Tagged: malware Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 9:00 am on November 18, 2019 Permalink | Reply
    Tags: , Disney+, , malware, ,   

    Disney+ accounts are under attack 

    Disney+ accounts are under attack

    Disney+ is the home streaming service brought to you by the Walt Disney Company. It just recently launched and is already seen as a competitor to Netflix. It was hugely successful upon its recent launch and it’s easy to understand why. Not only do they provide the famous Disney catalog but they also own many other entertainment properties such as the Marvel movies and former Fox-owned shows like The Simpsons. That’s not even taking the entire Star Wars franchise into account along with the new Star Wars ongoing series The Mandalorian. Of course, where there’s an online success there are people looking to take advantage of that success and Disney+ is no different.

    Within hours of the launch of Disney+, users were already complaining that they had been locked out of their accounts. These compromised accounts are now up for sale on some of the seedier parts of the web. The accounts are going for as little as $3-$11. Many of these accounts were paid for years in advance leaving those affected with little to no recourse. Basically, hackers were gaining access to the accounts with previously compromised email and password combinations. The hackers then change the login information, locking the account’s owner out before putting the account up for sale.

    If you have a Disney+ account and you’re using a password that you’ve used elsewhere, change your password right away. In general, you should never use the same password twice. As always, we recommend using one of the many free password managers out there. If you were thinking about enabling two-factor authentication on your Disney+ account, unfortunately, you can’t. Disney has yet to offer that feature on Dinsey+. You may also want to do a malware scan on your computer as that’s another popular way that scammers and hackers can obtain your passwords.

    You should be enjoying this service and not having to spend hours with customer service trying to get the issue resolved even if you can.

     
  • Geebo 8:00 am on October 4, 2019 Permalink | Reply
    Tags: , malware, , religion   

    Are religious apps taking advantage of the faithful? 

    Are religious apps taking advantage of the faithful?

    Even some of the oldest religions in the world have taken advantage of the digital revolution. Now, instead of carrying their religious texts with them everywhere many religious practitioners now use digital apps instead. With these apps, passages of inspiration and guidance are just at the tip of their fingers. There are legitimate apps dedicated to whatever religion you may choose to practice. However, that doesn’t mean that every religious app should be trusted as some try to be all-knowing but not in a good way.

    CNET recently did an expose on a number of religious apps in the Google Play Store. It was discovered that religious apps potentially contain more malware than gambling apps. Some of these apps request privacy permissions from users that go above and beyond what any app should be asking for with at least one app sharing personal information with Facebook. These privacy-invading apps do not discriminate as they can be found in apps dedicated to most major religions.

    [youtube https://www.youtube.com/watch?v=PBv6DtRx9yc%5D

    People who practice a religion tend to trust other practitioners of that faith a little more than others. However, there have always been those looking to take advantage of that kindness and faith. While such faith in our fellow man is to be commended there is no shame in being somewhat cynical when it comes to those looking to make a buck or two off of your devotion. While many of these apps purport to make you stronger in your faith, the devil is truly in the details.

     
  • Geebo 8:00 am on October 2, 2019 Permalink | Reply
    Tags: malware, , ,   

    Malware attack targets veterans 

    Malware attack targets veterans

    Most online scams and attacks tend to target vulnerable groups of people such as the elderly, low-income families, and those in desperate need of a home. This new attack is no different, however, it’s targeting a group of people who have not only served their country but often find themselves needing resources more so than many other members of society. We’re of course talking about military veterans. Some of them are dealing with enough problems without having to deal with scammers and other bad actors but unfortunately, there are always people looking to take advantage of a bad situation.

    A number of internet security firms have reported that there is a malware attack floating around that targets veterans who are looking for employment. The veterans are lured to a site that resembles one run by the US Chamber of Commerce that is supposed to help veterans find work. Instead, this phony website infects the user’s computer with malware that is designed to steal personal that’s kept on the device. While it has not been determined what specific information is being stolen one can imagine the myriad of scams that information could be used for especially when it concerns someone who may be receiving government benefits or assistance. Sadly, this isn’t the only scam that targets veterans.

    [youtube https://www.youtube.com/watch?v=ryjbgmD4Z2o%5D

    Another scam that veterans should be on the lookout for is the benefit buyout scam as shown in the video above. There are also scams promising refinancing on VA loans with bogus promises of low rates along with phishing attacks from phony emails that appear to be from the VA. That’s in addition to employment scams that are identical to the ones civilians fall prey to but in this case, they are specifically targeted at vets. If an offer sounds too good to be true it is recommended that you check with your local VA office for additional information.

