Posts

Malware Hack Attacking the Grid…BIGLY

For more than four years, malware has been posing as legitimate software and infecting industrial equipment across the globe.

The malware, which looks just like the Siemens control gear software, has affected at least seven plants in the US. According to security experts, the malware was specifically designed to attack this industrial equipment, but what it does is not totally known. It is only described as a type of “crimeware.”

The malware was first hinted at in 2013, but at that time, it was not seen as dangerous, and many anti-virus programs were flagging it as dangerous, but it was considered a false positive. Eventually, it was seen as a type of basic malware, and upon further inspection, it was found that there are several variations. The most recent flag was in March 2017.

This particular infestation is only one of many malware infections that target industry. Approximately 3,000 industrial locations are targeted with malware each year, and most of them are Trojans, which sometimes can be brought in by staff on found or compromised USB sticks.

Most of these programs aren’t extremely harmful, meaning they won’t shut down production. However, what they could do is pave the way for more dangerous threats down the road. It also allows for sensitive information to be released.

It is not easy for hackers to infiltrate an industrial plant, and it takes good knowledge of layout, industrial processes, and even engineering skills to pull something like that off. This goes way beyond a simple malware attack.

However, these attacks have also brought to light the issue of how many legitimate files are being flagged as malware and vice versa. This means that the files can be used by the bad guys, who can then target a specific industrial site. There are thousands of these programs out there, ripe for the picking by observant hackers.

What can they do if they get this information? They could find out where the site is, who operates it, the layout and configuration, what software they have, and even what equipment they are using. Though this wouldn’t give them everything they need, it would be enough to plan a bigger, more dangerous attack.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Hacker for hire a rising Trend

Hackers and wannabe hackers can easily purchase cheap tools of the trade online. The security firm Dell SecureWorks Inc. confirms this in their latest report and adds that underground markets for hackers, including those from Russia, is thriving.

11DThe “Dark Web” is the go-to place for hackers looking for guidance and tools like malware. Yes, you can buy malware. If you don’t want to be the hacker, you can hire a hacker.

There’s any number of reasons why a non-techy person would want to hire a hacker. Maybe that person wants to make money and thus hires a hacker to create a phishing campaign that generates lots of credit card numbers and other personal data for the hacker’s client to then open credit lines in victims’ names.

Maybe another client wants revenge on an ex-lover, their current boss or neighbor; they hire a hacker to crack into the target’s Facebook account, and then the client is able to log in, impersonate the victim and post comments and images that will make the victim look frightfully bad.

Dell SecureWorks Inc., also found:

  • For $129 a hacker will steal e-mails from personal Yahoo or Gmail accounts.
  • For business accounts, however, hackers want $500 per e-mail.
  • Wannabe hackers can buy phishing tutorials as well as other tutorials for $20 to $40.
  • Gee, for just $5 to $10, you can buy a Trojan virus that you can infiltrate someone’s computer with and control it—even if you’re a thousand miles away.

So booming is the hacker for hire and hacker-in-training industry, that these cybercriminals even offer customer service. Makes you wonder why hackers are selling their knowledge, tools and providing customer service, if they can make so much more money just hacking.

Well, maybe deep down inside, these crooks have a kind heart and want to help out people, even if it means helping them commit crimes. Another explanation is ego; they’re so good at what they do that they want to share their knowledge, albeit for a fee.

What else is for sale on the Dark Web? Stolen hotel points and frequent flyer accounts. Buyers can use these to get gift cards on legitimate sites, says the report from Dell SecureWorks Inc.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Zeus Malware Gang take-down

Zeus is no longer a god of malware; he’s been taken down by law enforcement agencies spanning six European nations. Five people were recently arrested—believed to have infected tens of thousands of computers across the globe. There have been 60 total arrests pertaining to this cybergang.

They also used malware called SpyEye, and that, along with Zeus, stole money from major banks. This was a clever operation that included ever-changing Trojans, and mule networks.

Another malware that was asphyxiated was the BeeBone botnet, which had taken over 12,000 computers across the world.

We can thank the Joint Investigation Team for these successes. And they don’t stop there. The JIT put a stop to the Ramnit botnet, responsible for infecting 3.2 million computers globally.

The JIT is comprised of judicial authorities and investigators from six European nations. The cybergang is believed to have its origins in Ukraine. This crime ring was sophisticated, repeatedly outsmarting banks’ revisions of their security measures. Each crook in this ring had specially assigned duties and caused total mayhem to their victims. They even sold their hacking expertise and recruited more thieves. This was one hefty cybergang.

