Image via Flickr user Marjan Krebelj

Lately we’ve been inundated with headlines of identity theft, hacked financial institutions, and general digital insecurity. It’s enough to ask why software developers can’t create the perfect code; code without vulnerabilities or room for error; code that is unhackable.

According to a recent story published by CNN Money, it already exists—at least in theory. Security professionals already use encryption that replaces each character of plain text with one or more characters from a secret random key. The resulting code is called ciphertext and if it’s as large as, or larger than, the plain text, if it is truly random, and if no part is reused, it would, in theory, take a supercomputer 150 years to crack it.

So if a code couldn’t be cracked within our lifetime, that sounds like ironclad protection, right? Unfortunately, wrong. According to security experts, there is a big difference between code that can’t be hacked, and code that just hasn’t been hacked yet.

Cybercriminals are smarter and more sophisticated than they were even five years ago and the tactics they employ are harder to defend. To stay ahead, security firms have to implement techniques they previously considered part of their future long-term strategy and they must prepare for the future.

Mathematicians estimate that in the next 10 years, we could see the implementation of quantum mechanics as applied to decryption. If successful, hackers could employ these theories to speed up a supercomputer’s analytics so that it would solve in seconds encryptions that are currently considered “uncrackable.”

Even within the limitations of the present security landscape, experts contend that the weakest link isn’t the code, it’s us. If we have a simple password or insist on using the same login information for every account we’ve ever opened, even the most sophisticated security software won’t protect us from the modern-day hacker.

So what do we do? We use different passwords for each account and we change them regularly. It sounds cumbersome and problematic, especially if you have numerous accounts and a bad memory, but it’s a necessity in the new cyber reality. If you have trouble coming up with unique passwords that you can remember, there are programs that do it for you.

PC Tools has a Password Generator that will create secure and diverse logins for each site you access. The Secure Password Generator is free and provides one-off unique passwords, utilizing a combination of upper and lower case letters, numbers and punctuation symbols. Once you have generated a password, you must save a copy in a safe place because it cannot be recreated.

Bottom line, security firms and software developers alike are doing their best to protect our information. They are improving technology and anticipating future attacks, but they can only do so much and the rest is up to us. Help the process along. Use unique and complex passwords, and change them frequently, and it won’t matter what hackers get a supercomputer to do.

Posted in Hackers | Tagged , , , | Leave a comment

Events like the recent spat of earthquakes and hurricanes in the United States inspire curiosity, especially when it’s so easy to find information these days. However, any time there’s a topic with a high volume of search traffic, cybercriminals swoop in like a bunch of vultures at a recently discovered carcass.

Cybercriminals know that topics like natural disasters will draw a lot of people seeking information, and they take advantage of these web surfers’ curiosity and naiveté with malware-laden ruses. Here are a few tips to employ when surfing the web, particularly if you’re researching a major current event:

  • Look out for any photos or videos that claim to be “just released” or “exclusive.” These days, with more and more news footage coming from individuals’ mobile devices, we are more susceptible to false claims that a photo or video is “never before seen.” Many people naturally want to be the first to see something astounding–but be very wary. Always look for signs that a photo or video is legitimate (like checking that its source is valid), and remember that if something is truly worth seeing, you’ll probably be able to find it on a site you know is reputable.
  • Along the same lines, always verify the legitimacy of a website before interacting with it. A little bit of researching on the web can help you figure out if a site is trustworthy.
  • Be cautious around posts or messages you see on social networks—even if they appear to be from “friends.” Cybercriminals know how to hack into accounts and send fraudulent messages to everyone in the victim’s list of contacts. Making matters worse, they’re often generic enough messages that they seem tailored to the recipient, and usually contain malicious links or files. Cybercriminals similarly take advantage of trending topics to spread malware, so remember that just because a link has an #earthquake hashtag, it doesn’t mean that it’s safe to click.
  • Always be careful when a site asks you for credit card information. While you should always check the legitimacy of any site you visit, be especially wary of fake donation sites that sprout up after natural disasters and other tragic events. These fraudulent sites are used to take advantage of compassionate people who just want to help in a time of need. If a site is asking you to provide credit card information, make sure that it’s a valid site and organization (cybercriminals are getting pretty good at impersonating established organizations’ sites). Look out for cleverly misspelled domain names before submitting any personal information. One good way to ensure that you’re visiting the real deal is to find the organization’s site in a new browser window. Also, check to see that it’s encrypted with a secure HTTPS connection.

