Zeus Malware Gang take-down

Zeus is no longer a god of malware; he’s been taken down by law enforcement agencies spanning six European nations. Five people were recently arrested—believed to have infected tens of thousands of computers across the globe. There have been 60 total arrests pertaining to this cybergang.

They also used malware called SpyEye, and that, along with Zeus, stole money from major banks. This was a clever operation that included ever-changing Trojans, and mule networks.

Another malware that was asphyxiated was the BeeBone botnet, which had taken over 12,000 computers across the world.

We can thank the Joint Investigation Team for these successes. And they don’t stop there. The JIT put a stop to the Ramnit botnet, responsible for infecting 3.2 million computers globally.

The JIT is comprised of judicial authorities and investigators from six European nations. The cybergang is believed to have its origins in Ukraine. This crime ring was sophisticated, repeatedly outsmarting banks’ revisions of their security measures. Each crook in this ring had specially assigned duties and caused total mayhem to their victims. They even sold their hacking expertise and recruited more thieves. This was one hefty cybergang.

The six nations that are members of JIT are the UK, Norway, Netherlands, Belgium, Finland and Austria. The investigation began in 2013 and had a most thrilling ending. And it wasn’t easy. Here’s some of what was involved in this investigation:

  • Analysis of terabytes of data (one terabyte = one million million bytes)
  • Forensic analysis of devices
  • Analysis of the thousands of files in the Europol Malware Analysis System
  • Operational meetings and international conference calls

But the game isn’t over; there are still more cybergang members out there, and JIT will surely hunt them down by analyzing the mountainous load of data that was collected from this investigation. The funding comes from Europol and Eurojust. In fact, Eurojust has provided legal advice and was part of the composition of the JIT Agreement.

Other countries were instrumental in achieving this capture: Latvia, Estonia, Moldova, Poland, Germany, Ukraine and the U.S.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Signs You have Malware and what You can do

Not all computer viruses immediately crash your device in a dramatic display. A virus can run in the background, quietly creeping around on its tip-toes, stealing things and messing things up along the way. If your computer has a virus, here’s what may happen:6D

  • Windows suddenly shuts down.
  • Programs automatically start up.
  • Some programs won’t start at your command.
  • The hard disk can be heard constantly working.
  • Things are running awfully slow.
  • Spontaneous occurrence of messages.
  • The activity light on the external modem, instead of flickering, is always lit.
  • Your mouse moves all on its own.
  • Applications in your task manager are running that you don’t recognize.

If any of these things are happening, this doesn’t automatically mean a virus, but it does mean to be on the alert.

If you have antivirus software (and if you don’t, why not?) it should scan your computer on a pre-programmed routine basis and automatically download updates. Antivirus software truly works at keeping the bugs out or quarantining one that gets in.

We will never eradicate the computer virus (a.k.a. malware) as it is always evolving to be one step ahead of antivirus software. This is why you must not sit back and let the antivirus software do 100 percent of the work. You should play a part, too.

  • Every day without fail, run a scan of your computer. This would be a quick scan, but every week you should run a deep scan. These scans can be programmed to run automatically, or you can run them manually.
  • You can have the best antivirus software in the world that runs scans every day, but it’s worthless if you shut it down and then open those iron gates and let a virus in. This will happen if you click on a malicious attachment in an e-mail from a sender posing as someone you know or posing as your bank, employer, etc. Never open attachments unless you’re expecting something from someone you know. If you open a malware laced attachment it will download a virus. And by the way, hackers are very skilled at making an e-mail appear like it’s from someone you know.
  • Never click on links inside e-mails unless it’s from someone you know who regularly sends you links, and even then, be alert to any anomalies, such as, for example, this person always includes a subject line, but one day, it’s blank. Should you open the attachment? Contact this person in a new e-mail chain to see if they just sent you something. And never click on links that are allegedly sent from your bank, a retailer, the IRS, etc. A malicious link could download a virus or lure you to a site that, once you’re there, downloads a virus.

Set your e-mail program to display text only, so that it will alert you before any links or graphics are loaded.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Is your Website and Data secure?

Imagine a lifeguard at the beach sitting on his perch. His job is to patrol and monitor for signs of trouble. He sees a surfer being attacked by a shark. Wow, a lot of good it does that he’s in a completely helpless position; by the time he scrambles off his perch and runs towards the water, the victim has bled out. Ouch.

2DThis is the same concept behind cyber crime. By the time a business or everyday Internet user realizes they’ve been hacked…major damage has been done. We can’t just be reactive. We have to be preventive.

The damage can destroy a business, not to mention take down the everyday persons website who did not have their prized and sensitive data, blogs, or photos backed up.

