Category Archives: Panda Security

Panda Security

Panda Security

Car to car: Internet-connected cars. Will they be the main cause of accidents in the future?

car to car

Smartphones, watches and a thousand home appliances. More day-to-day objects are connected every day. But the Internet of Things also runs on four wheels. Tomorrow’s cars will not be flying cars, as science fiction movies have told us, but their future lies in the Internet.

Cars will connect to one another to share information and they will also be connected to infrastructures to obtain data of interest in real time.

If the next revolution in automobiles will come from Car-to-Car (C2C) and Car-to-Infrastructure (C2I) connections, automakers will need an army of cyber-security experts to safeguard the cars of the future. If they can connect to one another, they will also be vulnerable to cyber-attacks.

car to car map

So far, cyber-security does not seem to be a strong point of the intelligent cars currently on the market. For example, a 14-year-old boy managed to gain wireless access to the brain of one of these cars using a $15 (just over €13) circuit board.

He achieved this feat at a hackathon organized a few weeks ago by Delphi, a US company that makes electronic systems for vehicles.

During this hackathon, the participants —the majority of them students— demonstrated that intelligent vehicles are not immune to IT attacks. They also showed that some of these vehicles can be opened (or even started) even though they are locked.

Internet-connected cars

The cars of the future will be a clear target for cyber-criminals, as not only will they be able to cause a large number of accidents by hacking the brain of these vehicles or steal them without needing to break the windows and hotwire them; the vulnerability of these cars will allow them to steal large amounts of data and wreak havoc in cities.

car to car accident

C2C and C2I systems will allow vehicles to constantly share information. Sharp breaking, breakdowns, traffic jams or the duration of traffic lights will be some of the data that could circulate through short-range wireless networks or simply through the car’s Internet connection.

A cyber-attack could turn one of these intelligent cars into the gateway to any information network connected to the vehicles, from the power grid to the system used by the police or the traffic light network in a city.

The solution lies in manufacturers of intelligent cars considering security and developing systems that detect which cars have been hacked in order to isolate them from the rest of the network.

There are many suggestions, such as installing security chips like those used on credits cards, or creating new software or hardware that establishes secure connections.

The post Car to car: Internet-connected cars. Will they be the main cause of accidents in the future? appeared first on MediaCenter Panda Security.

Panda Security

How to manage your clients cycle of life with Panda Cloud Partner Center!

Enterprises security expenses continue increasing. How can Panda Cloud Partnet Center help you? It’s the tool that enables you to know your clients’ status.

Panda Cloud Partner Center offers an increasing benefits solution as part of a business management group plan.

Would you like to be a partner of Panda Security?

The post How to manage your clients cycle of life with Panda Cloud Partner Center! appeared first on MediaCenter Panda Security.

Panda Security

Fusion: Cloud Security, Management and Support

Do you need a security solution capable of protecting, managing and remotely supporting all devices on your IT network, including smartphones and tablets? If so, meet Panda Fusion.

Panda Fusion is a cloud-based solution that meets all your needs, and is easy to deploy and scale as it doesn’t require maintenance or infrastructure investment. Available anytime, anywhere through a simple web browser.

Try now Panda Fusion and discover its benefits:

  • It offers maximum protection against malware and unknown threats.
  • It reduces costs through optimization of your IT infrastructure.
  • It provides an optimal support experience, through proactive problem resolution and remote, non-disruptive access to their devices, wherever they are.

Want more information?

Cloud-based solution

Want to share this infographic? Here is the code!

The post Fusion: Cloud Security, Management and Support appeared first on MediaCenter Panda Security.

Panda Security

Skype worm reloaded  

skype scam

Skype worms are not exactly new anymore (unfortunately).

Scenario is simply: someone on your friends list got infected and is now sending you a link to a ‘funny image’ or pictures of you. In this case, you are being baited by a video of you. Let’s just hope it’s nothing embarrassing ;)

skype worm

Lol! Seems like there’s a cool new video of you going around.

