Cryptolocker: Why Modern Computer Viruses Are More Dangerous Than Ever

crypt-messageToday’s computer viruses go beyond mere annoyance. How does holding your data for ransom sound? What about spying on you through your webcam, tracking your physical location, recording every keystroke you make? Welcome to the modern generation of computer threats, where infection means real-world consequences.

The latest virus making the rounds is Cryptolocker, a textbook example of all the truly nasty ways in which a modern computer virus can ruin your day. Cryptolocker encrypts your data with a one-way algorithm which mathematically cannot be reversed. If you don’t pay the ransom within the timeframe, the only key to your data is gone, kaput, goodbye.

You can’t restore your data by removing Cryptolocker, because removing the virus doesn’t decrypt the data. No tech support person in the world can decrypt it for you because it’s simply not possible without the key. Even police departments have paid the ransom, even as they recommend that consumers not do so.

Here are some resources on Cryptolocker so you can keep it from digging its sharp claws into your computer.

Cryptolocker started its initial spread via email attachments, which are fairly easy to avoid. But now it’s morphing into variants that can be transmitted via USB drive, and luring victims with fake software activation codes. Although it’s a Windows virus, like all viruses it can be transmitted via Macs and mobile devices. Following in the steps of other viruses, soon Cryptolocker will evolve into spreading via social media sites.

And this is just the start.

There are other viruses out there that can activate webcams – and yes, they can bypass the green light that tells you the webcam is on. They can listen through microphones. They can track your location via your mobile device. They can listen in on your conversations on social media.

Now, more than ever, it’s vital to protect yourself from computer viruses. Here are some Tech Tips resources to help:

Have you run into Cryptolocker or other similarly destructive viruses? Share in the comments, and don’t forget to subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

 

A Parent’s Guide To Protecting Your Kids Online

kidsIt’s hard to protect kids online, because parents and educators often have a hard time finding resources that can help them understand the latest risks and recommendations. I’ve gathered a variety of information in one place so you can learn about antivirus, parental controls, and protecting your kids while using mobile devices and video games.

Kids’ computers are among the most vulnerable to security threats. That’s not to say your kids are doing anything wrong. On the contrary, they’re the victims. Not only do virus-writers like to booby-trap kids with malicious web sites, they also like to infiltrate legitimate ones. Kids are also at much at risk of identity theft as any Internet user. More so, because cyberbullying has become such a deadly and devastating menace.

These are resources every parent needs to know about how computer viruses and Internet threats work. If you have questions, please feel free to comment. You can also subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Antivirus And Security

Mobile Devices

Video Games

Cyberbullying And Harassment

 

How To Avoid Keyloggers, Ransomware, And Rootkits

keyThe most advanced threats to your computer – keyloggers, ransomware, and rootkits – are also the most insidious. The best way to deal with them is to avoid them entirely.

Keyloggers come in hardware form, but are usually software viruses that secretly record everything you type. Ransomware holds your computer and its data hostage until you pay. Rootkits allow hackers to remote-control your computer, and are often used to introduce other types of malware.

Related article: Advanced Threats Target Your Computer (The Northwest Herald)

So why should you fear these threats?

  • They bypass your security.
  • They steal your money and your identity.
  • They force your computer to infect still more computers.
  • They turn your computer into a spam-generating cog in the hackers’ profit-driven machine.

In the tech industry we say you’re rooted or pwned (like owned with a p – “powned”). In other words, the hackers own you. They own your accounts, your passwords, your address, your finances… your life.

Related Tech Tips article: What To Do If You Get A Computer Virus

Fake Antivirus Software
In particular, watch out for fake software scams. I’ve spoken of these before. Fake antivirus software tricks you into installing it, then bypasses your protections and invites its malware friends in to play. It’s devilishly hard to get rid of, as anyone who’s been infected can tell you. Usually you’re looking at a reinstall. And the darn stuff actually makes you pay to be infected! Talk about a scam.