The six nations that are members of JIT are the UK, Norway, Netherlands, Belgium, Finland and Austria. The investigation began in 2013 and had a most thrilling ending. And it wasn’t easy. Here’s some of what was involved in this investigation:

  • Analysis of terabytes of data (one terabyte = one million million bytes)
  • Forensic analysis of devices
  • Analysis of the thousands of files in the Europol Malware Analysis System
  • Operational meetings and international conference calls

But the game isn’t over; there are still more cybergang members out there, and JIT will surely hunt them down by analyzing the mountainous load of data that was collected from this investigation. The funding comes from Europol and Eurojust. In fact, Eurojust has provided legal advice and was part of the composition of the JIT Agreement.

Other countries were instrumental in achieving this capture: Latvia, Estonia, Moldova, Poland, Germany, Ukraine and the U.S.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

What is a Virus?

Have you ever had the chicken pox? This common childhood illness has another name—the varicella zoster virus. Like all viruses, varicella replicates itself, spreading though the body, and eventually appearing as itchy red blisters all over the body. But the virus doesn’t stop there; it can spread to other people through physical contact and through the air when an infected person coughs or sneezes. It’s not a very fun illness to have.

6DViruses don’t just affect humans; there are viruses that can affect your tech devices. A tech virus is a malicious program file that can also replicate itself and infect other devices through techniques like malicious links and sketchy downloads. But unlike the chicken pox where the virus eventually appears on your skin, a virus could be wreaking havoc on your device and you might not even know it!

Computer and mobile viruses can take many different form factors, but all are usually intended to do harm to your device, steal your personal info or money or both. Some examples of viruses include a Trojan Horse, which masquerades as something neutral or benevolent, but is programmed to infect the hard drive or even crash it. Spyware is a virus that observes your activities like logging into your bank account, collects this data (e.g., password, answer to secret question, username) and sends it to the hacker. And a worm, like other viruses, can corrupt files, steal sensitive information, or modify system settings to make your machine more vulnerable, but it’s different in that it can replicate and send copies of itself to other computers in a network without any human interaction.

There are several clues that could mean that your device has a virus. For example, if you notice your device is suddenly running at a snail’s pace. Another example is programs or apps opening and closing on their own. Or a major sign would be if you receive an email from a friend responding to a mass email you supposedly sent promoting some great deal on a pharmaceutical (that you never actually sent).

Just like there are things you can do to prevent the chicken pox, like wash your hands and stay away from infected people, there are ways to prevent a virus from getting on your device.

  • Be wary. Don’t open attachments from people you don’t know.
  • Think before you click. Don’t click blindly. Check the link URL to make sure you are being directed to a legitimate site.
  • Keep your OS and browser updated. Make sure that you install the latest updates for your operating system and browser as well as any hardware updates that are available for your device as these often close up security holes.
  • Install security software. Use comprehensive security software that protects all your devices, like McAfee LiveSafe™.

Here’s to keeping all your devices nice and healthy!

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

What is a Remote Administration Tool (RAT)?

Ever felt like your computer was possessed? Or that you aren’t the only one using your tablet? I think I smell a rat. Literally, a RAT.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813A RAT or remote administration tool, is software that gives a person full control a tech device, remotely. The RAT gives the user access to your system, just as if they had physical access to your device. With this access, the person can access your files, use your camera, and even turn on/off your device.

RATs can be used legitimately. For example, when you have a technical problem on your work computer, sometimes your corporate IT guys will use a RAT to access your computer and fix the issue.

Unfortunately, usually the people who use RATs  are hackers (or rats) trying to do harm to your device or gain access to your information for malicious purposes. These type of RATs are also called remote access   as they are often downloaded invisibly without your knowledge, with a legitimate  program you requested—such as a game.

Once the RAT is installed on your device, the hacker  can wreak havoc. They could steal your sensitive information, block your keyboard so you can’t type, install other malware, and even render your devices useless. They  could also

A well-designed RAT will allow the hacker the ability to do anything that they could do with physical access to the device. So remember, just like you don’t want your home infested by rats, you also don’t want a RAT on your device. Here are some tips on how you can avoid  a RAT.

  • Be careful what links you click and what you download. Often times RATs are installed unknowingly by you after you’ve opened an email attachment or visited an software in the background.
  • Beware of P2P file-sharing. Not only is a lot the content in these files pirated, criminals love to sneak in a few malware surprises in there too.
  • Use comprehensive security software on all your devices. Make sure you install a security suite like McAfee LiveSafe™ service, which protects your data and identity on all your PCs, Macs, tablets and smartphones.

Keep your devices RAT free!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

How The Internet of Things can go very wrong

The Internet—one of history’s greatest inventions—is also one of history’s greatest platforms for crime. Here are ways things can go very wrong with the Internet of Things.

2DMed-hacking. Researchers have hacked many medical devices. Though it apparently hasn’t happened in the real world, yet, but it looks like it’s only a matter of time before medical equipment becomes hacked, such as automatic insulin pumps and pacemakers. The FDA is quite new to looking into this potential.

Sauna house. It’s possible for a hacker, if not currently, then in the near future, to get into your connected thermostat and kick it up to 120 degrees. Yes, it’s great to control the thermostat when you’re away from home…but someone else who has too much time on his hands might think that’s great, too!

Smartphones. Maybe one day it will be smarter to go back to the dumb phone. At least a dumb phone can’t be used by a hacker to turn things upside down for you, such as getting ahold of your financial account numbers or sensitive photos.

Your printer can get hacked. Someone could remotely bust into it and view your documents. A crook can infect your home printer with a Trojan to not only spy, but install malware. And if your printer is potentially a target for hackers, imagine what else around your house could be, such as your router and any other gadget that’s connected to the Internet.

From carjack to car-hack. A connected car can be hacked via its wireless enabled radio, with commands then going to the steering wheel or brakes. Know any computer geniuses who hate you and know your car is connected?

Satellite airline equipment is vulnerable to malicious invasions; this has potential repercussions to the communications involving airplanes and ships. This kind of hacking can go as far as tricking a plane to redirect its course.

The TSA carry-on baggage scanner can be hacked into and then used to get weapons past TSA checkpoints. There’s even a feature that can show fake images on the X-ray screen.

So, don’t worry about any of this. But DO something about it. At a minimum lock down your wireless with encryption. Routers come with WPA/2 security and it should be activated. Otherwise deploy antivirus, antispyware, antiphishing and a firewall.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

How your Webcam may be spying on You

Remember that song from 1984, “Somebody’s watching me?” It was a great foreshadowing of things to come: These days, people really CAN watch you while you go about your business at home…through your computer. So if someone confides in you that “they’re spying on me through my computer,” don’t be too quick to assume your friend went off his meds.

2WWebcam technology can enable a hacker to view you via your computer. The technology is called RAT: remote access Trojans. It can record keystrokes and obtain all of your files. And you’ll probably not know someone’s watching you. And how does a computer become a portal through which someone can spy on you? Numerous ways, including installing a “lost” thumb drive you found and clicking on links in e-mails or pop-up ads.

Just think of what all this can mean:

  • Nobody will have to imagine what you look like in your underwear.
  • The government may be spying on you. Your boss may be, too.
  • Your face, captured via your Webcam, can be compared to a face in a crowd. Doesn’t sound like a big deal unless you don’t want anyone to know you were in that crowd, such as a war protest.
  • Your headshot may end up on a selling list—like your phone number and home address surely already have—and these lists can get sold all over the place.
  • Will you ever be truly alone when getting intimate with your partner?
  • Criminals are hacking webcams and holding the footage for ransom.
  • Do you want anyone to know about that secret, disgusting habit you have?
  • Put a piece of masking tape over the Webcam camera.
  • Equip your device with the latest antivirus, antiphishing, antispyware and a firewall.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

What Is a Trojan Horse?

One of history’s great literary classics is Homer’s Iliad, which tells the story of the Trojan horse—the wooden horse that the Greeks hid in to enter the city of Troy and take it over. Two thousand and some odd years later, hackers use a digital Trojan horse to hide malicious files in seemingly harmless files with the intent to attack or take over your device. A Trojan horse (or Trojan) is one of the most common and dangerous types of threats that can infect your computer or mobile device. Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm—thus their name.