When visiting the (totally not malicious looking) link, you get a video, but apparently you need to download a plugin first:

malicious link

When you click on Install plugin… a new file called ‘setup.exe’ gets downloaded. It’s actually simply a self-extracting archive which contains a file named: ‘setup_BorderlineRunner_142342569355180.exe’

When running the setup.exe file:

skypefall setup

It almost seems like we’re installing legitimate software, SkypeFall version 1.0. Almost.

Clicking Next, Next, Next in the setup wizard, nothing much seems to be happening, but in the background there’s quite a lot going on:

skype setup wizard

A new file called ‘SkypeFall’ is dropped and a new DLL is being registered. Afterwards, two new processes are now active in memory: SkypeFall.exe and rundll32.exe, in which the latter is actually running the DLL BorderlineRunner.dll.

Files are being created in both respectively %programfiles%BorderlineRunner and %appdata%SkypeFall. A new service is also registered:
HKLMSystemCurrentControlSetServices6b57ae94

Afterwards you’ll spam all your friends with the same message as well, following the pattern:
skype scam

 

We detect this malware as:

W32/Skyper.A.worm

IOCs

Domains:

hxxp://24onlineskyvideo.info

hxxp://24videotur.in.ua

hxxp://deepskype.net

hxxp://factorygood.net

hxxp://ironskype.net

hxxp://letitskype.info

hxxp://letskype.net

hxxp://popskypevideo.net

hxxp://popvideoskype.com

hxxp://popvideoskype.info

hxxp://popvideoskype.net

hxxp://skypepopvideo.net

hxxp://skypepopvideo.net

hxxp://skyvideo24.in.ua

hxxp://skyvideo24online.in.ua

hxxp://skyvideo24online.ru

hxxp://skyvideotape.in.ua

hxxp://skyvideotape.ru

hxxp://someskype.com

hxxp://someskype.net

hxxp://techine.info

hxxp://techine.net

hxxp://videosk.in.ua

hxxp://videosk.info

hxxp://videoskype.ru

hxxp://videoskype24.ru

hxxp://videoss.in.ua

Hashes (SHA1):

b6f690849e9ed71b3f956078934da5ed88887aa3

42c685ac60555beaacd5e07d5234a6600845e208

dfb9bfb274e9df857bb0fae02ba711e62a2a9eb6

726db7f1c956db8c5e94d21558cbbe650b949b7e

How to avoid the malware W32/Skyper.A.worm

  • Never click on unknown links, especially when a friend sends you a generic text saying there are pictures or videos of you going around. If you’re really curious, ask them first what’s it about. Better be safe than sorry.
  • Don’t be fooled by known icons or “legit” file descriptions, this can easily be altered.
  • Even if you clicked the link and you’re not suspicious, you should be when a file is downloaded and no pictures are shown, but just an EXE file.

The post Skype worm reloaded   appeared first on MediaCenter Panda Security.

Panda Security

Watch out! WhatsApp Calling, the new WhatsApp scam!

whatsapp voice calls

Since WhatsApp announced that they were adding free voice calls to its services, cybercriminals have been trying to take advantage of it, and they have done it!

How are they doing it? Via a WhatsApp message wich invites the users to “try” the voice calls. If you get it, just ignore it!

Congratulations!! You’ve been invited to try Whatsapp Calling! Invite Your 10 Activate WhatsApp Friends to Activate Whatsapp Calling”.

whatsapp calling scam

Our collegues of Softonic have tried it and, obiously,  it turned out to be a scam. By clicking on the link you are redirected to a fraudulent site in wich after inviting ten friends you will be able to make voice calls via WhatsApp.

As you can imagine, by doing so, not only you won’t be able to call anyone, but you will be sending spam to those ten friends you chose!

We know you are eager to make calls via WhatsApp, but don’t be anxious! The safest way for installing this option will be when the own app informs you that you can make voice calls free of charge!

The post Watch out! WhatsApp Calling, the new WhatsApp scam! appeared first on MediaCenter Panda Security.

Panda Security

Mobile World Congress 2015: the unstoppable growth of mobile devices

mobile world congress

After attending the Mobile World Congress 2015 one thing is clear to us: the growth of mobile devices is unstoppable!

As the number of users and mobile devices increase, the number of threats and attacks do too. And with more and more mobile devices and users linked to movility the cyber-criminals have found their target niche.

How can we protect ourselves from that raising number of threats?