This is why you don’t want to do a web search for “Windows antivirus” and start clicking on random links – many of them are poisoned results that lead you straight to the lookalike fakes.

Related Tech Tips articles: Is Your Security Software Real Or Rogue?How To Spot Bad Web Links

Rootkits And Remote Admin
Concerning rootkits – those backdoor programs that allow hackers remote control of your computer – I’d like to point out that these are not the same as the built-in remote admin tools on your computer. A rootkit, by its nature, is designed to be stealthy. Remote admin programs are supposed to be used to maintain computers for legitimate purposes (say, if you are performing tech support on machines in a remote office). But it can also be exploited just like a rootkit if a hacker convinces you to turn it on. Check out this article on telephone tech support scams for an example.

Related articles: Tech Support Phone Scams Hit HomeHow To Kill Computer Keyloggers

Drive Imagers
Fortunately, you can make it easier to recover your computer if you do have to reinstall it – by imaging the drive while it’s still clean. This, combined with regular backups of your everyday data, will let you restore your computer quickly.

Windows Drive Imagers

Mac Drive Imagers

Have you encountered keyloggers, ransomware, or rootkits? Share in the comments, and don’t forget to subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

Stop Integrating My Computer With Social Media!

Tech companies need to remember that consumers are people with brains and don’t need to be force-fed technology through the virtual equivalent of a baby spoon. Mountain Lion, Apple’s latest operating system for Mac (OS X 10.8), boasts improved Facebook integration. In my mind that’s not a feature, it’s a reason to stay away.

I DON’T want my operating system to be integrated with social media. The operating system is the brains of my computer. It doesn’t need to check into Facebook or Twitter. I may run apps on top of it that do need to check into Facebook or Twitter, but that’s my decision. I don’t want my system software making that decision for me.

I want my system software stupid. I don’t want it to know a damn thing about the Internet except how to connect to it. To put it in IT terms, I don’t want my OS thinking past the lowest layers of the OSI model. I certainly don’t want it making decisions at the presentation and application layers. Let it merrily chat away via TCP/IP without bothering to look inside those data packets, and let the programs I choose do that work.

I could say the same for my iDevices. I don’t want to use iCloud. I don’t want to use FourSquare. I don’t want to check in every five seconds. As I said in a previous rant er… post, I certainly don’t want all my data syncing to some unknown datacenter when all it needs to do is go two inches from device to computer.

There’s such a thing as too much integration. Everything doesn’t need to work seamlessly with everything else. If I wanted an operating system based on Facebook I would do all my work with Facebook apps. If I wanted to use cloud computing I would sign up for cloud computing. But if all I want is to work locally on my own computer, I should be able to do that too.

What I want is an operating system I can secure with third party tools (sayonara, Windows RT!), upon which I can run the programs of my choosing.

Of course, I could always run Mountain Lion and simply not give it my Facebook credentials, but that’s not the point. The point is that the capability of integration is there. The point is that if something happens – if I input my password in the wrong dialog box, if a virus presents me with a malicious login, if one of Apple’s preferences “accidentally” gets switched on – then suddenly I am sharing a whole lot of data with the world that really shouldn’t be shared.

As a computer expert, I know the best ways to avoid that. But most people don’t. The average person, right now, is streaming data to Facebook, Twitter, iCloud, and who knows what else, without even being aware of it. And that’s BEFORE the latest integrations between social media and our system software.

Stop sacrificing security for convenience, because it’s not the tech companies that pay the price, it’s the consumers. We’re the ones who get our bank accounts hacked, our email hijacked, our identities stolen, our lives ruined. That’s not exaggeration, that’s the result of a multi-billion-dollar cybercrime industry.

 Subscribe free to Tech Tips by email for computer news, security tips and more!

How To Remove A Virus From Your Mac

With the Flashback virus and its variants on the loose, there’s been a welcome focus on Mac security. But most of the instructions you’ll find for removing a virus are written for Windows. Here is how to remove a virus from a Mac.

