Ransomware virus – A potential business killer
Ransomware has become even more common throughout the past two years. It is a demanding virus that is caught through emails, downloaded files or hidden in apps on your phone or PC. The virus then encrypts all major files e.g. Word documents, PDF files and demands you to pay a fee to get them back. Normally the fee is demanded in bitcoins, a virtual currency to make it less traceable. “When I found out that our files had been encrypted with ransomware it was like our business had shutdown, our files had gone and we couldn’t work on anything”- says Glenn Thompson, director of Advance FM.
Computerman reacted when Glenn noticed that his files were beginning to turn into ZEPTO files, the popular format to encrypt the files. Ransomware is becoming increasingly popular as a lot of people are being blackmailed into paying over the ransom in a desperate bid to get their files back.
When Computerman arrived at Advance, half of their files were already encrypted, but we found the computer that was infected with the virus, disconnected it from the network and shut down the server to stop more infection.
Computerman worked from a backup to salvage as many files as possible, luckily the backup was from the day before so no data was lost. “You would never believe the amount of trouble this causes for a business” – says Nigel Bawden, director of T-Mex LTD. “We couldn’t work on our computers until the virus was removed from the server and it is surprising how businesses rely heavily on computers”. “Computerman ensured that all my files were back as quickly as possible with minimal disruption”.
“We had to go through and check every single folder, to make sure there wasn’t a ZEPTO file in sight”, said Harry Simpson, IT Engineer at Computerman. “It was a very long process, but it had to be done to save T-Mex’s files”, he added.
If you ever get caught out in ransomware or find your files have been encrypted call Computerman on 01622 677677 or visit our website www.computermanuk.co.uk
- Published in Software, Tech News, Technology
Windows 10: Updating your computer may reinstall unwanted Microsoft apps
MICROSOFT appears to reinstall a slew of bundled Windows 10 apps alongside its latest update – regardless of whether or not you’ve previously deleted the software.
Windows 10 Anniversary Update is quite a hefty upgrade.
It includes a number of new features, including Windows Ink, which lets users screenshot at the touch of a button.
Cortana also gets some new capabilities, and Microsoft has allowed third-party web apps and services to tap into its ‘Windows Hello’ functionality.
However users have criticised that Microsoft is reinstalling a number of its bundled apps – after users had purposely removed them.
It is unclear whether this is an intentional decision to override user’s preferences, or whether it is a glitch in the upgrade process.
Windows 10 users will now have to remove their installed apps again, eliminating any unwanted software in an effort to free-up some additional space.
Windows 10 sends allot of usage data back to Microsoft, from what apps users are accessing to how often they are using them.
Allowing virtual assistant Cortana – who can set reminders, launch web searches, order a taxi, track flight information and more – surges the amount of data sent to Microsoft in a bid to make their services better and more streamlined. But how long are Microsoft going to do this before they lose customers?
- Published in Software, Tech News, Technology
“Button of Death” will save billions dollars a year
Deploying of Kill Switch button would make pointless the theft of smartphones .
U.S. consumers spend a year at $ 1.1 billion for purchase of new smartphones caused by theft or loss
The implementation of the so-called. “Click of death” (Kill Switch) in smartphones will save the holders of smart devices billions of dollars a year, estimated experts from Creighton University in Omaha, Nebraska.
At the insistence of the trade organization CTIA, as of July 2015, all smartphones have to have this software by which the owners of lost or stolen devices can remotely delete personal information and make the device inoperable.
Creighton researchers have calculated that in the United States annually consumers spend about $ 1.1 billion for the purchase of new smartphones caused by theft or loss. These costs can be avoided after the implementation of the function Kill Switch which will make the phone unusable for other persons.
Moreover, Americans annually spend huge amounts for insurance on their mobile devices. According to the study, the total insurance amount is $ 5.5 billion. The Expectations are that the “button of death” will reduce this cost to $ 2.3 billion annually.
Warning!Gameover Zeus Trojan began to grow strong
The IT company Malcovery Security announced that has revealed criminal cyber group that attempts to recreate a new botnet based on a modified version of the virus Gameover Zeus.
Gameover Zeus Trojan is designed mainly to steal personal financial information. According to recently published material of FBI ,the botnet has caused damage estimated at over 100 million U.S. dollars worldwide.