     
  • Geebo 8:00 am on April 29, 2019 Permalink | Reply
    Tags: , , malware, , ,   

    Double craigslist scam and more 

    Double craigslist scam and more

    Previously, we’ve told you about gift card scams and phony check scams. Now, at least one scammer tried to swindle someone using both scams at the same time. A woman in Madison, Wisconsin was trying to sell an item on craigslist and she received a check for more than $1000 than what she was asking for. The scammers told her to deposit the check and return most of the balance in gift cards. Luckily, the woman did not fall for the scam. If she had, not only would she have been on the hook for the amount of the phony check but once the gift card numbers would have been given to the scammer, the funds would be virtually untraceable.

    ***

    Speaking of gift cards, a New York man was arrested after allegedly using stolen gift cards to withdraw money at an ATM. The man allegedly used the account information from the gift cards to withdraw around $9,000. While the report doesn’t clarify what kind of gift cards were used we would imagine that they were something along the lines of a pre-paid VISA gift card. This is another potential reason you may want to avoid using gift cards as presents. We have some great tips here on how to avoid being ripped off when buying gift cards.

    ***

    Lastly, you may be tempted to buy a device online that promises you unlimited access to free movies and TV shows. Devices comparing themselves to the Amazon Fire Stick are showing up claiming to be ‘jailbroken’ which allow you to circumvent copyright protection in order to stream movies and TV shows which you would normally have to pay for a service like HBO to view. As you can probably guess, these devices are not only illegal but they’re usually loaded with malware according to CNET. This malware could potentially hijack devices connected to your home network such as microphones and cameras and could also send your personal information to any number of identity thieves. In the long run, you’re better off paying for a legitimate streaming service.

     
  • Geebo 8:59 am on September 19, 2017 Permalink | Reply
    Tags: Avast, CCleaner, malware, Piriform   

    What the CCleaner hack means to you 

    What CCleaner hack means to you

    For those of you who may be unfamiliar with CCleaner, it’s an app for Windows computers that removes cookies and other temporary files on your computer to free up hard drive space and provide a performance boost. Recently, CCleaner’s developer, Piriform, announced on their blog that certain versions of the CCleaner software had been infected with malware. This malware is said to have possibly infected over 2 million computers.

    Piriform is claiming that they were able to quickly resolve the issue and that no harm should come to any of its users. However, it is recommended to update to the latest version of CCleaner if you haven’t already. The ironic part to the story is that Piriform is owned by malware protection company Avast. While no computer may have been actually harmed this has to be at least a minor PR kerfuffle for Avast.

    In order to keep your Windows machine more secure, always update to the latest version of whatever software your using. Whenever those pop ups come up asking you to update to the latest version, you should download and install the latest version as it usually means that the software maker has patched some security holes in the software. There are also some great utilities that automatically update your Windows applications for you that you may want to look into.

     
  • Geebo 9:03 am on August 4, 2017 Permalink | Reply
    Tags: Kronos, malware, Marcus Hutchins, ,   

    Arrest related to Wannacry made, but it’s not who you might think 

    Arrest related to Wannacry made, but it's  not who you might think

    Back in May, a number of computers and corporate networks were infected by the WannaCry ransomware attack. If you’ll recall, Wannacry would encrypt your files and instruct you to pay a ransom in Bitcoin to unknown attackers if you wanted your files decrypted. A British researcher was widely credited for finding an exploit in WannaCry where it could be disabled. Now, that man has been arrested.

    23-year-old Marcus Hutchins was arrested at Defcon, a cybersecurity and hackers conference that’s held annually in Las Vegas. The US Justice Department says Hutchins was allegedly part of another piece of malware called Kronos, Kronos is said to be used in stealing log in information of financial websites enabling an attacker to gain a users’ financial information in theory. The DOJ believes Hutchins made and sold Kronos resulting in a six-count indictment against him, however, those who know him from the cybersecurity field say Hutchins was dedicated to stopping attacks like Kronos and could not possibly be guilty of the crimes he’s accused of.

    Meanwhile, the attackers behind WannaCry finally collected their $140,000 in Bitcoin ransom. While it will be difficult for them to convert Bitcoin into cash without revealing themselves, prosecution may be unlikely considering the attack was believed to have originated from North Korea.

     
  • Geebo 7:54 am on June 12, 2017 Permalink | Reply
    Tags: malware, mouseover, Tinba, Zusy   

    New malware doesn’t even need you to click on a link 

    New malware doesn't even need you to click on a link

    Another week and another new type of malware comes out, this one even has a new trick to it. Normally, when your computer gets infected by malware you have to open an attachment or click on a link. With this new type of attack, you don’t even have to do that. All you have to do is hover your mouse over the link and it could infect your computer.

    This particular attack exploits a flaw in an unpatched version of PowerPoint. Usually, PowerPoint will warn you that something is attempting to download itself to your computer. However, it’s pretty easy to accidentally bypass the warning, allowing the malware to infect your computer. This attack is said to download a type if malware known as both Zusy and Tinba. The malware is designed to copy any financial information you may input while you’re on the internet such as account or card numbers.