First, you’ll want to read this article I wrote on What To Do If Your Computer Is Hacked, because much of the same advice applies here. Then…

Step 0: Install Mac Antivirus
The best protection is prevention, and antivirus software is as mandatory for Macs as it is for PCs. Apple’s built-in defenses are not enough. Here are my recommendations on Mac antivirus. My two favorites are Sophos and Intego. The freebies are fine but honestly, a solid security software suite is one of the best investments you can make for your computer.

Freebies:

Paid:

Step 1: Scan For Viruses
Use your antivirus program to scan your Mac for viruses. Be sure to include any external hard drives or other volumes. If you are sharing drives from other Macs, it’s much faster to scan on the local Mac than scanning across the network.

Remember, it’s not just Mac viruses you’re worried about. Macs can’t be infected by PC viruses, but they can and will transmit them, to the displeasure of your Windows friends. Please be a kind neighbor and make sure your own house is tidy.

Step 2: Do A Second Scan
It’s always a good idea to get a second opinion by scanning with a different program. Select an alternate from above, but don’t try to run both at the same time or they’ll step on each other’s toes.

Step 3: Remove Viruses
In What To Do If Your Computer Is Hacked I wrote:

Your computer could have been infiltrated by a virus, a worm, a Trojan horse, a keylogger, a rootkit, scareware, malware, adware… These are all different types of attacks with different purposes, meaning there are greater and lesser degrees of infection.

Same thing applies to your Mac. Some viruses are just junky adware and easily removed. Others are nefarious keyloggers that embed themselves deep down in your system where no one will find them. Of course you don’t want any viruses on your computer, but some are worse than others.

Use your antivirus tool(s) for removal. Macs tend to clean up quite a bit better than PCs after infection, so in my experience reinstall isn’t required nearly as often. But be careful if you do a Web search for removal tools for specific viruses. Thanks to poisoned search engine results, a search for “Flashback removal tool” returns links to the virus itself!

Step 4: Secure Your Mac
If you’ve gotten this far, in all likelihood the viruses are gone. However, there’s no way to guarantee that. As I wrote in the same article

There is no way to confirm if a computer is free of viruses. I don’t care what any virus removal tool says. You can be 99% confident, but not 100%. When in doubt, reformat. It’s a pain but better than having a computer that keeps reinfecting itself. Remember, a virus can regenerate if even the tiniest portion of itself is left behind.

Assuming you’d rather not go through all that again, go back to Step 0 and make sure your Mac has proper antivirus installed. Then move on to Step 5…

Step 5: Follow Good Security Rules
The best software in the world won’t protect you if a wily cybercriminal can trick you into clicking something you shouldn’t. All that good advice about Windows security applies just as much to you, so watch out for Facebook scams, phishing emails, phony login pages and all the rest of it. If the idea of that daunts you, don’t worry. Just follow Tech Tips via email, Web and Twitter, and I’ll keep you in the know.

Some related Tech Tips articles you might find useful:

Questions about Mac security? Ask in the comments!

What To Do If Your Computer Is Hacked

A hacked computer is an IT nightmare come to life. What would you do if your computer was hacked? What should you do?

Step 0: Is Your Computer Really Hacked?
This article describes what to do if your computer is hacked – infiltrated by a virus or overcome by scam software. But it might not be your computer that was hacked.

  • If people are getting weird emails from you, then your email is hacked. Here’s what to do if your email account is hijacked.
  • If you can’t get into a certain account (email, Facebook, Twitter) then either there’s something wrong with your password, or possibly that account has been hacked – see above.
  • If your computer is misbehaving, it may simply be having a temper tantrum. (They do. Trust me.) That’s not a hack attempt, it’s a tech support problem. Here are some suggestions.

Let’s assume it really is your computer that’s been hacked. Now what?

