Posts Tagged Malware

Frequently Asked Questions About Malware Botnet

A Malware-Bot is a type of malware that exercises control over the infected machine once the infection spreads through the system. It acts according to the instructions given by the master i.e. malware writer. Following are some most commonly asked questions about Malware Botnet:

  • What Actions Does A Malware Bot Perform?

A Malware Bot can perform numerous tasks such as-

  • Spying & tracking
  • Sending spams, hosting command servers, working as proxies & performing other malicious activities
  • Accessing corporate resources & hijacking
  • Stealing confidential information, documents, credentials, etc.
  • Bitcoin mining
  • Web browsing
  • Do All Malware Bots Perform The Same Actions?

The bot can perform all the above mentioned actions, however there are two types of malware actions that the Malware Bot does not perform, not because it is incapable to do so but because they make little business sense. Following are the two malware actions:

  • Actions Which Impend The Machine: A Malware Bot cannot work in a damaged environment. When the software environment is damaged the machine is usually reinstalled, thus removing the bot. So, Malware Bot does not usually perform an action that would restrain it from running on the machine.
  • Actions That Reveal The Infection: A bot does not want a user to know about its presence on their machine, which is why it operates stealthily. Thus, it does not resort to activities such as modifying browser setting, popping up dialogue box, etc.
  • How Are Botnets Investigated?

When the malware is launched, it reaches the malware researchers sooner or later. They capture it through various channels such as malware spam, honeypots, phishing sites, product reports, etc. Once captured, the malware researchers analyze it in a controlled environment to receive the updates.

  • How Is A Botnet Controlled?

It is controlled by a computer or a group of computers running a command & control server (C&C server). The server communicates & sends instructions to the Malware Bot in the format understood by it. The server then performs numerous functions such as instructing the bots to schedule or execute a task, keeping track of number & distribution of bots as well as updating the bots by replacing them with a new type of malware.

  • Why Do Botnets Emerge?

The main reason why the malware writers develop, deploy & maintain a botnet is to tap on financial gains.

  • How To Prevent A Malware Botnet?

After understanding the working of a malware botnet, let us know how to prevent it:

  • Update your operating system regularly.
  • Avoid downloading from P2P & file sharing networks.
  • Don’t click on suspicious attachments & links.
  • Install a good antivirus software.
  • Follow good surfing habits.

For more information, call Centex Technologies at (254) 213-4740.

, ,

No Comments

What Is Crypto Mining Malware?

Crypto mining malware is a software program that has been developed to steal away a computer’s resources without knowledge or permission of owner. The access is further used by cybercriminals for cryptocurrency mining.

According to Symantec’s latest annual security threat landscape report, cryptocurrency miners grew by 8500 percent in 2017.

Unlike other ransomware and phishing attacks, the main purpose of crypto jacking is to inject crypto mining malware into the system, create a nuisance and earn cryptocurrency. If the crypto mining software is injected on a system with critical and high- availability assets then the computational resources can become unusable for their primary business functions.

How To Detect It?

The mining malware runs in the background and so a common user does not realize what is happening. It generally seizes your computer’s Central Processing Unit (CPU) and Graphics Processing Unit (GPU). This will slow down other processes and bring them to a halt. Overheating, crashes, slow response time and unusual network activity i.e. connections to mining related websites and IP addresses are things you must take a note of.
Although following these simple steps can be of some help:

  • Set up a network monitoring solution.
  • Monitor your websites for crypto mining codes.
  • Make yourself aware about the recent crypto mining trends.

Types Of Miners

There are 3 main types of miners:

  • Browser Based Cryptocurrency Miners – They are JavaScript miners that perform their work in an internet browser. They consume the resources till the browser remains open on the website. Some website owners use these miners intentionally in place of running ads while sometimes they are injected into websites without the knowledge of the website owner.
  • Executables – Specifically designed for the purpose of crypto mining, they are Potentially Unwanted Application (PUA) executable files (.exe) placed on the computer.
  • Advanced Fileless Miners – The malware does the mining in a computer’s memory. It generally misuses system resources to do so.