If you regularly read articles on computer security, you’ve probably seen similar posts before. Unfortunately, such advice bears repeating. This time around, the bait to look out for is anything related to natural disasters like earthquakes or hurricanes.

Posted in Malware Alerts | Tagged , , , | Leave a comment

If you didn’t get to your computer during spring cleaning, now’s the time to get organized. Don’t know where to start? Read below for a few pointers:

1. First, delete any unnecessary items. The more programs and files you have on your computer, the slower it will run. Make sure to empty your Recycle Bin regularly so that files don’t accumulate and slow down your system. Video files also take up a lot of memory, so be sure to delete any movies, television shows, or podcasts that you no longer watch. If you’ve downloaded software in the past, be sure to delete any programs that you don’t need or use anymore.

2. Make sure to clean out your email folders regularly. Delete old, unnecessary emails and unsubscribe from email newsletters that you don’t read. Learn how to identify and block spam emails within your email provider so that you don’t continue receiving them.

3. Strive to keep files in folders. When files start to accumulate on your desktop or in a general documents folder, you can forget what they are, and as a result, whether or not you should delete them. Remember, you can always check when a file was first created, modified, or accessed.

4. Try using tools like those included in PC Tools Performance Toolkit to keep your computer running smoothly. This type of software helps speed up your computer and optimize its performance, among a host of other benefits.

5. Attempt to keep the number of programs you use simultaneously to a minimum. Although tempting, too much multitasking can cause your computer to slow down and even crash.

Although these suggestions might seem somewhat tedious now, they are sure to save you time and frustration in the future. Do you have any tips to share?

Posted in How To's | Tagged , , | Leave a comment

From precious photos to important work documents, a computer’s hard drive typically contains heaps of priceless data.  That’s why losing everything in the hard drive is a great fear for many—especially those who haven’t taken precautions to back their files up, either in the cloud or on an external hard drive.  A new piece of malware called Trojan.Fakefrag capitalizes on this fear with a pretty elaborate ruse.

Continue reading

Posted in Malware Alerts | Tagged , , , | Leave a comment


Image via Flickr user ♀Μøỳαл_Bгεлл♂

These days, mobile phones are capable of sending emails, checking Facebook, playing streaming music, and a whole bag of other tricks.  They’re essentially small computers that transport your digital persona wherever you go.  The emergence of the smartphone has seemingly taken place overnight, and they’re only becoming more ubiquitous over time.  Unsurprisingly, as they become more widespread among consumers, cybercriminals and malware authors are increasingly looking to capitalize on their rising popularity. Continue reading

Posted in Virus News | Tagged , , , , | Leave a comment

By Steve Espino – PC Tools Malware Research Team

Stealthy malware can redirect web search results to websites other than what was initially being searched for. The user may be redirected to advertising websites, fake antivirus sites, and some completely unrelated sites which generate revenue for the remote attackers and their partners.

The malware writers are able to execute this attack using various methods, for example: malicious browser plugins, infected executables and system files, rootkit malware, and also router-based malware.

TDSS

Most prevalent attacks that redirect web search results are TDSS-related. TDSS infections can be particularly trivial as they can mask their presence on the affected computer which makes it virtually undetectable.

Symptoms of infection apart from web search result redirection are unresponsive computers, inaccessible or missing files and folders, inactive antivirus software, inaccessible security-related websites, and frequent Windows crashes (BSOD).


Using GMER tool, unmasking TDSS

For more examples of TDSS infections and changes made to the affected system, you can refer to our ThreatExpert system.


PC Tools Spyware Doctor detecting a variant of TDSS

Information Theft

Since the network traffic has been hijacked, the remote attackers have the ability to collect sensitive information such as usernames and passwords, credit card details, online banking credentials etc. These are regarded as commodities in the underground communities, and again generate revenue for the remote attackers.

Router-Based Malware: Same Target, Different Approach

Although an increasing number of people are taking steps to secure their online environment, one step that most people probably overlook is securing their router/modem. Most of these devices are kept in a state that they have been shipped in.

Sneaky malware writers are aware of the fact the most router/modems are being used with default settings and/or have weak passwords, and are exploiting this vulnerability. This allows a remote attacker to make changes to the router/modem to their liking. They can even turn it into a zombie as part of bot network responding to remote commands, all without the users’ knowledge.