Step 1: How Badly Were You Hacked?
Define “hacked.” Your computer could have been infiltrated by a virus, a worm, a Trojan horse, a keylogger, a rootkit, scareware, malware, adware… These are all different types of attacks with different purposes, meaning there are greater and lesser degrees of infection.

When I see a computer that has a couple of pieces of adware on it, I don’t worry. I clean it up, make sure there’s decent antivirus installed and all the software is current, and call it a good day.

When I see a computer infected by a program that is monitoring every single keystroke, I back up the data, reformat the computer, and start from scratch. I don’t like keyloggers. I don’t like viruses that stealth around in the background. I don’t like unwanted programs that call home with MY data.

Step 2: Damage Control
Run scans, starting with your usual antivirus program. Windows users also want to run free Malwarebytes which can catch anything your antivirus misses. Mac users, give the free Sophos Mac Antivirus a try.

What you do in Step 4 will depend on what your scans find. In the meantime…

Step 3: Find Your Backups
I didn’t say make a backup. It’s too late for that; the backup will be infected. Don’t bother unless you have live data on the infected computer that you absolutely can’t afford to lose. (And if you’re in this unfortunate position, you’ll never fail to have a current backup again.)

Step 4: Removal
By now your scans from Step 2 are done and you have an idea what’s happening. From a UNinfected device, do a Web search on some of the viruses that have been identified. This will tell you where they rank on a scale from minor inconvenience to major calamity.

There is no way to confirm if a computer is free of viruses. I don’t care what any virus removal tool says. You can be 99% confident, but not 100%. When in doubt, reformat. It’s a pain but better than having a computer that keeps reinfecting itself. Remember, a virus can regenerate if even the tiniest portion of itself is left behind.

You can do a Web search if you need a removal tool for a particular virus – but remember, viruses often hide behind malicious links to fake removal tools for those same viruses. Sneaky, huh?

Step 5: Keep Watch
By now you should be relatively confident that your computer isn’t hacked anymore – but you have to keep watch to make sure.

Sometimes computers have problems after being infected, even if the viruses have been removed. Viruses can cause legitimate programs on your computer to crash – after all, it’s not like the virus-writers care if their software is compatible. Viruses often corrupt your system software, another reason why reformatting is often the best option.

If you didn’t reformat but your computer won’t behave, you may have to go through with the refomat after all. It’s the only way to get a clean copy of your operating system.

This same process applies to any hacked device, from servers to iPads: assess the threat, then either choose cleanup or start from scratch.

Ever had your computer hacked? What’s the one thing you wish you had known? Share in the comments!

 

Why The Flashback Virus Doesn’t Worry Me – But Every Other Mac Virus Does

By now you’ve heard of the Flashback virus, which has infiltrated hundreds of thousands of Macs worldwide. There’s a lot of talk about whether the Mac’s reputation for invulnerability is shot and what Flashback might mean for Apple’s business.

I have some news for you. Don’t worry about Flashback.

This happens every few years – a major virus outbreak combined with widespread media coverage. That’s why Flashback doesn’t worry me. It’s gotten enough coverage that there are ample removal tools and instructions on what to do if you’re infected:

It’s all the other Mac viruses out there that worry me.

I’ve been in Mac security a long time – over twenty years. And I see the furor rise now and then over one Mac virus or another. The truth is we need to be thinking about Mac security continuously and not just when one particular virus runs rampant.

Macs have never been invulnerable. They don’t suffer the same problems as Windows, but they definitely have their own issues. One, unfortunately, is user complacency. Most people don’t even run antivirus on their Macs. Look through my Tech Tips archives and see how many times I’ve begged folks to do that. It’s a blind spot in the Macintosh mentality, one that needs to change.

Apple tends to encourage rather than counter this complacency, probably because it works to their marketing advantage. Not that they ignore security, but it typically takes a back seat. In that respect Flashback is helping by bringing the problem to the foreground.

Mac users need to take matters into their own hands. Here are my best recommendations on Mac security:

(Like this? Subscribe to my Tech Tips email list to get my latest Mac security news and more – no spam, no jargon, just a little computer help from yours truly.)

