• Category Archives Computer News
  • News about computer and IT technology services

  • Prison Locker Virus Upcoming in 2014

    Ransomware is one of the most blatant and obvious criminal’s money making schemes out there. Ransomware malware was mostly known by the people when Cryptolocker comes into play. At the time when readers were getting aware of ransomware, Cryptolocker threat had touched the peak and other money motivated cyber criminals have started developing their own Cryptolocker versions.

    Two hackers going by the name of ‘gyx’ and ‘Porphyry’ (admin of maldev.net hacking forum) are advertizing a new ramsomware malware tool-kit called “Prison Locker” on various hacking forums with tutorials.

    They have developed the Prison Locker a.k.a Power Locker ramsomware toolkit in C/C++ programming language, proving a GUI version with customizable features for customers.

    The Ransomware is using BlowFish encryption to encrypt all available files on the victim’s hard disk and shared drives except .exe, .dll, .sys, other system files.

    During encryption it will generate unique BlowFish key for each file and then encrypts the keys further with RSA-2048 encryption and will send victim’s system information back to the command-and-control center of the attacker.

    As the developer mention in a Pastebin post, the Command-and-control center allows an attacker to set the ramsomware warning time duration, ransom amount, payment mode and also allow decrypting the files on the victim system after payment received.

    The addition features added to Prison Locker:

    • The malware is able to detect Virtual Machine, Sandbox mode, and debugging environments.
    • It Will disable Windows key & Escape key to prevent unwanted user actions.
    • Malware can startup in both regular boot mode and safe boot under HKCU.
    • Kills taskmgr, regedit, cmd, explorer, and msconfig. processes to prevent unwanted user actions.

    If you get infected with this virus call Computer Repair Services at 754-234-5598

    www.ccrepairservices.com


  • Intelligence Agencies going to Deploy Internet Surveillance project NETRA

    Think twice before using some words like ‘Bomb’, ‘Attack’, ‘Blast’ or ‘kill’ in your Facebook status update, tweets or emails, because this may flag you as a potential terrorist under a surveillance project of Indian Security agencies.

    This Indian Internet surveillance project named as NETRA (Network Traffic Analysis), capable of detecting and capture any dubious voice traffic passing through software such as Skype or Google Talk, according to the Economic Times.

    In Hindi, NETRA means “eye” and this project is an Indian version of PRISM i.e. A spying project by US National Security Agency (NSA), that also allows the government to monitor the Internet and telephone records of citizens.

    Read more: https://thehackernews.com/2014/01/indian-intelligence-agencies-going-to.html

    In Hindi, NETRA means “eye” and this project is an Indian version of PRISM i.e. A spying project by US National Security Agency (NSA), that also allows the government to monitor the Internet and telephone records of citizens.

    Reportedly, NETRA is under testing right now by the Indian Intelligence Bureau and Cabinet Secretariat and after on success will be deployed by all Indian National security agencies. Centre for Artificial Intelligence and Robotics (CAIR), a lab under Defence Research and Development Organisation (DRDO) is still hardworking on ‘Netra’ project to give it extraordinary features like NSA’s PRISM. One of the fun fact about the project is that, NETRA is defined to use only 300 GB of storage space for storing the intercepted internet traffic… Are they serious..? HOW is it POSSIBLE? and this data will be shared with only maximum three security agencies, including the Intelligence Bureau (IB) and Cabinet Secretariat. At this time, even I am not sure that what does they mean by “300 GB of storage space”, but we are trying to contact DRDO guys for more further information on this matter.

    Read more: https://thehackernews.com/2014/01/indian-intelligence-agencies-going-to.html

    Reportedly, NETRA is under testing right now by the Indian Intelligence Bureau and Cabinet Secretariat and after on success will be deployed by all Indian National security agencies.

    Centre for Artificial Intelligence and Robotics (CAIR), a lab under Defence Research and Development Organisation (DRDO) is still hardworking on ‘Netra’ project to give it extraordinary features like NSA’s PRISM.

    One of the fun fact about the project is that, NETRA is defined to use only 300 GB of storage space for storing the intercepted internet traffic… Are they serious..? HOW is it POSSIBLE? and this data will be shared with only maximum three security agencies, including the Intelligence Bureau (IB) and Cabinet Secretariat.