Panda Mobile Security: Maximum protection for your Android devices

This is not the first time we talk about our antivirus for Android, but today we want to tell you about the new features our colleagues in PandaLabs are working on!

For example, a couple of moths ago we saw how the downloading of some apps traped us in to using SMS Premium. That’s why Panda Mobile Security has created in “Privacy Auditor” a new functionality called “Cost Money”.  So if you downloaded a Weight Loss app or a QR reader, or any app with permissions to behave in this malicious way will be flagged as such. Check them and if they seem malicious remove them rightaway!

Nor should we forget that the threats there were previously founded on other platforms now can be atacking our mobile phones or tablets. For instance, the Ramsonware virus that “hijack” the device requesting a payment, as it renders useless the device and prevents us accessing our data.

We are even descovering threats cybercriminals created to take pictures of the users while the device is turned off or paused, and steal their data.

In addition, Panda Mobile Security, available in 16 languages in a few days, highlights the importance of geolocation. For example, the “Theft Alert” allows the device when someone  introduces the wrong password, takes a photo and sends it via email with the device location.

What to protect with a mobile antivirus?

We want that our Android antivirus to be a complete security solution so it makes the users life easier and safer!

With that in mind we are able to protect againts virus, fraud and threats, locate the mobile phone or tablet in case you lose it (or someone steals it!), protects private data and resource management.

Want to try our free antivirus for Android?

The post Mobile World Congress 2015: the unstoppable growth of mobile devices appeared first on MediaCenter Panda Security.

Panda Security

Cyber-criminals set their sights on drones

dron flying

More and more cameras are watching us from the sky. And no, they don’t belong to the police or some intelligence agency, but to your neighbors. Unmanned aerial vehicles are becoming a more common sight, and there is no shortage of people wanting to fly their small camera-equipped drones to get the perfect shot.

Despite the many good uses of these flying machines (crop inspection, rescue missions, crime fighting, etc.), drones can also pose a security threat as they are difficult to detect and neutralize.

A few days ago, the U.S. Secret Service opened an investigation after finding a small recreational quad copter in the grounds of the White House. Despite the machine was operated by a government employee and not a criminal, the incident raised a lot of concerns as it came just four months after another incident in which an intruder managed to jump over the perimeter fence of the presidential mansion.

U.S. authorities (who have been using unmanned aircrafts in military operations for years now) are increasingly worried about the fact that drones could be used by criminals or terrorists to launch attacks with explosives or chemical weapons.

dron

At the beginning, drones were restricted from flying near other aircrafts, airports or populated areas (in Spain, for example, drones must stay at least 8 kilometers (5 miles) away from an airport). However, the proliferation of domestic drone use is raising new concerns for privacy and security. Can small drones be used for small-scale espionage?

DJI Technology Co., the Chinese maker of the device that crashed on the lawn of the White House, and one of the leading makers of consumer drones in the world, has announced it has plans to change software on its drones to prevent them from flying over Washington. Additionally, the company also plans to disable its drones from crossing national borders after police discovered a DJI drone that apparently crashed while attempting to carry drugs into the U.S.

But, are drone manufactures taking enough measures to prevent cyber-criminals from manipulating their software? According to ‘The Wall Street Journal’, cyber-security experts have warned that drone no-fly zones are relatively simple for computer programmers to deactivate. “There’s more stuff that the industry can be doing as a whole to improve the overall security,” DJI spokesman Michael Perry said.

There are actually reasons to be concerned, as shown by the appearance of the first ever backdoor malware for drones: Maldrone. Security expert Rahul Sasi has discovered and exploited a ‘backdoor’ in Parrot AR, one of the most popular drone models. A backdoor malware can infiltrate target computers, appearing to be harmless, and take control of a drone by interacting with its sensors and serial ports. Rahul Sasi has even published a video proof-of-concept to demonstrate its efficiency.

“After the connection is established, we can interact with the software as well as the drivers/sensors of the drone directly. There is an existing AR drone piloting program. Our backdoors kill the autopilot and take control,” explained Sasi.

This security expert is not the only one concerned about the existence of security holes in drones. Hackron, a cyber-security congress recently held in Santa Cruz de Tenerife (Spain), challenged participants to hack into a drone, with a 200-euro prize for the winner.