How To Kill Computer Keyloggers

Computer infections go by many names: viruses, Trojan horses, malware. But there is a particular class of infections that is not only malicious but nearly invisible in nature.

Keyloggers are virus-like programs that capture everything you type on your computer. Because they sit between your applications and the software than drives your keyboard, they are difficult to detect and harder to remove. They are often invited by viruses that have already infected your computer. There are even hardware keyloggers that can be secretly installed between the keyboard cable and your computer.

Keyloggers are seen in conjunction with rootkits, software designed to capture control of your computer. Anti-rootkit tools can help keep keyloggers at bay. Although these tools are not yet part of standard security suites, in the future I anticipate we’ll see more commercial protections against keyloggers and rootkits.

In the meantime, how do you protect yourself? The usual recommendations apply: run a strong security program, avoid clicking on links, and make sure all of your software is up to date. It’s far easier to avoid keyloggers and rootkits than it is to remove them.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

The Real-Life Impact Of Zombied Computers

If you’re still wondering why securing your computer matters, you might be interested in this recent article. Hacking is not limited to Russia and as the article notes, cyber attacks are increasingly being used to achieve political as well as financial gain.

Your computer may well be part of the “cyber-criminal ecosystem,” if it is has become a zombie controlled by rogue software. Protecting our computers now affects others in real-life ways.

Don’t forget our four legs of the computer security chair, and be sure to sign up for the email version of Triona’s Tech Tips for the latest computer bulletins. And have a happy and safe New Year!

Not long ago, the simple, anonymous thrill of exposing chinks in American software was enough of a payoff for a Russian hacker. Today it’s cash. And almost all the targets are in the United States and Europe, where Russia’s notorious hackers pilfer online bank accounts, swipe social security numbers, steal credit card data and peek at e-mail log-ins and passwords as part of what some estimate to be a $100 billion-a-year global cyber-crime business.

Yevgeny Kaspersky, chief executive of Moscow-based Kaspersky Lab, one of the world’s leading computer security firms, says Russian hacking flourishes as “a cyber-criminal ecosystem” of spammers, identity thieves and “botnets,” vast networks of infected computers controlled remotely and used to spread spam, denial-of-service attacks or other malicious programs. A denial-of-service attack floods a Web site with inquiries, forcing its shutdown.

How To Protect From Cybercrime

If the cybercrime situation is so dire, what can an average person do about it? I present the four-legged chair of computer security. Without all four legs, your computer’s defenses could collapse.

  • Antivirus software
    You know this; what you may not know is that antivirus alone does not catch every threat.
  • Anti-spyware software
    Spyware is software you don’t want, similar to viruses but using different tactics. Adware, malware, keyloggers, Trojan horses, they all fit into the category of spyware.
  • Firewall
    Just like a fire door in a hospital, a firewall keeps out Internet nasties that try to sneak under the radar of antivirus and anti-spyware software.
  • Regular updates (“patches”)
    Every program has bugs, and these bugs can be used by viruses to manipulate your computer. Harden your security defenses by keeping your software up-to-date.

At home, you’re your own computer security czar. Run a full-fledged security suite, and install a firewall for extra protection. (See the sidebar, right, for suggestions.) Remember, you must purchase security software yearly, and update it every few days. And don’t forget those patches! For Windows I like a combination of Microsoft Update plus Secunia’s Personal Software Inspector. Mac users, be sure to check for new patches via Apple’s Software Updates, Adobe Updater and the other update features of your software.

If you have a company-owned computer, talk to your IT department about the protections that are installed. Find out if your corporate network prevents laptops from logging on unless the laptop has updated security. You can also explore one-time password systems, or biometric options like the fingerprint scanners now built in to most laptops.

Do you have questions about protecting yourself from cybercrime? Ask them here (click Comments below any article), and be sure to sign up for the email version of Tech Tips for bonus tips and product reviews.