This is an approach where attacks are targeted against router/modems and not the actual computers, which can make detection a challenging task.

Router Cleanup

If the router/modem has been compromised there are necessary steps to perform in order to secure the device. But before doing anything, you need to make sure you have your internet connection configuration details from your Internet Service Provider (ISP) and ensure that you have your router/modem device user manual with you. If you have these details in digital formats, it might be a good idea to print these out as your may lose your internet connection if the settings are not properly configured.

While performing these steps you will be required to access the router/modem device web interface which can be accessed via the web browser using the following common IP addresses:

1. 10.0.1.1

2. 192.168.0.1

3. 192.168.1.1

4. 192.168.2.1

And if the device administrator credentials have been left as factory-default, the following would be the common credentials:

User: admin

Password: password

These settings may vary depending on the device being used and it always recommended to refer to the device user manual for correct settings.

To be on the safe side, it is recommended that a wired connection to the router/modem device be used while performing these steps:

1. Clear your computer’s DNS resolver cache
To speed up domain name resolution for frequently-visited websites, results of name resolution request are cached and may contain malicious entries causing the web search result redirection:

On the command prompt enter: ipconfig /flushdns

2. Reboot the router/modem
Some malware run in the router/modem memory so rebooting the device may sometimes do the trick.

Refer to the device user manual for instructions.

3. Update the device firmware
Firmware updates, often fixes bugs and address vulnerabilities that make them immune to this attack. Refer to the device user manual for instructions on how to get the latest firmware for your device. If your device has an option to automatically check and install updated firmware make sure to have that enabled.

4. Restore device to factory-default settings
This reverts the device to factory-default condition, erasing traces of the malware.

Refer to the device user manual for instructions.

5. Reconfigure internet connection settings
Please refer to instructions as specified by your ISP for the proper configuration.

6. Change the default admin password on the device
Remote attackers already know the default credentials for  ‘fresh’ devices and easily crack weak passwords. It is highly recommended to use secure passwords. You may use the PC Tools Secure Password Generator.

7. Reconfigure your wireless connection
Depending on the device you are using, you might need to reconfigure your wireless connection before you can use it. Refer to your device user manual for configuration details and  don’t forget to use secure passwords.

Fix TDSS-Related Web Search Redirection Using PC Tools™ HIT Scan

PC Tools™ HIT (Hidden Intrusive Threat) Scan is a powerful tool that exposes threats by detecting anomalies in the file system that would otherwise have been left undetected by conventional antivirus software.

The tool can be freely downloaded but PC Tools customers have the option to send the HIT Scan logs to our customer support representatives for further assistance if required.

For more information on how to obtain and use HIT Scan to fix TDSS-related web search redirection on your computer please refer to this document.

Protection

To ensure that your computer is appropriately protected, please take the necessary steps and ensure that all the relevant software in use have the latest updates and patches. The latter steps are necessary to patch known vulnerabilities and protect your computer from possible security thefts.

For the latest critical and security updates for Microsoft Windows, please use Automatic Updates or visit the following site.

It is also important to keep your antivirus software up-to-date with the latest versions and definitions.

Here are some of our free solutions:

PC Tools Patch Scanner – scans your computer for missing Windows updates.

PC Tools™ AntiVirus Free 2011 – free antivirus solution

Alternate Operating System Scanner (AOSS) – PC Tools utility for scanning rootkit malware  that may otherwise be invisible while the computer is running

Browser Defender – PC Tools toolbar that allows you to surf safely by displaying site ratings as you browse the Internet.

For more software to keep your PC and identity secure against TDSS and other malware, please visit: http://www.pctools.com/pc-software

Posted in Malware Alerts | Tagged , , , , , , | Leave a comment

Image courtesy of Flickr user Rev Dan Catt

Businesses be warned: according to the FBI, hackers have stolen millions of dollars from small to medium-sized American companies by making unauthorized bank transfers to Chinese companies.  While it’s not a new technique, the fraudulent wire transfers are unique in that they’re all going to China and have cost American businesses about $11 million.

Continue reading

Posted in Virus News | Tagged , , | Leave a comment

Image courtesy of Flickr user indi.ca

Fake AVs have been tormenting PC owners for years.  And they have now finally made their way to the Mac. A fake antivirus designed to look like a real Mac OS X application emerged recently under the name “MAC Defender.” Continue reading

Posted in Malware Alerts | Tagged , , , | Leave a comment

Image courtesy of Flickr user Sam Howzit

Just like that, almost 80 million PlayStation owners became victims of one of the biggest cases of data theft ever.  The data robbery occurred between April 17th and 19th, and Sony had to deactivate the PlayStation Network in order to minimize damage and investigate the breach.  As a result, Playstation Network aficionados not only had to endure several days of no online gaming; they also had compromised personal info.

Continue reading

Posted in Virus News | Tagged , , , | Leave a comment

Image courtesy of Flickr user swanksalot

While the news that U.S. forces killed Osama bin Laden probably came as a big surprise to all of us, the use of the topic to spread malware should be a surprise to no one at this point.  As with other major news events, cybercriminals were very quick to poison search results and propagate malware following the newsbreak. Continue reading

Posted in Malware Alerts | Tagged , , , , | 1 Comment

Image courtesy of Flickr user debaird

The plot in the ongoing Stuxnet story thickens…  Iranian officials have not only recently accused the U.S. and Israel of creating the Stuxnet worm as a direct attack on Iranian industry, but a high-ranking Iranian official now says that Iran has sustained a second cyber attack.

Continue reading

Posted in Virus News | Tagged , , , | Leave a comment

Image courtesy of Flickr user RambergMediaImages

As consumers become less and less responsive to email marketing campaigns from large companies, these companies, in turn, are outsourcing their online marketing efforts to 3rd party specialists.

Continue reading

Posted in Malware Alerts | Tagged , , , | Leave a comment

Image via.

Any time there’s an upcoming movie with an extremely dedicated fan base, you can expect to find cyber-crooks trying to take advantage of the fanaticism to make money.

Continue reading

Posted in Malware Alerts | Tagged , , , , | Leave a comment

Image courtesy of Flickr user MoneyBlogNewz

While the general public dreads the thought of tax season, many cybercriminals look forward to it.  For most, filing taxes is a tedious but necessary civic duty.  Cybercriminals, on the other hand, excitedly view this annual event as an opportunity to illegally rob unsuspecting citizens of their money.  Fortunately, there are some tips that can help us all avoid these greedy fraudsters during tax season.

Continue reading

Posted in Malware Alerts | Tagged , , , | Leave a comment

Image via Flickr user alancleaver_2000

According to some security experts, Lizamoon is the most successful SQL injection attack ever witnessed.  During its short lifespan it has already compromised hundreds of thousands of websites.  While reports vary on the number of infected sites, some put the number over four million.  But these sites aren’t even the real victims; they’re just pawns in a larger scareware plot to steal people’s money.

Continue reading

Posted in Malware Alerts | Tagged , , | Leave a comment

Image via Flickr user arnold | inuyaki

Will we ever be able to comprehensively rid ourselves of spam?  When you consider that 78.7% of all email in February of this year was spam, the outlook isn’t so promising.

Continue reading

Posted in Spam | Tagged , , | Leave a comment

By Alan Lee – PC Tools Malware Research Team

With all the fake security applications out there, you’d think we’d have learned our lesson by now–but not so.  Fake security applications, commonly known as FakeAVs, continue to be effective and profitable, so unscrupulous malware authors continue to churn them out at an alarming rate.  PC Tools’ Malware Research Lab sees hundreds of new FakeAV samples on a daily basis.

Continue reading

Posted in Virus News | Tagged , , , , , , | 2 Comments

A recent malware episode in the UK serves as an important reminder that malware can even infect prominent, presumably trustworthy websites.  Tens of thousands of people in the UK are thought to have fallen victim to the malware attack.

Continue reading

Posted in Virus News | Tagged , , , | Leave a comment

It’s been a busy month for Anonymous, the hacker/cyber-activist collective known for supporting Julian Assange’s WikiLeaks site: despite being occupied by efforts to assist anti-government protestors across the Middle East and Northern Africa (through a series of DDoS attacks on government websites), representatives from the group took some time to spar with the incendiary Westboro Baptist Church. On February 16, the church announced that it had received a threatening letter from Anonymous, and quickly issued a press release accusing Anonymous of being “crybaby hackers.” Anonymous denied involvement, hinting that Westboro had fabricated the story as a publicity stunt, but several of Westboro’s sites suffered subsequent DDoS attacks, allegedly the work of an independent hacker named the Jester.

Continue reading

Posted in Hackers | Tagged , , , | Leave a comment

Those who have seen the 80′s Bond flicks might remember OddJob–the stout, round-faced Bond villain with the lethal top hat and the thin mustache.  Well, “OddJob” recently reemerged and is still dangerous.  But this time around, rather than executing people by launching his top hat, he’s taken the form of financial malware that’s used to steal innocent people’s money.

Continue reading

Posted in Malware Alerts | Tagged , , , | Leave a comment

Two years after it first appeared, the Conficker worm still poses a threat even though it has been relatively quiet as of late.  Since it first emerged, the Conficker Working Group, a team of experts who collectively work to fight the Conficker worm, has had its hands full.  While the team has done an admirable job of stifling Conficker’s impact, Conficker continues to lurk in the background.

Continue reading

Posted in Virus News | Tagged , , | Leave a comment

“Boy” may not seem like the most intimidating of terms, but when it comes to malware, it should incite a considerable level of concern.  A new type of malware known as ‘Boy-in-the-Browser’ is a rising financial malware threat.  Boy in the Browser, or BitB, is a trojan that reroutes its victims’ web traffic information through an attacker’s proxy site.  It is a simpler version of the malware known as ‘Man-in-the-Browser’–a less mature version, if you will–hence the name.

Continue reading

Posted in Online Fraud | Tagged , , | 1 Comment

Phishing scams are nothing new on social networking sites – Facebook has been especially prone to ongoing series of attacks, including recent scams promising free tickets on Southwest Airlines and free iPad giveaways. However, hackers have recently launched a more subtle and insidious campaign of attacks that capitalize on the social engineering (and inherent trust) that powers all interactions on Facebook, and the sentimentality of Facebook users.

Continue reading

Posted in Malware Alerts | Tagged , , , | 2 Comments

On Friday, March 26th 2010, the San Francisco office of the FBI received a copy of a video that had been removed from YouTube.  The video showed a man making serious threats against a US Congressman and his family.  Apparently, this was not the first threatening video this man had uploaded, either.

Continue reading

Posted in The Law | Tagged , , , , | 1 Comment

Image courtesy of dougww

For most people, their hard drive is like their brain – it’s often slow, cobwebby, and has to catch up to what’s going on around it. Every once in a while it stops working altogether and you have to get a new one. (Perhaps that’s where the analogy breaks down.)

Continue reading

Posted in The Law | Tagged , , | Leave a comment

Image courtesy of Capturian
There are online criminals like hackers, creators of botnets, and identity thieves.  And there are criminals online like murderers, sexual predators and old-fashioned mafia dons.  Law enforcement has increasingly started to use popular social networking sites to catch offline criminals online.

Continue reading

Posted in The Law | Tagged , , , | Leave a comment

Image courtesy of dariuszka

Phishing scams are becoming more common with the universal spread of social media. One recent victim was a journalist, who used the incident to educate the rest of us (link). Twitter is by far the most fertile ground, due to the often vague messages necessitated by the 140 character limit, and the trend of shortened URLs that mask the true nature of a link.  The best way to avoid the embarrassment and frustration of a phishing scam is to simply NOT click on the link.  Although social networks like Twitter are taking steps to eradicate the spread of malware and spam, the worst can still happen. You may be left to clean up the mess and try to warn your contacts before it spreads too far.

Continue reading

Posted in Hackers | Tagged , , , , | Leave a comment

Image courtesy of davidsonscott15

We all worry about the security of our data.  (And if you don’t, you probably should!)  The Privacy Rights Clearinghouse reported last year that the past 5 years have brought over a thousand data breaches in the United States alone, which in turn led to more than 320 million compromised data records.

Continue reading

Posted in The Law | Tagged , , , | Leave a comment

Image via http://www.rsaconference.com/

In honor of the 2011 RSA conference, we’re republishing an old ThreatFire blog post inspired by the 2008 conference:

Continue reading

Posted in Online Fraud | Tagged , , , , | Leave a comment

Interested in a computer science degree? This book list is a great one to consider reading before embarking on that degree, but it seems to be missing a few things to really be a substitute for a degree:

Continue reading

Posted in Hackers | Tagged , , | Leave a comment