Forbes points out that over 60 percent of small businesses, after a serious data breach, go belly-up within a year, cyber crime is a major threat to medium-size businesses as well.

Companies worry a lot about their product and service, but are slowly coming around to the idea that a potent draw to potential customers and clients is the advertising of powerful IT security to fight off data breaches.

Customers and clients (and potential) want to know what a company is doing for prevention, not just what it’ll do after the attack.

What if you can’t afford a top-flight IT team? There are still things you can do for your business’s safety as well as for your home computer’s safety.

  • First off, back up all of your data.
  • Use antivirus software and make sure it’s always updated.
  • Use antispyware, antiphishing and a firewall and make sure that’s always updated as well.
  • If you have a website, scan that with your antivirus/malware or have your host provider do it. A website and web applications can be attacked by hackers.
  • Update to the latest version of the sites primary software and plugins.
  • An unexplained spike in traffic to or from your network is a red flag.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

What is a Potentially Unwanted Program (PUP)?

Whether you’re an animal person or not, you have to admit that puppies are pretty darn cute. So cute that there are YouTube Channels, Facebook accounts, and Buzzfeed newsletters devoted to the subject. Unfortunately, there’s a not so cute PUP out in the world, and it wants access to your device. What I’m talking about is a potentially unwanted program (PUP). What is an unwanted program? It’s software or an app that you don’t explicitly want on your device. PUPs usually are bundled with freeware and often installs without your permission.

1SNote: PUPs are not malware. The main difference is that you give consent to download the PUP, even though you might not know about it if you don’t read the agreements or installation process thoroughly.

So if PUPs aren’t malware, why are they bad? Some PUPs contain spyware including keyloggers, dialers, and other software to gather your information which could lead to identity theft. Others may display annoying advertisements on your device. Even if the PUP doesn’t have any malicious content, too many PUPs can slow down your device by taking up space on your device and it can weaker your device’s security, making you vulnerable to malware.

Companies or hackers use several techniques to get you to download PUPs. One technique is offering multiple installation options. Although the standard or default options may be highly recommended by the company or hacker, it is usually the custom or advanced option that is PUP-free. Another trick is automatically including PUPs in the installation. You have to uncheck the boxes to opt-out of the PUP. Sometimes they will gray the opt-out option so it looks like you can’t get out of downloading a PUP. Other companies will sneak clauses about PUPs into the end user license agreement. This means when you click to agree with their user terms, you also agree to download PUPs.

Here’s some tips on how to make sure you don’t get a PUP.

  • Be picky. Hesitate before downloading any freeware. Do you really need that Guardian of the Galaxy wallpaper for your laptop? Be vigilant and only download from trusted sites.
  • Customize. When downloading a program, it may be tempting to use the standard or default installation, but this version usually includes downloading programs you don’t need. Choose the custom installation.
  • Opt out. Instead of asking you to opt in to PUPs, companies will automatically include the PUPs in the installation; it’s up to you to say no. For example, a freeware program might recommend that you install a free browser add-on andbelow this statement will be a box that is checked that indicates you want to install the add-on. If you don’t uncheck the box, you can potentially download a PUP you may know very little about.
  • Read the fine print. Read the End User License Agreement before you accept it. There may be a clause about PUPs.
  • Have comprehensive security software. Install security software that works for all of your devices, like McAfee LiveSafe™ service. McAfee LiveSafe can detect PUPs and remove them from your device.

Remember it’s much more fun to snuggle with furry pups rather than the computer code kind.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

What is a Rootkit?

A rootkit is a kind of software that conceals malware from standard detection methods. A good analogy for a rootkit would be a burglar breaking into your house. The burglar is dressed all in black, so that his form blends into the darkness. He tiptoes around to hide his sounds so he’s more likely to go undetected as he steals your belongings. But unlike the burglar, who usually takes your stuff and leaves, an efficient rootkit can stick around for years doing its work, robbing your computer or mobile device of data.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813How do you get a rootkit? One way is via a , or a malicious file that looks benign, like a plug-in that you download or an opening an email attachment. Rootkits can also be spread through infected mobile apps.

Once downloaded, a  rootkit will interfere with your device’s functions, including your security software. If you run a security scan, a rootkit will often prevent your security software from showing you this information so you’ll have no idea that malware is running on your device.

Because of this, it is difficult to detect a rootkit. Detection methods include looking for strange behavior on your device or scanning your device’s memory. If you do believe that you have a rootkit on your computer or mobile device, you can either reinstall your operating system (after backing up your data, of course) or use a rootkit removal tool like

  • Don’t open suspicious links or attachments. Although they might look harmless, they could have malware installed on them.
  • Keep your OS updated. Make sure that you install the latest updates for your operating system and any hardware updates that are available for your device as these often close up security holes.
  • Install comprehensive security software. Security software, like McAfee LiveSafe™ service, can safeguard your computer or mobile device from rootkits. Make sure to keep your software updated against new threats.

