you can ever be protected from it. Thankfully, it can be deleted, but not by conventional means. Security tools are now available from firms such as Kaspersky and Microsoft which scan firmware on PCs. It’s recommended that you upgrade your anti-malware tools to include this option to counter this new attack strategy. The means by which this latest malware is spread is currently unknown, but it’s recommended that you follow these security tips to maximize your defenses:

· Install all updates and patches as soon as your PC prompts you to do so · Practice vigilance when dealing with incoming emails which contain attachments and links · Make sure that your workforce understand how to create strong passwords

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 … 13 14 15 16 17 … 29 Next »

Tag Archives: malware

COVID-19 Scams to Look Out For

How to Combat COVID-19 Scams

What Are the Signs of Being Hacked?

What is PowerPepper?

How Do You Protect Your PCs?

The Most Common Startup Problems

The Invincible Malware

How Do You Defeat the Undeletable?