With the popularity of Bitcoin over the past little while, it’s no wonder that Cyber-criminals are hoping on board!  Having jumped thousands of dollars in value, just over the past few weeks we are hearing more and more stories of how these hackers are exploiting this cryptocurrency.

Cyber-criminals are using various methods to take advantage of this craze.  Whether it is stealing usernames or passwords, or installing malware on users’ computers….they are figuring out ways to hijack your computer!

Stealing Information

Although some may think Bitcoin is fairly new, it has actually been around since 2009.  From that time however, hackers have been trying to figure just out how to target this currency.

One of the most popular ways these criminals are taking advantage of the Bitcoin craze is by using something called keyloggers.  These are programs that can see what you type on your keyboard.  They then use this to steal your login information when logging into your bitcoin wallet.  Typically victims accidentally download keyloggers from an infected email attachment, which then installs onto the victims computer.  From there they monitor any Bitcoin transactions that occur so they can steal your passwords.

In addition to this however, the malware is also able to mine bitcoin and other types of cryptocurrency using your computer.

Mining on your time

Technologies like browser-based miners come into play to help crypto miners access.  Basically site owners run a Javascript on a person’s computer whenever they visit a particular site.  This script will then use your computer’s CPU to mine for currencies such as Bitcoin or Monero.

This software or script is not designed to harm your computer as the script could also be used by publishers and webpage owners to generate revenue lost from ad blockers….but there are times when you are not being told it is running.

Not all Monero miners or sites will tell you that this script is running in the background, which can be annoying as it sucks up system resources and can significantly slow down your computer.  Monero miners are only supposed to run on your computer while you are actually visiting their site but there are times when it can generate a browser window that hides on your desktop and will continue to suck up your resources.

Results from an IT company noticed that they saw an increase of 10 times from September to October for mining tools being detected on their customer’s computers.    Adding the results from November, they have actually seen 33,000 detection’s per day!

Dragging you down

For the most part, these mining malware tools are not as damaging as ransomware which has the ability to lock down your computer till you either erase your hard drive or pay the ramsome, but they do come with their own concerns.

There are different miners out there that can either stay hidden in the background and use smaller amounts of your PC’s power or larger ones that push your computer to the max.  If this happens to you, your machine will slow to a crawl.  This can certainly hurt the bottom dollar if you are a large business running huge numbers of servers.  The extra power needed to run such operations while also feeding the miners can lead to a significant cost at the end of the day.

Beating back the bots

How do you fight these kinds of attacks?  As always, it results in the same need.  You NEED to ensure you are running the latest software updates and of course the latest security software.  Now if you are a Mac user, please don’t think your safe as there have been instances of malware detected on those too!

 

Quick Tips

Make sure you are running the latest software.

---

Topic:  Cyber-criminals and the Bitcoin craze

Results from the latest survey done by a data protection provider, have resulted in an eye opening number of 5.7 millions dollars that have been paid out in the last 12 months to ransomware, here in Canada.

The study surveyed over 200 providers of small and medium-sized businesses over a 12 month period which ended in Q2 2017.  If we consider that this is a representation of all small and mid-sized businesses, than that means roughly 4% were hit with ransomware during this time period.  Out of that percentage, it was also noted that 32% admitted to paying the ransom.

Now keep in mind, just because you pay the ransom, doesn’t always mean you will recover your data.  Out of the businesses that admitted to paying the ransom, only 13% actually received their data back.  Their hope was of course, to pay the ransom and get the key to decrypt their locked data… but in the end they ended up losing all their data, as well as their money.

Of the 200 providers surveyed, six or more of their clients faced attacks in the first half of 2017 alone, and roughly 31% of Canadian service providers noted that their customers faced multiple attacks in a single day!

Based on such a high number of attacks, it is safe to say that there may be 1 if not 2 things that the providers are doing wrong:  They may not be patching software enough and not educating their staff about being careful of clicking on attachments in their email.

Thankfully the ransom demands are not usually too large, but 43% of those surveyed had paid anywhere from $500 – $2,000 for their ransom.  There were only a few that paid closer to the $10,000 amount.  For the most part, paying wasn’t the biggest part of the payout, as businesses had to deal with downtime and of course issues if they did not receive their data back once payed.