For more security tips and news, check out the Intel Security Facebook page or follow them on Twitter at @IntelSec_Home.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

5 Reasons why You will get Hacked

Don’t be part of the “I’ll never get hacked” camp. Do you really think it won’t happen to you? If so, it’s:

4DBecause you think no phishing e-mail could get past your radar. Just because you can spot a Nigerian scam doesn’t mean you can’t be tricked. Phishing campaigns today are ingenious and sophisticated, and include information about the recipients, fooling them into thinking these e-mails are from their friends or associates. These messages will blend right in with all your other legit messages as far as content and appearance, which include good spelling and grammar.

Because you think you’re not a target. You think you’re too little a fish in a sea of gargantuans for a hacker to be interested in you. However, every fish in the sea, including the tiniest, is a potential target. Sometimes, all a hacker wants is someone else’s e-mail from which to send spam.

Because you think deleting your cookies will keep you from getting targeted. This is like saying your house can’t get broken into because the second story windows are locked. But what if the first floor windows, and the front door, are open? Intruders will find other ways to cyber track you than cookies. For example, your IP address can identify you, which is why it’s always good to run Hotspot Shield to mask your IP address and protect your data on free WiFi. Second, your computer and browser have your unique fingerprint.

Because you think you’re invulnerable with firewall and antivirus software. Did you know that in some cases the best anti-malware detection, especially for larger business networks, spot only 45 percent of attacks? Keeping in mind you have to have antivirus, antiphishing, antispyware and a firewall as necessary layers of protection.

Because you think that avoiding Internet back alleys will keep you protected. Just like a mugging can occur in broad daylight in a busy mall parking lot, so can deposition of malware in that this is many times more likely to occur as a result of visiting popular online shopping sites and search engines, when compared to phony software sites. And if you spend a lot of time on porn sites, consider yourself infected.

Don’t Be a Myth Head

A smart, sophisticated cyber criminal will go after smart, sophisticated users, not just the dumb ones. Don’t let your guard down for a second. There’s always someone out there who’s smarter than you—or, at least—smart enough to trick you, if you become lax.

One step forward is to just commit to never, ever clicking on any links inside of e-mails. And when you receive an e-mail with an empty subject line, even if the sender is apparently your mother…don’t open it. Instead, send her an e-mail and ask her if she sent you one with a blank subject line. And even then, don’t open it, because you just never know. Protecting yourself takes a little more time, but remember, a stitch in time saves nine. Which frankly, I really don’t know what that means, but it sounds good right here.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

USB Drives have serious Security Flaws

That little thing that you stick in your computer to store or transfer data can also mean very bad news.

3DThe USB device or “flash drive” can be reconfigured to work like a little thief, for instance, being made to mimic a keyboard and take instructions from the master thief to rip off data or install malware. It can be made to secrete a virus before the operating system boots up, or be programmed to alter the computer’s DNS setting to reroute traffic.

There’s no good defense for these kinds of attacks. The firmware on the USB devices can’t be detected by malware scanners. Biometrics are out because when the firmware changes, it simply passes as the user plugging in a new flash drive.

Cleaning up the aftermath is no picnic, either. Reinstalling the operating system doesn’t resolve the problem because the USB device, from which installation occurs, may already be infected. So may be other USB components inside one’s computer.

Whitelisting USB drives is pointless because not all have unique serial numbers. Plus, operating systems lack effective whitelisting mechanisms. Also, Malicious firmware can pass for legitimate firmware.

To prevent a bad USB from infesting a computer, the controller firmware must be locked down, unchangeable by an unauthorized user. USB storage devices must be able to prevent a cybercriminal from reading or altering the firmware. It must make sure that the firmware is digitally signed, so that in the event it does become altered, the device will not interface with the altered firmware.

  • Watch your USB drive – don’t set it down and make sure you keep track of it so it’s not lost or stolen.
  • Disable auto-run – Turn off auto-run on your computer so that if a USB drive has malware, then it won’t automatically be transferred to your machine.
  • Be careful who you share your USB drives with – Be careful what computers you place your USB drive in and who you let borrow your USB drive.
  • Use comprehensive security software – make sure your security software not only scans your computer for threats, but also any drives that are attached.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

What to do in the Aftermath of an Attack

Can you hack cleaning up the mess a hacker makes after infiltrating your computer? Would you even know the first thing to do? And yes, YOU’RE computer CAN be hacked.