    At this time, even I am not sure that what does they mean by “300 GB of storage space”, but we are trying to contact DRDO guys for more further information on this matter.

    Anyway, NSA has a 100,000 square foot “mission critical data center”, where they are intercepting 1.7 billion American electronic records and communications a day, using 5 Zettabytes (1 Trillion GB) space to keep every information stored for next 500s years at least.

          Also some questions arise here that:

    • Do they have the capability to handle and analyze such huge amount of data? (If it is not 300GB only)
    • Other than terrorist attacks, will they also deal with Computer Security Incidents and vulnerabilities?
    • What does that 300 GB of storage space mean?

    The government should clear the objectives and ability of the NETRA project. Because according to the population of Internet users in India, words like ‘Bomb’, ‘Attack’, ‘Blast’ or ‘kill’ will trigger RED ALARM millions of times a day and if they don’t have the capability to trace down right mischief people, rather than disturbing elements, which may purposefully divert the attention of security agencies for various means.

    Another major concern is Privacy, unwarranted digital intrusions and interference with citizens’ online communications.

    Visit or our Repair section and services, or Call 754-234-5598 to repair your computer online for a small fee

    www.ccrepairservices.com


  • Apple Mac OS X Flashback Trojan Is still Alive, Recently Infected 22,000 Machines

    The Flashback Trojan, the most sophisticated piece of malware that infected over 600,000 Apple’s Macs systems back in April, 2012 is still alive and has infected about 22,000 machines recently, according to the researchers from Intego.

    For a refresh, Flashback Trojan was first discovered in September 2011, basically a trojan horse that uses a social engineering to trick users into installing a malicious Flash player package.

    Once installed, the Flashback malware injects a code into that web browser and other applications like Skype to harvest passwords and other information from those program’s users. The Trojan targets a known vulnerability in Java on Mac OS X systems.

    The system gets infected after the user redirects to a compromised website, where a malicious javascript code to load the exploit with Java applets. Then an executable file is saved on the local machine, which is used to download and run malicious code from a remote location.

    It took Apple months to recognize the severity of this Mac malware threat, which first appeared in the Fall of 2011. However, Apple released the patch and updated the specific introduction about the operating system,“It doesn’t get PC viruses” to “It’s built to be safe.” on the Apple website. Intego said:

    “The Apple Product Security Response team took serious actions in 2012 to mitigate the threat using XProtect and other security updates (including a Malware Removal Tool), however, the botnet count was only divided by six according to our sinkhole.

    Now in 2014, Intego researcher Abbati claims that Flashback botnet is still alive and is silently “adrift.”

    “Intego purchased some of the command and control (C&C) server domain names to monitor the Flashback threat that infected hundreds of thousands of Macs. Beginning January 2, we studied those domains and our sinkhole servers recorded all connections from Macs where Flashback is still active and trying to contact the C&C servers.

     

    Flashback botnet On April 2012, the Mac world was stunned to learn that the Flashback Trojan had infected millions of machines. The Flashback Ad-clicking the component tool that caused infected Macs to view sponsored links that had the potential to generate millions of dollars in fraudulent ad revenue. In addition, it has the capability to do much more, including sending spam, engaging in denial-of-service attacks, or logging passwords.

    To protect your computer from contracting the virus now, Call Online Complete Computer Repair Services 754-234-5598

    www.ccrepairservices.com

     


  • Hackers behind TARGET data breach are looking for crackers to decrypt Credit card PINs

    I think you haven’t forgotten the massive data breach occurred at TARGET, the third-largest U.S. Retailer during last Christmas Holidays. People shop during Black Friday sales in which over 40 million Credit & Debit cards were stolen, used to pay for purchases at its 1500 stores nationwide in the U.S.

    TARGET officially confirmed that the encrypted PINs (personal identification numbers) of payment cards were stolen in the breach, since the stolen pin data were in encrypted form so they were confident that the information was “Safe and Secure”, because PIN cannot be decrypted without the right key.

    The Breach was caused by a malware attack, that allowed the criminals to manipulate Point of Sale (PoS) systems without raising red flags and the card numbers compromised in the breach are now flooding underground forums for sale.

    Possibly a group of Eastern European cyber criminals who specializes in attacks on merchants and Point-of-Sale terminals either attached a physical device to the PoS system to collect card data or they infected the PoS system with malware which sniffed the card data as it passes through a PoS system.