    The fact that you don’t even have to actively click on anything to get infected shows that the war with malware has reached a new level. As we’ve previously mentioned the best defense is not to click on unsolicited links or attachments. With this new type of attack the best thing to do would probably be not to even open emails from unknown entities.

     
  • Geebo 9:05 am on May 30, 2017 Permalink | Reply
    Tags: Chipotle, , malware   

    Chipotle malware attack exposed customers’ card info 

    Chipotle malware attack exposed customers' card info

    Recently, restaurant chain Chipotle announced they experienced a massive data breach that affected numerous locations nationwide. If you visited the restaurant between March 24 and April 18 of this year and paid with a debit or credit card, the odds are that your card information has been exposed to hackers and identity thieves.

    This is just another incident in a long series of incidents that have plagued Chipotle over the past couple of years. In 2015, Chipotle was the subject of a number of food safety issues that involved outbreaks of E. coli, salmonella, and norovirus.

    What makes the Chipotle breach different from most large consumer data breaches is that Chipotle’s card reader system was infected with malware. While Chipotle has been upfront with news about the breach, they haven’t said how the malware found its way into their system. Usually, a user has to open an infected attachment in an email or visit a malware infected website for it to spread among the system. That could lead one to ask if the card reader system is attached to other easily compromised systems within the corporate information chain.

    Chipotle has said their card readers are currently free of malware, but without disclosing how they became infected in the first place it could lead customers to believe they’re still not secure and they’re private information is still at risk.

     
  • Geebo 9:01 am on May 15, 2017 Permalink | Reply
    Tags: malware, , ,   

    Latest ransomware attack shows need to keep systems current 

    Latest ransomware attack shows need to keep systems current

    Do you work for a company that still uses Windows XP because there’s a crucial piece of business software that only runs on the 16-year-old operating system? If so, your Monday morning may not be the most productive due to a global ransomware attack called WannaCry. For those of you who may be unfamiliar with the concept of ransomware, it’s a piece of malware that not only infects your computer, but encrypts your files and does not allow you to access them until you pay the hackers holding your system hostage a ransom that it paid through the cryptocurrency Bitcoin. So far, WannaCry has infected over 200,000 systems in 74 countries including a large Spanish telecom and the National Health Service in the UK. In the US, courier service FedEx has said that a portion of their systems have been infected as well.

    The attacks started this past Friday and a security expert was able to find a vulnerability in WannaCry, but since then a new version of the malware has been spotted out in the wild. Since the new version of WannaCry went out during the weekend, a number of companies could be infected and not even know it until they start booting up machines today. The malware was designed specifically to exploit a vulnerability in a number of Windows-based operating systems based on an NSA spy tool that was released to the public by another group of hackers. Windows released a patch for the exploit, even for Windows XP which stopped receiving regular updates from Microsoft in 2014, but many systems unfortunately remain unpatched. Both the US and UK governments are urging those infected with WannaCry to not pay the ransom, which is said to be around $600 USD per infected machine. There is no guarantee that your files will be released once the ransom is paid.

    If you are still running Windows XP at home, you’re running a machine that is ripe for the pickings by malware and ransomware. As previously mentioned, since Windows XP is no longer supported by Microsoft you are no longer receiving any security updates. There are many free to low-cost alternatives to running XP, such as running a more secure Linux operating system. If you’re a business still using XP because the software needed to run your business only works on XP, it is highly recommended that you upgrade to a more current operating system like Windows 10. While it may be saving you money now to keep using the antiquated OS, in the long run it could cost you your entire network. There are simple and low-cost ways to run XP exclusive programs and applications in Windows 10. Lastly, if you think that you’d rather press your luck against such attacks remember this: it only takes one employee to click on one bad attachment to bring your entire operation to a grinding halt.

     
  • Geebo 10:37 am on January 19, 2017 Permalink | Reply
    Tags: , fruitfly, , malware, osx   

    Apple users have two new threats to deal with 

    Apple users have two new threats to deal with

    If you’re a fan of the Apple ecosystem because ‘they don’t get viruses’ you may want to rethink that reasoning. While still not receiving as many threats as Windows machines Apple devices are still vulnerable to glitches and attacks. Two of those issues recently made the news.

    The first, and less damaging of the two threats, is a glitch in iOS that can cause you’re iPhone to crash. If someone sends you a text with the white flag emoji, the number zero, and the rainbow emoji, it will crash your iPhone if it is running iOS 10. You don’t even have to read the text before it freezes your phone. Luckily, this glitch does not cause any lasting damage and your iPhone should restart.

    The second problem is a piece of malware called Fruitfly that is targeting Mac computers. If your Mac is infected a bad actor can take control of your webcam and can take screenshots of whatever you’re working on. This malware seems to be only targeting a specific industry and may not have spread into consumer machines just yet. However, Apple has issued an update to OSX to fix the exploit.

    No matter whether you use Mac or Windows, iOS or Android, you still have to be concerned about your device’s security.

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel