Monday , September 23 2019
Home / czechrepublic / Dangerous viruses attack computers and mobile phones

Dangerous viruses attack computers and mobile phones



The most common type of attack are various phishing messages. These are usually unwanted emails where fraudsters impersonate a bank and send fraudulent offers about a new service or account.

Basically, they are fishing on the Internet and waiting for someone to catch fish. In this way, they are trying to lure cash as well as their sensitive information into the black market.

Identity theft attacks are not only lurking on the Internet, but cybercriminals are increasingly trying to text them. On smartphones, they can also be very dangerous, as they can download harmful viruses from the Internet as well as spam.

Mobile threats are on the rise

That's why security experts constantly point out that mobile phones and tablets should be protected just like traditional computers. However, many people still don't realize this, which is very useful for computer pirates.

On the mobile devices mentioned above, users very often store sensitive personal information, passwords and, last but not least, and use them to manage their bank accounts. The last activity mentioned is probably the most attractive for computer pirates.

According to most sober estimates, tens of thousands of viruses circulate daily in the Internet environment.

If hackers access Internet banking credentials, they are just one step away from raising your account. All they have to do is smuggle another uninvited visitor to a phone that can capture SMS messages to confirm payment.

According to most sober estimates, tens of thousands of viruses circulate daily in the Internet environment. About half of them target mobile devices.

They try to remain anonymous

The biggest problem with sophisticated threats is that they try to remain anonymous for as long as possible. Such malicious users can then remotely eavesdrop on users, monitor their work, but easily and skilfully bypass authentication mechanisms in online banking.

Even the various blackmail viruses that plucked users' foreheads last year will not be sidelined. They lock the computer or cellphone and demand thousands of ransoms to buy back stored data.

The programs, each specialized in something different, help detect such garbage on your computer or smartphone. Some can manage trojans or spyware, while others detect so-called keyloggers.

The cost of such applications typically ranges from 500 to several thousand kroner. In addition, there are free alternatives most often offered by companies just to try out and want to pay for a more advanced version. But also be able to run ads and make money.

Test results for free and paid applications vary, with some programs winning free programs as well.

The Office hub is being exploited by hackers

Office users should be cautious today. One of the programs that is part of this is a dangerous mistake. This is where hackers began massively harassing themselves in the Czech Republic, security experts at the anti-virus company Eset warned.

What is striking about the whole case is that the flaw is not new at all – it is a crack that was known earlier this year and which they patched a few months ago.

Office Office suite

Photo: manufacturer's archive

Its installation, however, is not taken care of by most users, which greatly simplifies the work of hackers. Basically, people who have not yet installed the patch unwittingly leave a computer pirate's back door open in their system.

Eset analysts have detected the threat since February this year. Then Win32 / Exploit.CVE-2017-11882 exploit appeared on the network, exploiting the crack. Exploit is a special hacking program that allows cyber invaders to exploit a detected crack in the system.

By the end of May, the share of Win32 / Exploit.CVE-2017-11882 in detected threats was between 4 and 5 percent, and in the last month the incidence has increased significantly. Currently this uninvited visitor is behind every 11th attack on the home internet, its share is 9%.

Thus, by exploiting vulnerabilities, an attacker can in practice gain control of the system, smuggling virtually any malicious code into the affected operating system. However, using spyware, users can easily monitor users, access stored data on disk, or simply remotely take down the entire system.

Therefore, users should not hesitate to delay installing an update that can be downloaded through Windows Update.

A horse from a Trojan bank has learned new pieces

Already last summer, security experts discovered a dangerous Trojan horse from a bank called DanaBot. While it may seem that after such a time the threat has prevailed, the exact opposite is true. This is because cybercriminals are constantly improving and deploying them over and over again. Informed by experts from cyber security company Check Point.

DanaBot originally focused exclusively on stealing bank account credentials. He sank into his computer, trying to keep it a secret for as long as possible, so that customers were unaware of it, and he was lurking at his chance to take money from bank customers.

Photo by Thomas Peter, Reuters

But that has changed now. "We have been analyzing DanaBot since August 2018, and recently discovered that some bots deployed in Europe have started using an executable file that appears to be ransomware written in the Delphi programming environment," explained researchers from the Check Point research team.

Today, this uninvited visitor can make even more misconceptions on the computer than before. It can steal credentials from browsers and FTP clients, collect cryptic wallet credentials, run a proxy on an infected computer, and redirect internet traffic, or take screenshots or upload video work to a PC.

According to security experts, this Trojan horse is the most common for users to access the computer themselves, as it often spreads as an attachment to spam. This troubleshooter finds a way to a disk on their computer when users open the attachment.

DanaBot has expanded across Europe, Australia, New Zealand, the US and Canada, according to a Check Point analysis.

The LoudMiner mining virus targets users of illegal programs

Malicious code LoudMiner is targeted only to users who use pirated versions of professional audio editing tools. The threat affects not only Windows PC owners, but also Apple's MacOS. This was pointed out by security experts at the antivirus company Eset.

LoudMiner belongs to the category of so-called mining viruses. In other words, this malicious code tries to remain anonymous for as long as possible so that no one can come across it. Attackers try to leverage the performance of an infected computer through an uninvited visitor.

Illustration photography

Photographed by Steve Marcus, Reuters

Typically, cybercriminals misuse a graphics card or processor for self-enrichment. Mining earns virtual coins, which can then be exchanged for real money. On the Windows platform, it uses VirtualBox virtualization software, on the macOS operating system it uses the QEMU system. The mining itself takes place on a virtual machine running Tiny Core Linux, security experts said.

"Maloud LoudMiner targets users who use audio editing applications for a fairly simple reason. They are assumed to have the higher processing power that these software tools typically need, "explained Marc-Etienne M. Léveillé, Eset's malware analyst.

In addition, given the high performance of such kits, people may not even know that their system has slowed down. "Using a virtual device instead of another solution is extraordinary, and it's not something we usually encounter," Léveillé said.

Agent Smith noticed 25 million devices unnoticed

Researchers at Check Point, a cybersecurity company, have discovered malicious code that has infected 25 million devices unnoticed. The new threat is called Agent Smith and he makes significant money for the attackers by displaying false advertising.

The malware, categorized as Agent Smith based on the iconic Matrix movie, focuses exclusively on mobile devices running Google's Android. Attackers know full well that people often underestimate the security of smartphones and tablets, and that few people protect their devices from mobile malware.

Illustration photography

Photographed by Steve Marcus, Reuters

This is probably why an uninvited visitor has already managed to infect a large number of devices. The most serious situation is in India, where Agent Smith has contracted a total of 25 million devices to 15 million devices. The remaining 10 million come from other parts of the world, whether there are Czechs among the victims, but this is not clear at this time.

However, the virus was found in Pakistan, Bangladesh, England, Australia and the US.

Researchers have discovered that the newly discovered threat is disguised as a Google application, the malware uses known Android vulnerabilities and automatically replaces installed applications with malicious versions without users knowing or requiring any of their activities.

In other words, a user with no antivirus installed has little chance of knowing that his or her device is infected – simply because the virus has replaced a legitimate application with a fake application. "Malicious attacks have uninstalled applications unnoticed, so it can be difficult for ordinary users to combat similar threats," said Petr Kadrmas, Check Point's regional security manager.

The number finder couldn't do anything, it was a money machine

Without exaggeration, the money machine was created by fraudsters operating under the brand name of POZTechnology developer. They created a number finder application that promised people would find out who was calling them from an unknown number. In fact, it was just a way of withdrawing funds from a caregiver. This was noted by researchers at Avast's Mobile Threat Intelligence.

The number finder was designed exclusively for Google's Android operating system, and despite being harmful, it also appeared on the official Google Play web store. More than 11 million people have taken it here, according to security experts.

Illustration photography

Photo by Rick Wilking, Reuters

When people installed the program on their device, they had two options to continue. One option was a monthly subscription that required prepay information. Alternatively, close the subscription window and provide only the number that the application needs to pair with the individual when the user purchases a subscription.

"When a user enters a test number, whether valid or false, the Number Finder will always display the same message: & # 39; One person is associated with that number. & # 39; To convince the user to pay a monthly subscription for the service and see whose number it is, "security experts warned.

However, the user experience suggests that even after subscribing to the service, the application cannot pair the number with the caller ID, although the developers in the description state otherwise. "The app has no other functionality to offer subscribers," security experts said.

Therefore, the fraudsters' sole motive was to receive money from the guardian. As mentioned earlier, the application was downloaded by 11 million people. How much they have unnecessarily paid for the program is not yet known.

Ten Safe Internet

first Regular updates throughout your computer are important. They must be downloaded for the operating system, firewall, antivirus and other programs.

else Some viruses can block the security software on your computer. Therefore, it is advisable to check regularly that it works.

the third Malware is often spread through spam. If you don't know what your email address is, never download the attachment and click any link.

4th Be careful with emails asking the sender to sign in to the site and update your account information.

5th When entering passwords on the site, make sure the site is secure. This can be recognized, for example, by using the lock icon on the browser toolbar or starting with https, where "s" means secure.

6th Only enter sensitive personal information into secure sites.

7th Emails do not contain confidential information, such as your credit card number or bank account password. An attacker can intercept the email.

8th A firewall allows you to better protect your operating system. Less experienced users should definitely not rule it out. In case of insufficient knowledge it is advisable to let it operate in automatic mode.

9th Do not sign up for Internet banking at internet cafes and foreign computers. Keyloggers can be installed on your computer.

10th Caution is required when connecting to non-encrypted wireless networks. Anyone can eavesdrop on them and get access to all the data on another computer.


Source link