With malicious remote access attacks of the rise it is time to check your computer’s RDP configuration and apply restrictions, like turning it off, limiting users,and applying strong passwords.
Stop me if you’ve heard this before… While I was in London recently for the InfoSec exhibition and some other meetings, my wife received a call from a lady with a heavy Indian accent, who told her that she had errors on her computer caused by viruses, and offering to remove them for her. For a fee, of course…
According to the EU’s law enforcement agency Europol a complex ransomware network has been shut down. The operation to close the network was headed by Spanish police in cooperation with the agency. Eleven people have been arrested from Russia, Georgia and Ukraine. The scheme planted malware on computers which accused the users of viewing illegal
A crime wave of malware that demands money from victims to avoid prosecution by the FBI has been alarming web surfers across America. Victims suddenly find their computer frozen, and an official-looking page, like the one shown below, is displayed in their web browser. The FBI and the Internet Crime Complaint Center (IC3) have received
From time to time I hear people who don’t use antivirus software claim that it doesn’t matter, there isn’t anything of value on their computer. To begin with, just controlling your computer is of value to some criminals. If I can control your computer I can get paid to send spam from it, to install
Round here, we're more than a little concerned about fake/rogue antivirus (and other fake security software). It's an ugly form of ransomware that hurts its victims in many ways. It scares them by threatening dire consequences and damage from malware that doesn't exist (except in the sense that the fake AV is itself malware), in
I read a story today called “Give me your money, or your computer gets it” at http://redtape.msnbc.com/2010/01/turning-hijacked-computers-into-cash-is-still-hard-work-for-most-computer-criminals-theyve-got-to-trick-the-infected-pc-into.html. While the story does offer some practical advice, it misses some critical points and gets one thing a bit wrong. The story actually talks about a couple of different “ransom” attacks. There is the case where your data
I don't suppose anyone remembers my mentioning this before, or cares much anyway, but the 19th of December marks what I consider to be the 20th official anniversary of my entry into the anti-virus/security field. Nowadays, viruses (and, in general, worms) have declined in importance and now constitute a fairly small proportion of the totality
Some more information on the Hexzone botnet has come my way, mostly from FireEye’s Atif Mushtaq and Paul Ferguson’s hairdresser (don’t ask!). Atif also mentions the association with ransomware: the malware is installed as a Browser Helper Object (BHO) on the victim’s machine, and hijacks browsing sessions, taking the victim to a page hosting pornography.
There are quite a few reports currently about particularly ugly development son the fake AV front. The Register’s John Leyden has referred to a "double dipping" attack, in which the notorious Antivirus 2009 is implicated in an attack that goes beyond offering useless rogue anti-malware to inflicting actual damage on user data files, in order to force the victim