Tag Archives: Malware

Avast

May the force, but not the malware, be with you!

Not very long ago, in a galaxy not far away, a group of cybercriminals decided to take advantage of the Star Wars effect to spread malware among the most impatient fans.

sw-fake-pirate

A lot of people cannot wait to see Star Wars: The Force Awakens, and that’s something cybercrooks know. That’s why a lot of links that theoretically allow the download of the new movie of the popular saga appeared. As many of you can imagine, those links do not include the films, the only thing they include is malware! An idea worthy of Darth Vader!

We can see those links in popular download sites, along with a lot of comments from users that warn about the true purpose of the links: To install malware on users’ devices.

SW-sith

Is easy to avoid falling victim of this type of scam; just avoid clicking on suspicious links and install an antivirus, like Avast 2016, and keep it updated.

As master Yoda said: “Patience you must have, my young Padawan”.

The power of the dark side is very tempting, but do not let cravings take over you. May the Force and Avast be with you!

Images via ADSLZone and Starwars.com

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

 

Panda Security

2015, the year of Cryptolocker

malware

At the end of 2013 the first signs of what would eventually become one of the most lucrative attacks for cybercriminals were spotted. Cryptolocker is the name of the most popular family of ransomware, which has ended up being used as the name for all threats of this type.

The threat always works on the same, simple premise: it encodes documents and demands a ransom in order for them to be returned.

They usually geo-locate the IP of the victim to show the message containing instructions on how to pay the ransom, which is always displayed in the language of the corresponding country. The payments have to be done using Bitcoin and all contact with the cybercriminal is carried out via Tor, which helps the attackers to remain at large from the authorities.

These attacks became more and more popular throughout the course of 2014, starting out with isolated attacks on individuals before turning their focus towards corporations, which turned out to be far more rewarding – the stolen information had a higher value and the ransom (usually around €300) was spare change to the majority of businesses.

In 2015 we have seen how they have fine-tuned the attacks to try and overcome any defenses that were put in their way:

  • They no longer commit errors when encoding files. These mistakes allowed security companies to create tools to recover documents without paying the ransom.
  • New families of threats have appeared – more groups of cybercriminals are using Cryptolocker, which has become the most popular type of threat at the moment.
  • All of them use Bitcoin as a payment method, meaning they can’t be traced.
  • They have focused on two paths of distribution:
    • Via Exploit Kits
    • By email with a compressed attachment
  • They are creating new forms of attack, and we have seen them start to use PowerShell scrips, which come by default with Windows 10.
  • In terms of mobile devices, although we have seen some attacks (such as that which changed the access codes to the device), they are still the exception to the rule.

How to protect against Cryptolocker

As regards protecting ourselves, we must remember that Cryptolocker has different “needs” when compared to a traditional malware – it isn’t persistent (once the documents are encoded, it doesn’t need to remain on the system and, in fact, some variations delete themselves), and it doesn’t care if it is detected by an antivirus (all that matters is that it can launch its attack before being detected, any time after that makes no difference).

Traditional forms of detection are now rather useless, as before launching an attack it will check that these technologies can’t detect the sample, and it will change itself in order to evade them if this isn’t the case. Behavioral analysis isn’t capable of detecting what it does in the majority of cases, as it usually installs itself in the processing systems to encode the files from there, making it look like a normal operation.

Only a system that monitors everything that is running on the computer, such as Adaptive Defense 360, can be an effective method of stopping these attacks on time, before they put our documents at risk.

INTERACTIVE DEMO ADAPTIVE DEFENSE 360

The post 2015, the year of Cryptolocker appeared first on MediaCenter Panda Security.

ESET

New Dridex campaign achieves high infection ratio in European countries

When discussing banking trojans these days, Dridex is the one that everybody seems to be talking about the most. This trojan has inherited the popularity of the ancient Zeus trojan and is one of the biggest threats that we can find right now, in constant evolution to become more efficient.

The post New Dridex campaign achieves high infection ratio in European countries appeared first on We Live Security.