    However, the hackers have all 40 Million payment card details, but the PINs are encrypted with Triple-DES (Data Encryption Standard), which is a highly secure encryption standard used broadly throughout the U.S.

    Recently, The Cyber Intelligence firm IntelCrawler noticed that a group of individuals are discussing in underground hacking forums, attempting to decrypt a 50GB dump of Triple DES (3DES) encrypted PIN numbers believed that it belongs to TARGET breach. They asked for a ‘pro hacker’ to decrypt the information at a fee of $10 per line.

    IntelCrawler also claims that cracking the Triple-DES may be a slow process, but not impossible and vulnerable to brute-force attack using cracking tools i.e. John the Ripper.

    Security researcher, Robert Graham writes a blog post, suggested that hackers can get PINs without decrypting them, because two identical PINs decrypt to the same value.

    For example, let’s say that the hacker shopped at Target before stealing the database. The hacker’s own debit card information will be in the system. Let’s say the hacker’s PIN was 8473. Let’s say that these encrypts to 98hasdHOUa. The hacker now knows that everyone with the encrypted PIN of “98hasdHOUa” has the same pin number as him/her, or “8473”. Since there is only 10,000 combination of PIN numbers, the hacker has now cracked 1000 PIN numbers out of 10 million debit cards stolen. He recommended that TARGET should at least salt the encryption, to make it more difficult for crackers.

    ONLINE COMPUTER REPAIR SERVICES AND NEWS AT

    www.ccrepairservices.com


  • Windows 9 to be released in April 2015

    [​IMG]

    If you compare how Windows 8 has been doing until now to how Windows 7 did in its first two years of existence, you will come to the conclusion that it did not do as well.

    Some say it failed as much as Windows Vista did, and while there are certainly similarities between the two operating systems, it is an unfair comparison.

    While Vista and 8 shipped after hugely successful Windows versions, XP and 7 to be precise, the why they failed is different.

    As far as Windows 8 is concerned, it failed because it concentrated too much on the creation of a unified platform, on mobile and touch features, and not enough on the desktop part of the system.

    In addition, decisions to make live for desktop users difficult, by removing the start menu or forcing them to start on the Start Screen interface, added to the frustration of many users.

    And then there is the slowing of the PC market, largely attributed by a shift to mobile and consumption, and by the fact that PC hardware has not seen any evolution in recent time.

    Microsoft did restore some features with Windows 8.1, and the upgrade is seen by many as a baby-step in the right direction.

    What we do know for certain is that a service-pack like upgrade will be released in April 2014 for Windows 8.1. It is not clear if it will introduce any new features or modifications to the operating system.

    The update could however be the last for Windows 8, as Microsoft could release Windows 9 as early as April 2015 according to Paul Thurrott.

    It is a rumor at this point in time, but according to Paul’s unnamed sources, Windows Threshold could indeed be Windows 9.

    Again, this is a rumor and subject to change. It would however make sense to move away from the Windows 8 name as soon as possible due to its performance up to this point. It would also keep the “every second Windows is a good Windows” rule alive, provided that Microsoft is improving the experience for desktop users on Windows 9.

    Two of the previous rumors in regards to Windows Threshold are that it will bring back a full start menu, and that it will allow users to run apps on the desktop in windows.

    According to Paul, Microsoft will deliver three milestone releases prior to the public availability of Windows 9 in April 2015. The company won’t release an early alpha version on this year’s Build conference though as work won’t have started yet on that version.

    Microsoft has a year to deliver Windows 9. Some may say that this is not a long time, and that it is unlikely that Windows 9 will ship with many major changes and feature additions in comparison to Windows 8.

    It is however enough time to further modify the operating system to make it more appealing to desktop users.

    ONLINE COMPUTER REPAIR SERVICES AND NEWS AT

    www.ccrepairservices.com


  • Support for Microsoft Security Essentials on Windows XP ends April 8th

    [​IMG]

    Microsoft will no longer provide Microsoft Security Essentials for the OS after April 8th.

    The news came via a new revision of Microsoft’s Windows XP end-of-support web page that included that tidbit of information. Specifically it said, “Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date.”