What would happen if cyber-criminals set their sights on drones? Are drone manufacturers taking precautions? Although we’ll still have to wait before we can answer these questions, it seems clear that cyber-security risks are no longer just limited to computers and smartphones. In the case of cyber-criminals, the sky is not the limit…

The post Cyber-criminals set their sights on drones appeared first on MediaCenter Panda Security.

Panda Security

WhatsSpy Public: The app that spies on WhatsApp users  

whatsapp smartphone

When WhatsApp decided to let users hide or display the ‘Last Seen’ info, many hurried to disable a feature they considered a breach of privacy. However, shortly after came the blue check marks, which caused angry reactions from users who considered it yet another intrusion into their privacy. The new feature proved to be rather unpopular among many, and so, the instant messaging service decided to let users disable the annoying tick marks and breathe a big sigh of relief.

Despite all the measures you may take to hide as many details as you can about your digital life, a lot of that information is still available to third parties. For example, even if you change your WhatsApp privacy settings, any would-be snooper can still see the time when you are online.

WhatsApp is aware of this design flaw since the end of last year; however, they haven’t done anything about it. Users are normally not aware of this bug, so it has been mostly overlooked.

whatsapp privacy

Now, however, Dutch developer Maikel Zweerink has released an application that demonstrates that WhatsApp users’ online status and other information can be monitored, even with the strictest privacy settings: WhatsSpy Public.

The name might ring a bell as it is similar to another tool, WhatsSpy, which claimed to have similar features to WhatsSpy Public (or even more invasive), even though it turned out to be a fraud.

Even if the ‘Last Seen’ option is disabled, WhatsSpy Public can still track the user’s online status, as well as the last time of connection and any changes made to profile photos. Zweerink’s intention is not to provide snoopers with the perfect tool to spy on other people indiscriminately, but highlight the messaging service’s ineffective privacy options.

whatsspy on line

Everything started as an experiment. Zweerink was trying to build a bot for personal use, when he realized that someone could use a similar tool to track other people’s digital footprint. He then decided to develop an app to fully expose and share his discovery with other people.

Once the app is installed, all you have to do to retrieve the online status of any telephone number is to add it to your contacts and open a chat window, without alerting the phone number owner or asking for their permission.

The bot displays the victim’s information in the chat window, just as if the snooper had actually subscribed to the other user’s account. Attackers could use the tool to track any WhatsApp user they choose to follow, even though Zweerink explains that the app is not designed to support a large number of requests.

whatsspy public

Maybe it is not too serious that other people may know when you are online or not, but Zweerink believes it is unacceptable that WhatsApp’s privacy settings simply don’t work. In his opinion, the company is giving users a false sense of security by ensuring it protects some private information it actually doesn’t protect.

Zweerink also warns that this information could be used not only by friends or contact but also by companies. Many Internet advertisers use the trace people leave on the Internet (the Web pages they visit, their online activities, etc.) to design custom advertising campaigns; and they could do the same with your WhatsApp information.

A spokesperson for WhatsApp recently denied Zweerink’s accusations that the app’s security settings are broken, explaining that the Dutch researcher’s tool simply gathers publicly available data. And that’s precisely the point that Zweerink is trying to make: the fact that some WhatsApp user information is simply there for anyone to see no matter what you do.

The post WhatsSpy Public: The app that spies on WhatsApp users   appeared first on MediaCenter Panda Security.

Panda Security

What happens to my Facebook account when I die?

facebook tomb

Photos, videos, status updates… Social networking sites store lots of information about you. Just take a look at your Facebook page’s wall. What do you see? Birthday pictures, your ‘Year in Review’ video, and hundreds of other things that give an idea of your life. What will happen to all these things when you’re gone?

If you are worried about what will happen to your digital life when you are dead, you’ll be happy to learn that Facebook has decided to grant users more control over how their online identities will be handled after death. The social network now lets users give someone they trust the keys to their profile page in case they die.