6DThere are a variety of types of Trojans, many of which can launch sophisticated and clever attacks. Here are some types to be aware of:

  • Password-stealing Trojans—These look for saved passwords on your computer and email them to the hackers. Some can even steal passwords cached in your browser history.
  • Remote access Trojans—These are quite common, allowing the attacker to take control of your computer and access all of your files. The hacker could potentially even access your online banking and credit card sites if you have your password stored in your browser memory or on your computer.
  • Destructive Trojans—These Trojans destroy and delete files from your computer
  • Antivirus killers—These Trojans detect and kill your antivirus and firewall programs to give the attacker easier access to your computer

A Trojan can have one or multiple destructive uses—that is what makes them so dangerous. It’s also important to realize that unlike viruses, Trojans are not self-replicating and are only spread by users who mistakenly download them, usually from an email attachment or by visiting an infected site.

Here are some steps you can take to avoid downloading a Trojan horse:

  • Beware of suspicious emails. Don’t open an email attachment if you don’t recognize the sender of the email
  • Use comprehensive security software. Protect all your devices with McAfee LiveSafe™ service as well as stay protected from spam, sketchy files, and viruses
  • Separate the good from the bad. Use an email program with a built-in spam filter to decrease the chance of a malicious email getting into your inbox
  • Know the threats. Keep current on the latest threats so you know what to look for when you receive suspicious emails

Remember that Trojans are common because they are so successful. Hackers use social engineering techniques, such as mentioning a current news topic or popular celebrity, to get you to click on their email. Just being aware of what they are and how they work can prevent you from having to deal with financial loss, identity theft, damage to your computer, and significant downtime.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Best Way to Destroy a Computer Virus

Computer viruses are here to stay, which means users need to know the best way to eradicate them the moment they attack. Like disease viruses, computer viruses evolve and get “smarter.” The many different kinds of computer viruses (such as worms, Trojans, spyware) are called malware: malicious software.

4HIn general, security software comes with instructions for getting rid of or containing malware.

For Windows users, Microsoft provides tools that get rid of malware. Between your operating system and antivirus software, you will have the basic tools for fighting off most viruses.

Tips for Protecting Your Computer

  • Every day, run a quick scan of all of your devices. But in addition, run a weekly deep scan. Either type of scan can be manually set up or set on an automatic timer (which is actually a lot better since you wont have to remember to do it).
  • Your e-mail program should be set to alert you before you download any graphics or executable files. If you can, set your e-mail to display only text, and to alert you before loading any graphics or links.
  • If you don’t recognize an e-mail sender, and the message includes a link, never click on the link. If the link has you curious, then visit the associated website via outside the e-mail, or, manually type the link’s web address into your browser. In fact, don’t even click on links in e-mails that are supposedly from a familiar sender. Fraudsters can make it look as though the sender is someone you know. Never mind how they do this; it happens.

You can outwit cybercriminals. You just have to be a little smarter than they are and never think, “It can’t happen to MY computer.” There’s nothing special about your computer that makes it intrinsically immune to cyber threats. You must be proactive and take measures to prevent malware attacks.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Malware at all time High

Malware is everywhere and isn’t about to disappear. The latest PandaLabs report says that last year alone, of all the malware that ever existed, cyber crooks created and distributed 20 percent of that. Malware comes in the form of Trojans, worms, viruses, adware/spyware and miscellaneous, with Trojans leading the pack.

6DRansomware seems to be gunning for the top spot, though, with a recent resurgence.

What about 2014? The 2013 Annual Security Report anticipates that the Internet of Things and Android devices will head the headlines (Android continues to be a favorite target of cyber criminals).

PandaLabs foresees that Android will get socked by hundreds of thousands of new malware strains. In 2013, criminals unleashed over two million new malware threats for Android.

Another area of attack is social media, and in 2013, even large companies, movie stars and politicians were affected.

The Trojan is a true warrior, in that it’s responsible for three-quarters of attacks, says PandaLabs. There was a huge leap in the number of circulating viruses as well, and is attributed to basically two virus families: Xpiro and Sality, says Luis Corrons, the technical director for PandaLabs.

Sality has been around for quite some time, but Xpiro is the new virus on the block, and can infiltrate “executable files on 32-bit and 64-bit systems,” says Corrons.

We’re in the midst of the malware plague; never mind the Bubonic plague. The whole planet is under attack, but some countries more so than others. China is the most infected, along with Turkey and Ecuador: 54.03, 42.15 and 40.35 percent of compromised personal computers, respectively.

Of the 10 least harmed countries, nine are in Europe; the other is Japan. For Sweden, Norway and Finland, the percentage of infected personal computers is 20.28 percent, 21.13 percent and 21.22 percent, respectively.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.