The possibility of infection malware’em should be taken into account
by any computer user. Underestimation of risk and
assume that the computer average Joe has no value
for cybercriminals – the largest of the two errors. The second mistake
is the assumption that you never surfing the web on sites
dangerous. G DATA studies have shown that the site dedicated to the
IT-themed constitute the largest proportion (almost 20 percent) sources
threats. Similarly dangerous are those related to business and
trade and health. Widely considered dangerous
pornographic and gambling sites are much smaller
threat .
On the other hand, the lack of information should acknowledge the fact that only
15 percent of Europeans are aware of what
is the Internet Items . And that’s another thing
cyber criminals to be interested.
What threats are now a key
The increasing awareness of threats and weight that users
attach to the system software update, made
that attacks using so-called exploits (holes in the system) does not
They are now so big threat. Cybercriminals switched
for activities that rely on the distribution of harmful
software, placing it on the victims’ computers.
One of the most popular channels spread
malware pests are very popular now devices
USB , in particular, portable memory, and shared
network resources to which access has more than one
the computer.
The actions taken by the malware focus
on spying devices victims and stealing sensitive data,
which then are used to steal such money.
Cybercriminals often try to carry out attacks in the
as to expose attacked losses, but such that the
not notice right away.
The Trojans and applications getters pests and adware that
opens loopholes in the system, the most common types of malware.
Very popular category of threats are banker Trojans. In
particularly sensitive to exposure devices are mobile in
which control the installed software is not so
easy. Pests are more perfect and even the introduction by
financial institutions, multi-level authentication is not
provides resistance to attacks.
There is a growing number of applications for those who actively spend their time and
use of electronic devices that connect to their smart phones.
They provide essential data for analysis of our health
and activity, but also much-needed cybercriminals.
Their analysis allows us to get to know our habits or
the way in which we spend our free time . Also, metadata
(location, type of equipment) attached to pose for photos
burglar valuable source of information. It can use them e.g.
to blackmail.
6 dangerous and active today pests
To describe all the risks to which we should pay
attention, do not have sufficed even a few special editions computer
The world like it. We have selected some of the most interesting examples
malware, importantly, these pests are still
active. Not all pose a direct threat to
average user. However, even the ones that are geared toward
institutions, indirectly trying to use as the weak link
just us.
»Read also: Learn how cybercriminals work.
You will be surprised!
Duqu 2.0
The first version of the malware Duqu, which was simplified, but
still very extended version of Stuxnet in 2010, focused
on attacking large institutions, including critical
nuclear safety (installations in Iran). Duqu 2.0, which
appeared in 2014, it is also directed to the attack on the company
safety committee.
2.0 Duqu hiding in memory, making it difficult to detect, and
also does not save any data on the drive during operation.
The creators of this worm have used stolen from Foxconn
certificate (issued by VeriSign) to authenticate dangerous
Software and hide generated by the movement. The worm on
the victim’s computer, which may spread to the entire network, in
which the computer works, it goes probably using attack
socio-technical – messages purporting to be from a person known to us. Thanks
supposedly real certificates being able to put the system
a controller that supports the communication with the control server
(C & amp; C).
The most well known security institution, which has been
attacked by Duqu 2.0, a Kaspersky Lab.
Poseidon
This is a perfect example of how specialized constant attacks
on payment terminals. Just hack into the system
the terminal managing swap files, so that it was possible
browse the memory and lessons of the information
loaded payment cards.
So does Poseidon, which is able to interpret the data from the cards
payment largest operators – VISA, Master Card, Discover
and Amex.
Client store, which uses the terminal is unable nothing
I do, when the terminal is infected Poseidon. Actions
This preventive action that should perform the shop.
These include traffic monitoring, at the location at which
it is directed. Poseidon contacts the servers.
Cryptolocker
This pest belongs to the category ransomware, or
Software forcing ransom. His function is to
encrypting drives on your computer and you receive a message from
telling you to pay a fee . It can be
Even denominated in bitcoinach.
Cryptolocker activated from time to time, and the most popular
its dissemination technique is spoofing (phishing).
The victim is provoked into running malicious
Software that is placed in a false correspondence
e-mail address.
There are more varieties of this software, and some
pests of similar effect impersonate the Trojan on
TeslaCrypt example.
ZeuS and ZitMo and similar Trojans
The ZeuS Trojan can be considered as the source of most current threats,
which lie in wait for users online banks. To fight
ZeuS-em banking institutions have begun to implement one-time password
sent to the smartphone (mTAN), which in combination with a password to
Services accounted for two-level security. The answer
cyber criminals was to develop a mobile version of ZeuS-and, ZitMo
(ZeuS in the Mobile). Both Trojans work together to
at the same time capture a password on the computer and sent to
one-time smartphone mTAN code.
An interesting technique for spreading the Trojan uses
Faketoken who would get on smartphone use
social engineering. Potential victim during an online session
presented a fake page, which is a link to
allegedly the necessary application . It has to ensure safe
two-stage authorization, and in fact is a spy who
intercepts sent by the bank mTAN one-time codes.
On the other hand, the Trojan Dridex, also derived from ZeuS-a,
enter on the computer uses a specially-crafted
an attachment to an e-mail with the extension DOC . In fact, it is
MHTML file with the script that gets a special code
a reputable party. This starts the whole sequence of actions that end
to install malware. To encourage user
to open the attachment, and then enable the macros in the file, the content
e-mail suggests that this is an important document.
Poweliks
Trojan without the files, but stored on your computer? In the case of
Poweliksa possible. When the owner of the attacked
Computer inadvertently downloads the Trojan file, it installs its code
Windows registry . Thanks to this pest is in
able to survive a reset of the device. Takes control
key tools, components of the system, which makes
activating the pest is initiated by the user.
Action Poweliksa in most cases boils down to
Download large number of advertising banners, which later
They are automatically clicked. Because this happens on many
computers in different places in the world, a cybercriminal can
safely make money on advertisers.
Theoretically, the owner of the infected computer will not bear losses
but as it turns out, the activity may also include Poweliksa
installing other malware.
Superfish
This technique harm has caused an uproar on the occasion
detection of adware software components installed on
Lenovo computers. The name comes from the application Superfish Visual
Discovery, but the functionality of adware does not end
danger.
pests using a technique such as Superfish
They take control of the data stream that reaches
Browser . It is necessary to enter a code
page advertising blocks matched to the subject of inquiry. Superfish
data reaching your computer acts as a browser, and for
actual browser on your computer as a server, which
sends a page.
To browser does not objected against such actions
pest, places it in a system with very bogus certificate
big powers. Such action is taken theoretically
only for advertising purposes, and in practice the SSL module Digestor,
which is the software component Superfish allows the
eavesdropping secure HTTPS protocol.
In the case of the Lenovo pest has already been placed on your computer in
time of sale. However, other malware could exploit this
technology to spy. Importantly, the said certificate,
remove it manually. Uninstalling unwanted applications nothing
It gives you.
This article is excerpted from e-edition special Safe on the Internet
available on this website ksplus.pl
The latest version of G Data Internet Security – Virus Protection for
year for free
Fig. alphaspirit, Kris Christiaens, Lilyana
Vynogradova Piotr Pawinski / 123rf.com
No comments:
Post a Comment