Until now, when someone passed away, Facebook turned the deceased person’s account into a memorialized account, for friends and family to share and celebrate the memories of their loved one. For this to be possible, a user had to report the deceased person or the account that needed to be memorialized through a link.

facebook memorialized accountf

Now, Facebook goes one step further and lets users appoint an heir for their accounts. The new feature, called “Legacy Contact“, allows users to choose someone from their contacts to manage their account after they pass away.

This feature allows the Legacy Contact to write a memorial post on their friend’s profile page, respond to new friend requests, and change the friend’s profile picture. However, they won’t be able to access certain confidential information such as private messages.

facebook memorialization request

As published by Facebook on its blog, the ‘Legacy Contact’ feature is available only in the United States for now, although it will roll out to other countries soon.

How to choose a ‘Legacy Contact’ on Facebook

Now, how do you choose a ‘Legacy Contact’? The steps to take are really simple:

  • Go to ‘Settings’
  • Select ‘Security’
  • Choose ‘Legacy Contact’. There, select the person who will manage your memorialized account and specify the actions that they will be able to take.
  • Finally, send them a message to let them know you have selected them as your digital heir

facebook security settings

 

In any case, Facebook also gives you the chance to take more drastic measures: you can choose to have your account permanently shut down when you die.

Until the time arrives when this new feature is implemented in your country, it is time for you to think: who will you entrust with the task of managing your account?

The post What happens to my Facebook account when I die? appeared first on MediaCenter Panda Security.

Panda Security

PandaLabs neutralized 75 million new malware samples in 2014, twice as many as in 2013

PandaLabs, the anti-malware laboratory of Panda Security detected and neutralized 75 million malware samples in 2014. This figure more than doubles the number recorded in 2013: nearly 30 million new malware strains.

In all, the total number of malware specimens detected by PandaLabs throughout its history has reached 220 million, which means that 34 percent of all malware ever created was coded in 2014. In fact, last year Panda Security recorded an average of 200,000 new malware strains per day. The year 2014 can be considered the year of massive cyber-attacks, with some of the world’s biggest corporations falling victim to large-scale data breaches.

 

Trojans continue to account for most new malware

Trojans are still the most common type of malware way ahead of other malware specimens. In fact, in 2014 Trojans accounted for almost 70 percent of all new malware created, followed by viruses (12.33 percent), other malware (10 percent), worms (6 percent) and adware/spyware (3 percent). In this respect, CryptoLocker was one of the most destructive Trojans unleashed last year. “CryptoLocker is one of the nastiest pieces of malware to have targeted users in 2014. This ransomware encrypts victims’ files and requires a ransom in order to decrypt them. Thousands of computers have fallen victim to it, from home users to businesses and financial institutions”, said Luis Corrons, Technical Director of PandaLabs at Panda Security.

 

Malware and infections

Trojans, once again, accounted for more infections (65 percent) than any other malware, although there was a notable increase in the ‘Other’ category. This category includes PUPs (Potentially Unwanted Programs): applications which, despite not being malicious per se, install unwanted software without properly informing the user.

PandaLabs Annual Report 2014

 

China tops the list of infections

Despite being one of the worst years for IT security, the global infection rate in 2014 was 30.42 percent, a significant decrease on 2013’s figure. Country by country, China once again had the most infections with a rate of 49 percent, followed by Ecuador (42.33 percent) and Turkey (41.53 percent). Theses countries were also at the top of the infection rankings last year, although in a different order: China, Turkey and Ecuador.

Other countries with rates above the global average in 2014 include Colombia (33 percent), Uruguay (33 percent) and Chile (31 percent).

 

Sweden the safest country

Europe was the area with the lowest infection rate, with nine countries ranked among the ten least infected nations, whereas Japan was the only non-European country to appear in the ranking. The list was topped by Scandinavian countries: Sweden (20 percent), Norway (20 percent) and Finland (21 percent).

 

“We live in an Internet-connected world, and as such we are exposed to cyber-attacks now more than ever before. Security threats will increase in 2015, and both companies and home users must prepare themselves to respond to them. It is not a question of whether their security will be compromised but rather when and how, so in this case prevention is key”, concluded Corrons.

 

The full report is available here.

The post PandaLabs neutralized 75 million new malware samples in 2014, twice as many as in 2013 appeared first on MediaCenter Panda Security.