• Tag Archives antivirus

  • CTB-Locker ransomware spreading through fake Windows 10 Update emails

    Posted on by admin Comment

    With the highly publicized release of Microsoft’s Windows 10 on July 29th, scammers and malware developers were quick to jump in and use it as a method of distributing malware. Cisco’s Talos Group has discovered a email campaign underway that pretends to be from Microsoft and contains an attachment that will supposedly allow you to upgrade to Windows 10. In reality, though, this email is fake and once you double-click on the attached file, you will instead become infected with the encrypting ransomware CTB-Locker.

    win10_blacked_out.png

    Image of fake Windows Update Email courtesy of Cisco

    As you can see the email pretends to be from the email address update@microsoft.com and contains the subject [b]Windows 10 Free Update. Even the email message looks legitimate with no spelling mistakes or strange grammar. This is because the content is copied directly from Microsoft’s site. The only tell-tale sign is that there will be some characters that do not render properly. Unfortunately, this small sign will not be enough for many people to notice.

    Furthermore, once they download the attachment and extract it, the attached Win10Installer.exe icon will be the familiar Windows 10 logo.

    It isn’t until you inspect the file properties of the attachment, do you see that something is not right as its file description will be iMacros Web Automation and the copyright for the program will belong to Ipswitch. Ipswitch is a legitimate company and not the ones who released this malware.

    Finally, if a user double-clicks on the Win10Installer.exe file, they will not be greeted with the normal Windows 10 upgrade screen. Instead, after a brief delay they will be shown the screen for the CTB-Locker ransomware.

    CTB-Locker Computer Virus removal and data file recovery service. Local and Online service. Fort Lauderdale,Miami, Boca Raton and all South florida
    CTB-Locker Computer Virus removal and data file recovery service. Local and Online service. Fort Lauderdale,Miami, Boca Raton and all South florida

    At this point, the computer’s data will be encrypted and there is not much that can be done about it.

     

    IF INFECTED Visit Our Main Site OR call 754-234-5598

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere


    📂This entry was posted in Computer News Computer Repair bulletin Virus Threats 📎and tagged

  • SandroRAT Mobile Phone Android Malware that Disguises as Kaspersky Mobile Security

    Posted on by admin Comment
    Researchers have warned users of Android devices to avoid app downloads from particularly unauthorized sources, since a new and sophisticated piece of malware is targeting Android users through phishing emails.
    The malware, dubbed SandroRAT, is currently being used by cybercriminals to target Android users in Poland via a widely spread email spam campaign that delivers a new variant of an Android remote access tool (RAT).
    The emails masquerade itself as a bank alert that warns users of the malware infection in their mobile device and offers a fake mobile security solution in order to get rid of the malware infection.
    The mobile security solution poses as a Kaspersky Mobile Security, but in real, it is a version of SandroRAT, a remote access tool devised for Android devices, whose source code has been put on sale on underground Hack Forums since December last year.
    A mobile malware researcher at McAfee, Carlos Castillo, detailed the new variant of Android remote access trojan over the weekend. According to the researcher, the package spread via phishing campaign is capable of executing several malicious commands on the infected devices.
    SandroRAT gives the attacker an unrestricted access to sensitive details such as SMS messages, contact lists, call logs, browser history (including banking credentials), and GPS location data stored in Android devices and store all the data in an “adaptive multi-rate file on the SD card” to later upload them to a remote command and control (C&C) server.

    Spam campaigns (via SMS or email) are becoming a very popular way to distribute Android malware, which can steal personal information or even obtain complete control of a device with a tools like SandroRat,” wrote Carlos Castillo. “This attack gains credence with the appearance of a bank offering security solutions against banking malware, a typical behavior of legitimate banks.”