How To Protect Yourself Against It?

  • You can use an extension that blocks the most JavaScript miners to protect yourself from the crypto mining malware.
  • Use a strong antivirus software to protect yourself from unsecure websites, viruses and malwares.
  • Update your operating system every now and then to protect yourself from vulnerabilities.
    Keep your web filtering tools up to date.

For more information on protection from Crypto Mining Malware, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Top Malware Myths And Facts

27 July, 2016

Over the past few years, computer security has become the primary concern for most people. To stay protected, it is important to know about different types of malware found online i.e. how they spread and the repercussions they may bring. However, there are a myriad of misconceptions about malware that put internet users at risk.

Discussed below are some common myths and facts about malware that you should know to safeguard your computer and protect your information online:

Myth: Updating software is not important for computer security
Fact: A computer with an outdated version of anti-virus software is more susceptible to malware infection. Software vendors frequently release patches and upgrades to protect against the latest security threats. Hence, you must either enable the anti-virus software to update automatically or check for newer versions available on the vendor’s website.

Myth: Malware infection can be easily detected
Fact: Though some types of malware show obvious signs when they infect a computer, such as displaying a pop-up demanding ransom from the user or causing the system to crash. However, certain malware are specifically designed to avoid detection by the user. They may be programmed to stealthily collect sensitive information, send spam emails from the computer or lock down important files.

Myth: Malware only affects Windows
Fact: Though most malware are created to target Windows users, other platforms are not immune from this online threat. With an increasing share of Android and Mac users, hackers are initiating various cross-platform malware to target multiple devices.

Myth: Reputed websites are safe
Fact: While it is partially true that malware mostly spreads by visiting websites that have pornographic or pirated content, credible websites can also be compromised. Hackers use a technique known as malvertizing, which involves placing malicious ads on reputed websites. Clicking on these ads or just visiting the website may download a malware to the user’s computer.

Myth: You are safe if you do not have anything important on your computer
Fact: Even if you have not stored sensitive information on your hard drive, malware can scan other important details that can be used to achieve its goal. For instance, it may access your email account to send out spam emails to your contacts or trace your keystrokes to steal login credentials for online financial transactions. With this information, hackers can cause serious damage including identity theft and phishing attacks.

For more information about the malware perils and prevention tips, you can contact Centex Technologies at (855) 375 – 9654.

, ,

No Comments

Spammers Spread Trojan with H1N1 E-Mails

Dec 3, 2009

Several security vendors are reporting a large malware campaign taking advantage of interest in H1N1 vaccinations.

The e-mails claim to link to a Web page for the Centers of Disease Control and Prevention where users can register for a new “State Vaccination H1N1 Program.” However, anyone who clicks on the link ends up with the Zeus Trojan, a prevalent piece of malware used to steal data off of compromised machines.

Security company AppRiver detected the campaign around 8:15 a.m. (CST) Dec. 1, and a hour later was filtering about nearly 18,000 e-mails per minute.

According to Symantec, the domain used in the e-mail links has the format of online.cdc.gov.[RANDOM CHARS].[TLD NAME].im, such as online.cdc.gov.yhnbad.com.im.

“As is usually the case with these campaigns, the URL that is supposed to be a document actually leads to an executable file,” blogged Hon Lau of Symantec. “This one is named vacc_profile.exe and is detected by Symantec as Infostealer.Banker.C. Incidentally, the URL is also ‘personalized’ with the e-mail address of the recipient to make it look that little bit more authentic and less like mass-mailed spam.”

The subject lines of the e-mails vary, but some of the ones that have been observed are “Governmental registration program on the H1N1 vaccination” and “Your personal Vaccination Profile.”

If you have any doubt about the authenticity of the e-mail, don’t click it. Information about H1N1 can be found here on the CDC Website.

Internet Marketing AustinSEO Austin

, , , ,

No Comments