computer virus

Ransomware virus is using weaknesses in Facebook and LinkedIn to spread

A new version of the Locky ransomware virus (malware) is making the rounds. What makes this one so special is that is seems to exploit flaws and vulnerabilities in both Facebook and LinkedIn. This has allowed it to spread much faster and infect far more users than previous versions.  According to the security firm Check Point,  flaws in the two social networks allow a picture file that has been infected with the virus to be downloaded to a user’s computer. When a user notices the file and opens it,  the Locky ransomware virus is installed.  At this point, it seems the virus is focusing more on Facebook.

Checkpoint has done a detailed write up on the issue and has reported the flaws used to both Facebook and Linked In.

“The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.

As more people spend time on social networking sites, hackers have turned their focus to find a way in to these platforms. Cyber criminals understand these sites are usually ‘white listed,’ and for this reason, they are continually searching for new techniques to use social media as hosts for their malicious activities.”

What is the Locky ransomware virus?

Locky infects the files on your computer and then leaves a note behind called “_Locky_recover_instructions.txt” to give you instructions on how to remove it. This involves sending a payment of varying amount to the attackers for an unlock code.  currently the amount is around $365. You can tell if a file is infected because it will change the name of the files on your computer. It follows the following format –

[unique_id][identifier].locky

Example – D34824A2BB422EF458E4F0C128F6D.locky

If you see any files with the extension of .locky or you see the ransom demand and removal instructions, you are infected.

You can read a more detailed description of the Locky ransomware virus here at Ars Technica.

If you have questions about the Locky virus or have been infected and need help getting your computer working again, please contact us at Iron Comet at 770-506-4383 for help.

 

 

 

 

computer virus

Employees download viruses every four seconds

A new study released by internet security firm Checkpoint found that virus (malware) attacks increased a staggering 9 fold in 2016. At the current rate, virus outbreaks occur at a rate of 971 per hour. In 2015, it was 106.

Researchers discovered an amazing 12 million new variants of malware – each month. They have discovered more viruses in the last two years than in the previous 10 years. Employees are downloading new malware every 4 seconds onto corporate networks the study found.

The biggest target to attackers was healthcare records. These have the highest current value on the black market. They are currently valued at 10 times the value of credit cards or other financial data. The report found that 9% of all healthcare or insurance organizations had experienced a data loss as defined by HIPAA. For healthcare organizations, there was a 60 percent increase in security incidents in 2015. In the last year, the cost of these security incidents rose 282 percent.

The most common method of attack was found to be email. The virus would be allowed onto the network by employees clicking on links in malicious emails. 75 percent of the attacks used this form of entry to find there way into the corporate networks. Using this method, attackers were able to bypass corporate firewalls a whopping 39 percent of the time. In 85 percent of those cases in the study, the breach wasn’t even discovered until after the organization was already compromised.

The study found that most organizations weren’t keeping up with security updates for the anti-virus software  and other software like Windows and electronic medical records.

 

How can you protect your business from virus attacks?

The first step is keeping all of your software fully updated. This includes Windows and all other critical software such as electronic medical records and accounting packages. These updates fix bugs and holes that have been found in the software. That’s why its so important to download and install them.

Install a virus protection software the scans in real time. This will protect against attacks like malicious email attacks. Most free anti-virus software doesn’t offer this feature. The anti-virus software must also be kept up to date.

Lastly, you can educate your employees about clicking on links in email that they aren’t sure about. If they are in doubt, don’t click it. Better safe than sorry.

 

If you need any help on this or have questions, contact Iron Comet at 770-506-4383 and we can give you a run down on how you can protect your company, free of charge.

 

 

 

 

computer virus

Viruses in online advertising

hhhThis is an ongoing trend that we really want to make our customers aware of. Yes, we make money from cleaning out commuters infected with viruses. but we want to do whats best for our customers. Teaching you how to keep yourself from getting infected in the first place is the just good customer service. This article will show you this new trend in drive by virus infections. We will show you how to keep from getting infected from these viruses that don’t even require you do anything to get infected.

Read more