Category: Malicious Software

PDFs Are Not as Safe As You Think

We are all used to having to be careful opening certain emails, zipped files,  WORD, EXCEL and other types of files in case they contain some kind of malware – virus, ransomware, Trojan etc.

But most people feel safe opening PDF documents.

However, scammers are using PDFs more and more as attachments in email or malicious downloads on websites.

PDFs can contain javascript programming which can have malicious intent and they can contain links which of course could go to any website.

Microsoft Malware Protection Center released a list of PDF filenames that are commonly used in malicious emails and websites. Scammers keep making new names of course.

  • pdf_new.pdf
  • auhtjseubpazbo5.pdf
  • avjudtcobzimxnj2.pdf
  • pricelist.pdf
  • couple_saying_lucky.pdf
  • 5661f.pdf 7927
  • 9fbe0.pdf 7065
  • pdf_old.pdf

Q. How can you protect yourself against malicious content?

Most of the PDF exploits use Javascript so if you disable that then a large part of the problem is blocked.

However, common sense goes a long way in protecting you.

  1. Do not open an email or download anything that is sent to you by someone you don’t know
  2. Make sure your email settings are on high protection and your anti-virus and anti-malware programmes are working
  3. If there’s a file on email you really want to open but aren’t sure then save it and then scan it (usually you right mouse click and select scan – depending on which anti-malware solutions you use)

Of course, you should run regular scans of your computer to ensure no malware has been installed.

How to Turn Off Javascript in PDFs

If you use a programme other than ADOBE for opening PDFs then you’ll need to check how to disable Javascript. If you use ADOBE then see below:-

  1. Start Acrobat or ADOBE
  2. Select EDIT then PREFERENCES
  3. Select the Javascript category
  4. Uncheck the Enable Acrobat Javascript option
  5. Save and exit

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Mobile Device Malware “Judy”

The Korean company Kikiwini published 41 Android APPS under the name ENISTUDIO Corp.

These could have infected up to 36.5 million Android devices by hidden malware that produced fake advert clicks.

Security firm Check Point identified these apps and realised these infected devices could be used to generate large amounts of fraudulent clicks on advertisements, generating revenues for the creators of the malware.

The malware was dubbed “Judy” by Check Point after the title character in Kiniwini’s apps. Chef Judy: Picnic Lunch Maker, for example, encourages players to “create delicious food with Judy

Google removed the apps from Google Play once it had informed of the problem.

How does Judy infect your device?

Hackers create a harmless app that can get around Google’s security screening and it is added to the app store.

Once it has been downloaded by users, it silently registers with the makers servers for update.  That update is not just latest software, content and adverts etc. It contains the code and list of web addresses. The APP then opens a browser window and starts to make clicks on the listed websites on the selected adverts. These clicks are registered by networks such as Google Ads and in time will produce payments to the makers.

This kind of cheating has been used in the past but this is one of the worst such examples and it circumvents Google APP security which they will not be pleased about.

Kiniwini also develop APPS for Apple devices but so far there are no reports of problems with those APPS.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Online Paid Surveys Can Be Questionable

There are huge numbers of people who would love to work from home, working when they choose.

And there are endless adverts on the Internet for these jobs, but sadly 59 out of every 60 such adverts are scams.

However, there are some real work at home jobs and filling in online surveys is one of them. Lots of sites offer these surveys and you get paid for filling them in.

Many of them have a poor reputation – tedious questions, not paying up, survey freezing near the end so you don’t get paid etc.

One such site that used to have a good reputation is the Australian group My Opinions at https://www.myopinions.com.au/ This is a well organised setup with lots of surveys and people have been paid and done well out of filling in the surveys.

Recently the website was taken over by a new company and some people feel the quality has dropped.

https://www.surveypolice.com/ is nothing to do with the Police – it’s just a website about surveys and people have added their views of myopinions.com.au and there is a lot of bad feeling about the company now.

It seems that some people have a good experience and are paid appropriately but others find that surveys free3ze at the end so they don’t count and some have been evicted from the survey site without reason and their payments not made.

Be careful if you start online surveys for money – make sure to pick a reputable company that always pays.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Malvertising – The Bad Advertising

special-offer-1422378_640

Malvertising (the word is a contraction of “malicious advertising”) and means to use online advertising to spread malware which is computer viruses and programmes that take over your PC or steal identity information etc.

Malvertising is carried out by inserting malicious adverts into legitimate advertising networks and the ads can end up on highly reputable websites.  Malvertising is “attractive to attackers because they ‘can be easily spread across a large number of legitimate websites.

Malvertising is hard to combat because it can work its way into a webpage and spread through a system unknowingly:  It is able to expose millions of users to malware, even the most cautious, and is growing rapidly:

In 2012, it was estimated nearly 10 billion ad impressions were compromised by malvertising and things are not really getting much better.

Malvertising often involves the exploitation of trustworthy companies. Those attempting to spread malware place “clean” advertisements on trustworthy sites first in order to gain a good reputation, then they later insert a virus or spyware in the code behind the ad, and after a mass virus infection is produced, they remove the virus, thus infecting all visitors of the site during that time period. The identities of those responsible are often hard to trace, making it hard to prevent the attacks or stop them altogether, because the ad network infrastructure is very complex with many linked connections between ads and click-through destinations.

In 2015, there were Malvertising attacks against, eBay, answers.com, talktalk.co.uk and many others. It involved breaches of ad networks, including DoubleClick. Even the New York Times and the London Stock Exchange were affected.

This is difficult for the end user to combat as it depends very much on the security at the advertising networks.

Don’t automatically trust adverts on respected websites as they may not realise what’s being advertised.

 

Can Someone Ransom Your Computer Files?

Ransom NoteYes they can. A malicious piece of software called ransomware can be unintentionally installed on your computer and hold you to ransom for access to your own files.

You may have clicked on a seemingly innocent email or website and the ransomware has downloaded to your computer. Then a screen appears with a message such as

“All of the files on this computer have been encrypted. You have 24 hours to submit payment to receive the encryption key, otherwise your files will be permanently destroyed.”

You can choose to pay, in the hope of getting access to your files but there is no guarantee. You can choose to ignore the threat or you can go to an IT expert for assessment.  Sometimes the message on screen is more threatening, such as

It may display what looks like an FBI page warning that you have committed an illegal act and must pay a fine or it may appear to a UK Police Force or some other authority. It is all fake of course as the FBI and other authorities do not practice blackmail.

To protect your computers against ransomware, make sure you have up to date anti-virus installed, take regular backups of all important documents and consider installing anti malware software.

Across the globe in 2014, there were 8.8 million ransomware attacks reported and this crime is rising rapidly.

For more information go to Ransomware: What is it?

Ransomware: What is It?

Ransom Note

Imagine you’ve been working hard to create a new presentation for work or an official document or a personal photograph album. When you finally finish the work, a message appears on screen that says

“All of the files on this computer have been encrypted. You have 24 hours to submit payment to receive the encryption key, otherwise your files will be permanently destroyed.”

You’ve been hit with Ransomware.

This could be lies – it could just be an empty threat, but it could also be very real and if you don’t pay then your files may be lost permanently.

What do you do?

Step 1: disconnect from the Internet immediately.

Step 2 : Make a choice on whether to pay

If you pay, then maybe you get your files back and maybe not.

If you choose not to pay then switch the computer off and get it to an expert ASAP.

Across the globe in 2014, there were 8.8 million ransomware attacks reported and this crime is rising rapidly.

For further information refer to article  Fightback Online Ransomware