    This new version of SandroRAT also has a self-update feature in it and it can install additional malware through user prompts for such actions. The malware gives the attacker full control over the messages, who can intercept, block and steal incoming messages, as well as insert and delete them.
    It also appears that the attacker can send multimedia messages with specific parameters sent by the C&C server and can also record nearby sounds using the device’s mic.
    Castillo also notes that the SandroRAT variant of malware had decryption capabilities for older releases of Whatsapp messaging app. But, the users running the latest version of Whatsapp in their Android devices are not vulnerable because the developers adopted a stronger encryption scheme.

    This decryption routine will not work with WhatsApp chats encrypted by the latest version of the application because the encryption scheme (crypt7) has been updated to make it stronger (using a unique server salt),” Castillo explained. “WhatsApp users should update the app to the latest version,” he advised.

    Users are advised to avoid application downloads from unauthorized sources, particularly when the app download link is send through an email. Good practice is to always prefer downloading apps from the Google Play Store or other trusted sources.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida

     


    📂This entry was posted in Virus Threats 📎and tagged

  • John McAfee ‘grateful’ Intel is dropping his name from ‘worst software on the planet’

    Posted on by admin Comment

    John McAfee

    John McAfee is glad that Intel is dropping his name from McAfee’s antivirus software. 

    The UpTake: Intel is dropping the McAfee name from the antivirus software brand. It’s infamous founder, John McAfee, couldn’t be happier.

    John McAfee is finally glad to be rid of his embarrassing association with McAfee antivirus software.

    Intel, which acquired McAfee Inc. in 2011, is dropping the McAfee brand in favor of Intel Security. McAfee founded the eponymous global software security firm in 1987, but left the company in 1994. When we last checked in with the gonzo antivirus pioneer, he was being evicted from his luxury Portland apartment and employing biker bodyguards.

    His response to Intel’s rebranding was pure McAfee: “I am now everlastingly grateful to Intel for freeing me from this terrible association with the worst software on the planet,” he told the BBC. “These are not my words, but the words of millions of irate users. My elation at Intel’s decision is beyond words.”

    Intel CEO Brian Krzanich announced the name change at the International Consumer Electronics Show this week. It’s not clear that McAfee’s shenanigans had anything to do with the re-branding.

    McAfee’s disdain for the product bearing his name is well known.

    “Although I’ve had nothing to do with this company for over 15 years, I still get volumes of mail asking how do I uninstall this software,” McAfee said in a salty parody video released in June called “How to Uninstall McAfee Antivirus Software.” Warning: the video, embedded below, contains mature themes and John McAfee.

    Visit or our Repair section and services, or Call 754-234-5598 to repair your computer online for a small fee

    www.ccrepairservices.com


    📂This entry was posted in Computer News 📎and tagged

  • Support for Microsoft Security Essentials on Windows XP ends April 8th

    Posted on by admin Comment

    [​IMG]

    Microsoft will no longer provide Microsoft Security Essentials for the OS after April 8th.

    The news came via a new revision of Microsoft’s Windows XP end-of-support web page that included that tidbit of information. Specifically it said, “Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date.”

    Earlier today, we contacted Microsoft to ask if the Windows team was going to make extra efforts to close any exploits in Windows XP before the April 8th deadline. Microsoft responded with this statement from a spokesperson that, while it did not answer our question directly, it seems to be an appropriate one for the purpose of this story:

    Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape. In addition, Microsoft recommends best practices to protect your PC such as: 1) running up-to-date antivirus, 2) regularly applying security updates for all software installed, and 3) using modern software that has advanced security technologies and is supported with regular security updates.

    The lesson here is that Microsoft is cutting ties with Windows XP in just three months and they want users to know that it will be vulnerable to bugs and issues afterwards that won’t be fixed.

    Update: An earlier version of this story stated that Microsoft would not supply anti-virus updates for Windows XP owners who had Microsoft Security Essentials installed. This has not yet been confirmed so we have updated the story to reflect that information. Microsoft did state in October that it “will not guarantee updates” for the program after April 8th. We have emailed Microsoft to get a definitive statement on this matter.

    ONLINE COMPUTER REPAIR SERVICES AND NEWS AT

    www.ccrepairservices.com


    📂This entry was posted in Computer News 📎and tagged