How Safe Is Your Bank?

Recently, an article appeared on the Financial Times website entitled "Bank firewalls cracked by cyberhackers". The title of the article makes it seem like the bank was compromised when, in fact, they had not. The title is misleading, as the rest of the article shows how cyber-criminals use sophisticated malware to steal funds from people. A person may naturally wonder how safe his or her bank really is. The fact is, bank websites are very secure. Inter-bank transactions are also very secure. So secure that the easiest way to bypass security is to install malware on a person's computer.

Read more...

0 comments - Posted by Wade Burchette at 8:19 PM - Categories: Security

When Windows Logs In and Then Immediately Logs Out

Sometimes, a virus or malware will modify the registry so that when you log in, a malicious file is processed instead of the standard windows file. There are several types of viruses that do this. Fortunately, the fix for all is the same.

When Windows logs in, a file listed in the registry is processed first. (More on this in the fix.) If that file is not there or is corrupt, then Windows logs out right away. What happens is a virus changes the file which Windows looks for when logging in, and then something else deletes or renames that file. The result is the log in, log out routine. This is something found on Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows Server 2003, Windows Server 2008, and Windows Home Server. The file that should be loaded is the userinit.exe file. However, even that file may be replaced with a malicious one.

Read more...

Posted by Wade Burchette at 1:50 PM - Categories: Computer Repair Notes | Security

The Danger of Illegal Software

Imagine if you were able to obtain a $1500 piece of software for free. Sounds good, right? The problem is, the software has been hacked and modified and when you download it, it is not with the permission of the company who made it. Software piracy is a big problem for companies. One thing you can add to that is pirated software may have more than you bargained for. Pirated software, music, and movies may contain a viruses or something worse. The simple fact is, except in a rare few cases, getting something that costs money for free or a greatly reduced price is probably illegal in some way and if it is a computer file it has a good chance of containing a virus.

Read more...

Posted by Wade Burchette at 12:48 PM - Categories: General | Security

iPhone Worm in the Wild

The first iPhone worm is spreading in the wild. But before you panic, the only iPhones that are affected are ones modified to run programs Apple does not or will not support and if the phone has SSH installed. SSH is a standard which provides secure networking between two devices. The practice of modifying the iPhone to allow any program to run is called jailbreaking. This term, jailbreak, is a reference to breaking free the lockdown that Apple puts on everything (the jail). Finally, a worm is a malicious program that is able to spread itself automatically. A worm is different than a virus because a virus requires a host program before it can spread whereas a worm is its own program. Since the iPhone and iPod Touch are so similar, this worm also affects the iPod Touch.

According to the security firm Sophos, the worm puts a picture of Rick Astley as your background, an 80's pop-music icon with the hit "Never gonna give you up". Sophos analyzed the worm and discovered that the author was trying to prove a point: iPhones are not immune to security problems so don't be an idiot and assume you are safe. The SSH program installed on the iPhone has a default password of alpine and many people who installed it never bothered to change that password. So this worm simply looked for another iPhone or iPod Touch device with SSH installed, tried the default password, and then spread itself. In the code for the worm, the author wrote as a comment: "People are stupid, and this is to prove it is so".

Malicious software always starts small like this. The gauntlet has been thrown down, which means that someone will try to one-up this and do something worse. Success always inspire more attacks. Hackers target the most popular device out there, simply because it provides a much greater chance of success. For computers, this means Windows based computers. For mobile phones, this is going to be the iPhone. This is the start of something worse. It will still be a long time before you will need to buy antivirus software for your iPhone, but it will be a requirement one day.

Reference: Sophos blog on the iPhone virus

Posted by Wade Burchette at 10:00 AM - Categories: Security

Scareware on the Rise

Scareware, malicious software that attempts to scare you into paying a fee, is the latest fad. The authors of this malware are becoming more brazen. The latest fake antivirus programs may now claim that your identity has been stolen or compromised. Most likely, this is nothing more than a hoax. There are many things you should be aware of when it comes to computer security.

Read more...

Posted by Wade Burchette at 8:22 PM - Categories: General | Malware | Security

A New Type of Botnet

Cyber criminals are always adapting. It seems like they are always two steps ahead of any protection. While there are a few amateurs out there, many cyber criminals are organized and very good. They have learned to exploit the biggest security weakness: people. They also have the time and resources to probe for every little security hole in a software. Operating systems are amazingly complex; it is impossible with today's technology to find and secure every weakness. No system is immune, despite what the ads or zealots say.

The newest trick of the cyber criminal is to control his botnet using unsuspecting victims social networking accounts, such Facebook and Twitter. This new trick makes it harder to track a cyber criminal and even harder to shut down his botnet.

Read more...

Posted by Wade Burchette at 9:30 PM - Categories: Malware | Security

A New Kind of Ransom Malicious Software

There is a new kind of malware in the wild. Ransomware is a type of malware (malicious software) that does something to your computer for ransom. In the past, this ransomware encrypted files on your hard drive. The only way to recover these files is to pay the ransom or retrieve it from a backup. Of course, encrypting files is no easy task. That is why this is not common. Well, a new form of ransomware is not as complex as previous ransomware.

This new type of ransomware displays an annoying banner at the bottom of your browser. This banner has an advertisement to a pornographic site and an image for that site. (Don't worry, the reference link does not have any porn images.) The idea is to hold your browser for ransom until you send a SMS text message to someone in Russia. The tactic is very similar to scareware, software that tries to scare you into giving someone money. Scareware is usually done by a fake antivirus program. This ransomware basically hijacks your browser until you give up some money.

It is always important to be on guard against malware. Even Macs are vulnerable to viruses and malware. Many websites that plant malware on your computer are now checking to see if the computer is Windows or Mac. Dubious porn websites are a major source of malware. Malware programs are also often planted on social networking user pages. Never assume you are safe.

References:
http://www.symantec.com/connect/blogs/browsers-and-ransoms

Posted by Wade Burchette at 2:38 PM - Categories: Malware | Security