    Earlier today, we contacted Microsoft to ask if the Windows team was going to make extra efforts to close any exploits in Windows XP before the April 8th deadline. Microsoft responded with this statement from a spokesperson that, while it did not answer our question directly, it seems to be an appropriate one for the purpose of this story:

    Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape. In addition, Microsoft recommends best practices to protect your PC such as: 1) running up-to-date antivirus, 2) regularly applying security updates for all software installed, and 3) using modern software that has advanced security technologies and is supported with regular security updates.

    The lesson here is that Microsoft is cutting ties with Windows XP in just three months and they want users to know that it will be vulnerable to bugs and issues afterwards that won’t be fixed.

    Update: An earlier version of this story stated that Microsoft would not supply anti-virus updates for Windows XP owners who had Microsoft Security Essentials installed. This has not yet been confirmed so we have updated the story to reflect that information. Microsoft did state in October that it “will not guarantee updates” for the program after April 8th. We have emailed Microsoft to get a definitive statement on this matter.

    ONLINE COMPUTER REPAIR SERVICES AND NEWS AT

    www.ccrepairservices.com


  • What It’s Like When The FBI Asks You To Backdoor Your Software

    At a recent RSA Security Conference, Nico Sell was on stage announcing that her company—Wickr—was making drastic changes to ensure its users’ security. She said that the company would switch from RSA encryption to elliptic curve encryption, and that the service wouldn’t have a backdoor for anyone.

    As she left the stage, before she’d even had a chance to take her microphone off, a man approached her and introduced himself as an agent with the Federal Bureau of Investigation. He then proceeded to “casually” ask if she’d be willing to install a backdoor into Wickr that would allow the FBI to retrieve information.

    MORE HERE: https://securitywatch.pcmag.com/secu…en-the-fbi-asks-you-to-backdoor-your-software

    ONLINE COMPUTER REPAIR SERVICES AND NEWS AT

    www.ccrepairservices.com


  • Extracting Your Encryption Key

    Hey, is that a parabolic antenna in your pocket or are you just happy to see my laptop?

    This is some scary stuff….for all of us. It is now possible to extract your encryption keys using a cellphone, antenna and some other ways like simply touching your machine or attaching a cable. The sounds eminating from your computer gives away your encryption while your computer is decrypting data.

    See how it’s done: RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysisdt@infootnoteThe authors thank Lev Pachmanov for programming and experiment support during the course of this research.dt@infootnote – acoustic-20131218.pdf

    Abstract
    Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: they can convey information about the software running on the computer, and in particular leak sensitive information about security-related computations. In a preliminary presentation (Eurocrypt’04 rump session), we have shown that different RSA keys induce different sound patterns, but it was not clear how to extract individual key bits. The main problem was that the acoustic side channel has a very low bandwidth (under 20kHz using common microphones, and a few hundred kHz using ultrasound
    microphones), many orders of magnitude below the GHz-scale clock rates of the attacked computers.

      In this paper we describe a new acoustic cryptanalysis.key extraction attack, applicable to

    GnuPG’s current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away. Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be performed by measuring the electric potential of a computer chassis. A suitably-equipped attacker need merely touch the target computer with his bare hand, or get the required leakage information from the ground wires at the remote end of VGA, USB or Ethernet cables.

    The paper’s authors demonstrated an “attack” running in a lecture hall, and suggested other plausible scenarios:

  • Install an attack app on your phone. Set up a meeting with your victim, and during the meeting, place your phone on the desk next to the the victim’s laptop.
  • Break into your victim’s phone, install your attack app, and wait until the victim inadvertently places his phone next to the target laptop.
  • Construct a webpage, and use the microphone of the computer running the browser using Flash or another method. When the user permits the microphone access, use it to steal the user’s secret key.
  • Put your stash of eavesdropping bugs and laser microphones to a new use.
  • Send your server to a colocation facility, with a good microphone inside the box. Then acoustically extract keys from all nearby servers.
  • Get near a protected machine, place a microphone next to its ventilation holes, and extract the secrets
  • The techniques the authors describe can be countered by sound dampening, but the white noise of a PC’s fan can be pretty easily filtered out. The researchers said that they supplied their attack vector to GnuPG developers before publication, let them develop revised code, and yet it was still vulnerable. The answer may lie in using software to try and obfuscate the audible sound emanations, they said