Experts note that the blocking of this trojan requires special equipment and united efforts of multiple antivirus labs. In contrast to former Trojans that running through networks of servers and registered domains , Gameover uses peering architecture. Decommissioning or interruptions of one infected computer system does not affect the entire botnet.
Malcovery claim to has detected a spam-emails that sending out the malicious code. The new modification of the Gameover Zeus doesn`t use the P2P structure already ,instead passed to the DGA (domain name generation algorithm) system that allows a hybrid operation of this Trojan – both through peering networks and through a system of random chosen servers .
How to protect yourself against GameOver Zeus & CryptoLocker Viruses
Lucas Zaichkowsky, an enterprise defense architect with CrowdStrike, pointed out that most antimalware tools do a poor job of identifying and blocking botnet threats and offered this advice to help individuals avoid becoming victims:
- Block email attachments containing executable files or ZIP files with executable files like EXE and SCR.
- Install antivirus software. Although not perfect, antivirus software can still catch a large percentage of malware and reduce noise. Free antivirus software such as AVAST!, Microsoft Security Essentials or AVG Free are just as good as commercial offerings, so don’t feel like you have to pay money to get a good product.
Advice from Get Safe Online
- Install internet security software from companies listed on Get Safe Online’s Facebook and Google+ profiles to download a free tool to scan for Gameover Zeus and CryptoLocker, and remove them from your computer
- Do not open attachments in emails unless you are 100% certain that they are authentic
- Make sure your internet security software is up-to-date and switched on at all times
- Make sure your Windows operating system has the latest Microsoft updates applied
- Make sure your software programs have the latest manufacturers’ updates applied
- Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
- Never store passwords on your computer in case they are accessed by Gameover Zeus or another aggressive malware program
The action related to a strain of malware – meaning malicious software – known as Gameover Zeus.
Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate – such as a bank – when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim’s machine, Gameover Zeus will search specifically for files containing financial information.
If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker – a ransomware program that locks a person’s machine until a fee is paid.
The FBI said Gameover Zeus could be responsible for “financial losses in the hundreds of millions of dollars”.
New Virus Threat: Computer users given two-week warning
Beware of CryptoLocker malware
PC users are being warned to be on their guard against emails purporting to be from the Royal Mail and containing CryptoLocker, a malicious piece of software that locks computers with an unbreakable encryption.
The email states that a lost or missing package is waiting for you at your local sorting office and asks recipients to download an attachment to find out more. Those who do immediately start to install the CryptoLocker malware on to their computer, without realising what they have done.
CryptoLocker will encrypt all the data on the computer, including photos, music and personal documents, using a public key.
A message will then appear on the screen stating that all of the data is locked and can only be unlocked with a private key, which the scammers promise to hand over once the computer owner has sent them a payment.
The fraudulent Royal Mail email was discovered when a victim contacted the Action Fraud call centre. It is the second piece of malware hidden in a fake Royal Mail email that has come to light in recent months.
As a result of the scams, Royal Mail has issued advice warning members of the public that it will never include attachments in an unsolicited email, and stating that it does not email its customers asking for any personal information. It has also notified the National Fraud Intelligence Bureau.
“We encourage any customer who receives a suspicious email claiming to be from Royal Mail to contact our customer services department on 08457 740 740,” a spokesperson said, adding that the company follows “robust security procedures” to protect its customers.
Anyone wishing to book a redelivery of a Royal Mail parcel can do so online at the Royal Mail website.
Scammers using CryptoLocker typically ask for ransoms of either $300 or €300, which must be sent through an anonymous pre-paid cash voucher such as MoneyPak or Ukash or the equivalent amount in Bitcoins.
If the extortionists do not receive the payment within 72 to 100 hours, victims are warned the private key will be destroyed and nobody will ever be able to recover their data.
The encryption uses publicly available, well-established algorithms developed by governments and other legitimate bodies that means it is widely seen as unbreakable. When Guardian Money warned readers about CryptoLocker ransomware in October, a spokesperson for security firm Sophos told us that “if you haven’t got back up and you get hit by CryptoLocker, you may as well have dropped your PC over the side of the bridge”.
Since then, it is estimated that more than 250,000 PCs have been infected and the UK’s National Crime Agency has warned 10 million UK-based email users are being targeted.
Only PCs running Windows can be infected but the CryptoLocker malware can be hidden in any executable attachment or sneak on to your computer via a driveby download from a disreputable or infected website.