2DAfter the attack, locate the portal through which the crumb-bag entered. This could be the e-mail program or browser. This may be easier said than done. Give it a shot.

Next, this portal must be disconnected/uninstalled from the Internet to prevent it from getting into other systems. Look at your Task Manager or Activity Viewer for any suspicious activity. The CPU usage must be checked too. If it goes way up, you’ll have a better chance of detecting fraudulent activity. It helps to know how your computer runs so that you know what’s typical and what’s atypical.

Otherwise head over to Microsoft’s Malicious Software Removal Tool page here: http://www.microsoft.com/security/pc-security/malware-removal.aspx

After severing ties with the hacker or hackers, take inventory of their destruction.

  • Make sure that your anti-malware and antivirus systems are up to date, and enabled. Do a full system scan with both systems.
  • If something looks odd, get rid of it. Malware will continue downloading if there’s a browser extension or plugin. Inspect every downloaded item.
  • Change every password and make it unique and long.
  • Log out of all your accounts after changing the passwords.
  • Clear the cookies, cache and history in your browser.
  • Be on the alert for strange goings-on, and do not open suspicious e-mails, let alone click on links inside them.
  • If things are still acting strange, wipe your hard drive. Reinstall the operating system. But not before you back up all your data.

Preventing an Attack

  • Have a properly configured firewall.
  • As mentioned, never click links inside of e-mails, even if they seem to be from people you know. In fact, delete without opening any e-mails with melodramatic subject lines like “You Won!”
  • Have both anti-malware and antivirus systems, and keep them up to date.
  • Use long, unique passwords.
  • Never let your computer out of sight in public.
  • If, however, your device is stolen, it should have a remote wipe feature.
  • Give your data routine backups.
  • Be very cautious what you click on, since links promising you a spectacular video can actually be a trap to download a virus into your computer.
  • Use Hotspot Shield when you’re on public Wi-Fi to scramble your communications.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Malware and Phishing Warnings in Chrome Browser to be changed by Google

Google normally displays a malware and phishing warning in the Chrome browser. There are plans, though, to alter the display. Currently it’s a white warning against a red background. The new display will be an entirely red page, with a big X at the display’s top. These warnings tell the user that the site they’re about to visit may try to install malware or con you into giving up personal information.

13DThe new warning, like the current one, gives users the option to skip it and go to the website, but they must first acknowledge what they’re about to do.

Though a date for the changes hasn’t been set, they can be viewed on the Dev and Canary builds of Chrome.

The changes are designed to better indicate to users that an attack might happen, rather than make them think that one already has happened. After all, a malware warning should not scare you away, but instead, inform. Nevertheless, many malware warnings get ignored anyways.

A study showed that people were twice as likely to bypass a warning if the website was already part of their browsing history. This indicates that users are not so likely to believe that a previously visited, and especially popular, site could be threatening.

The study recommends that warnings should be formulated to let people know that even “high-reputation websites” can be malicious, poised to download a virus or deceive you into giving out your Social Security number.

The malware and phishing warnings on Chrome will perhaps always be in a state of further development.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Malware Can Hide in the Most Obvious Places

You never know when malware will bite. Even browsing an online restaurant menu can download malicious code, put there by hackers.

6DMuch has been said that Target’s hackers accessed the giant’s records via its heating and cooling system. They’ve even infiltrated thermostats and printers among the “Internet of Things”.

It doesn’t help that swarms of third parties are routinely given access to corporate systems. A company relies upon software to control all sorts of things like A/C, heating, billing, graphics, health insurance providers, to name a few.

If just one of these systems can be busted into, the hacker can crack ‘em all. The extent of these leaky third parties is difficult to pinpoint, namely because of the confidential nature of the breach resolution process.

A New York Times online report points out that one security expert says that third party leaks may account for 70 percent of data breaches, and from the least suspected vendors, at that.

When the corporation’s software remotely connects to all those other things like the A/C, vending machines, etc., this is practically an invitation to hackers. Hackers love this “watering hole” type crime , especially when corporations use older systems like Windows XP.

Plus, many of the additional technological systems (such as video conference equipment) often come with switched-off security settings. Once a hacker gets in, they own the castle.

The New York Times online report adds that nobody thinks to look in these places. Who’d ever think a thermostat could be a portal to cyber crime?

Security researchers were even able to breach circuit breakers of the heating and cooling supplier for a sports arena—for the Sochi Olympics.

One way to strengthen security seems too simple: Keep the networks for vending machines, heating and cooling, printers, etc., separate from the networks leading to H.R. data, credit card information and other critical information. Access to sensitive data should require super strong passwords and be set up with a set of security protocols that can detect suspicious activity.

Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.