Additional Facts:

• After the attack, 13% of service providers noted that cleaning up was not easy.  Not only did the ransomware stay in their clients’ system but they struck again later on.
• 33% mentioned that their customers’ back-up was encrypted as well.

 

These numbers suggest that customers did not separate back-up from production environments, and/or they didn’t realize that the back-up also needed to be scanned for possible infections.

Because Ransomware can also hit Dropbox (the biggest in this category), Office 365, Google G-Suite and AWS, it isn’t always safest to move to the cloud.

There is a large variety of ransomware strains out there but for this study, it was found that CryptoLocker, CryptoWall and Locky were the most common.  It was also found that 28% of the providers customers had NOT reported the incident to police, which makes it even more difficult to get proper numbers on ransomware here and all over the world.

The best defense against ransomware is a back-up and recovery process that is regularly tested.  It is also imperative to educate and remind staff of the importance of security when receiving and sending emails.  Ransomware infections are primarily sent though emails via phishing scams, so they should be aware and able to recognize these signs.

 

Quick Tips

Make sure you are running the latest software.

---

Topic:  Canadians pay out $5.7 Million in Ransomware

Businesses are being victimized by phone scams.  Employees may get a phone call from someone pretending to be from the IT department or an IT company.  They may tell the employee that there is some issue requiring them to log into the employee’s computer to fix it.  They might ask for the employee’s network ID and password.

By tricking the employee they can now access the company’s computer network.

Watch the 1 minute Security Tip 
by BlackBox Connections
Topic: Phone Scams at Work

[embedyt] https://www.youtube.com/watch?v=KmC2n2R7Qn8[/embedyt]

Quick Tips

 

Never give out bank information, network user-ids or passwords.

---

Topic:  Phone Scams at Work

Adobe Flash Player has long been the useful tool that has helped us view dynamic content like videos and animation online. But with this helpful tool comes a long list of security flaws and vulnerabilities that cyber-criminals easily exploit.

In this week’s security tip video, learn about the vulnerabilities that Adobe Flash Player could present and the steps you can take to protect your devices.

Watch the 1 minute Security Tip 
by BlackBox Connections
Topic: Adobe Flash Vulnerabilities 

[embedyt] https://www.youtube.com/watch?v=IjHiRsPqOrA&width=1080&height=608&iv_load_policy=3&modestbranding=0[/embedyt]

Quick Tips

If you are using Adobe Flash Player, make sure that your software is up to date.

---

Topic:  Adobe Flash Vulnerabilities

Weekly Security Tip | 10/13/17

Are Hackers listening in to your conversations??

A study done at the University of Belgium has found that a security layer that protects Wi-Fi networks, has been cracked and hackers could be listening to your conversations right now.  WPA2 is the security protocol that is in place to protect the modern Wi-Fi network but hackers have been able to manipulate the cryptographic elements behind the security.

The issue can affect devices that are connected to a Wi-Fi network and have found that operating systems such as Google’s Android, Apple’s iOS and Microsoft’s Windows are to be vulnerable.

How does this work?

Essentially we can think of the WPA2 as a 4 way handshake.  The first part takes place once a user has put in their correct password to access a Wi-Fi network.  From there, a new encryption key is generated to encrypt subsequent traffic.  This is where hackers are able to manipulate the process by what is called a key re-installation attack or KRACK.  The research does mention as well, that the hacker must be within range of the victim in order for this to work.

Who can be affected?

Unfortunately, any device that is connected to a Wi-Fi network can be affected.  A certain version of Linux and devices running Android 6.0 and above may have catastrophic concerns however.  According to data from Google, half of the android devices in circulation are using this version, so be sure to check yours!

What do you do now?

First off, you don’t have to worry about changing your Wi-Fi password, just make sure that all of your devices and firmware of your router are updated and continue to use the WPA2 protocol.

So far, a Google spokesperson has tweeted that “Android devices with a security patch level of November 6, 2017 or later are protected against these vulnerabilities”.

Microsoft has said that to address the issue they have released a security update.

Apple also confirmed that currently in beta mode, they have a fix and the software will be coming soon to everyone.

by BlackBox Connections
Topic: Wi-Fi Security Flaw Found!

Copyright © 2017 Security Tips, All rights reserved.