Top Scary Computer Hacks That Could Affect YOUR Business This October

Top Scary Computer Hacks That Could Affect YOUR Business This October: 2018 Edition

2017 was a terrible year for the digital world and 2018 ain’t no better. Think your computer is safe from potential hackers? You’re wrong. Ghouls and witches aren’t the only scary thing this October! Vicious Ransomware, Malware, and Viruses are on the loose, and if not taken seriously, could dangerously affect your computer.

1) Gandcrab Ransomware

Gancrab was first discovered January of this year. This pesky bug encrypted users’ files and extorted a ransom in Cryptocurrency (DASH In particular).

Soon, Gancrab v1 was stopped in its tracks at the end of February. A decryptor was created and distributed online. Letting victims re-obtain their files without having to deal with the ransom.

Within one week (March), Gancrab v2 was released in the digital world. Tougher than it’s sibling before. Evolved from ransoming Crypto to attaching itself to personal Email.

Gancrab v3 got personal and changed it’s victim’s desktop wallpaper to a ransom note:

“We are sorry, but your files have been encrypted!

 Don’t Worry, we can help you to return all your files!

Files Decryptor’s Price Is $900 USD

 If Payment isn’t made until (date) the cost of decrypting files will be doubled”

Scary hu? What a way to put pressure on the victim!

Last but not least, Gancrab v4 was created soon after, and unfortunately armed with an abundance of updates, including a brand-new encryption algorithm. Using a microscopic algorithm (TEA) to be undetected, unless you REALLY look or have a program looking out for it specifically, Gancrab v4 is a vicious little bug.

Furthermore all encryptions have .KRAB instead of CRAB. They changed the way the ransomware attack its victims. Now spreading through fake software crack sites, once a user downloads and run a fake “stuffing” crack, the ransomware is then attached to the computer like a leech!

When you finally run this file, your computer is in Gancrab’s clutches.

Steps Gancrab v4 Goes For The Kill:

  •  Using fast (TEA) encryption algorithm to avoid detection, it creates itself a plain file.
  • Once the decryption is complete, Gancrab v4 wastes no time and drop a nasty virus.
  • Checks the list of the following processes obtaining CreateToolhelp32Snapshot API and terminate running programs.
  • Stops any antivirus programs from running.
  • Starts to encrypt victim’s files then delivers a ransom note on the user’s desktop.

How to prevent Gancrab Ransomware:

Computer Support

2) Trojan Glupteba

Not as severe as Gancrab, but this bug is one of the most annoying ones. There are so many variants of Trojan Glupteba, there’s too many to count. We’ll be here all day if we do. So many functionalities this bug entails, its insane.

How can Trojan Glupteba infect your computer? EASY, this bad boy can sneak into your computer data with ease using a file dropped by other malware. It gets away with it too, by pretending to be an authentic software.

Communicating with the user’s IP address, Glupteba gets to know the user pretty well. (whether the user likes it or not). It diverts the traffic towards unknown domains.

If You Have This Happening To You, Contact a Managed IT Service Immediately: Professional Virus Removal

It’s suspicious when you try to visit Facebook but somehow you end up in ostdownload.xyz or sportpics.xyzkinosport.top instead.

How To Prevent Trojan Glupteba:

  • Enable Web and Email filters
  • Browse Safely
  • Regularly Update Your Antivirus Program (Hire an IT professional for a Virus Removal Service)

3) Kuik Adware

Kuik is a simple yet annoying piece of Adware. Some of the worst bugs we’re facing this year. This pesky guy takes the form of a malware & adware. It pretends to be the actual Adobe Flash Player “update”.

Of course when someone notice their Flash Player needing an update, some people don’t think twice and fall victim to Kuik Adware’s clutches.

This obnoxious adware is equip with legimite flash player modules, .exe file named ‘upp.exe’. Once in your computer’s system, it communicates with all established network interface and adds a DNS: 18.219.162.248

Of course, like all the others, starts to collect the user’s data. Then forwards it to it’s hosting domain, kuikdelivery.com.

As soon as the domain reaches the server, it’s game over. It then activates malicious tasks on the system (including Chrome Extension) from unknown sources, crypto miners, etc. etc.

How To Prevent Kuik Adware:

  • Regularly Backup Important Data & Files
  • Update Your Antivirus & Spyware Programs
  • Block Any Spam Email with File Types: exe / pif / url / vb/ vbe/ com/ reg / cer / pst / cmd / bat / dll / dat / hta / js / wsf

4) Magniber Ransomware

Magniber is another vicious ransomware coming your way! Well… mostly in Asia, however, stay on your toes with this one! To be unlucky as to fall victim to Magniber is bad news. Don’t think less about this bug only cause it’s mostly affecting people in Asia, it’s slowly making its way over and the numbers are skyrocketing.

This unique Ransomware is spread through malvertisements.

What’s a Malvertisement? Infected web pages that redirects the user to a Magnitude Exploit kit website. Fun fact, it’s the eldest of most malicious browser toolkits that’s surprisingly still in use today to distribute ransomware. Go figure.

As soon as Magniber Ransomware James Bond’s it’s way into the user’s system, it immediately starts encrypting data. It uses a unique key to crack into your system obtaining what it needs to add further damage.

Once encrypted, it adds .dyaaghemy extension to all the files encrypted.

Towards the bottom on the files, you’ll find a file labeled, “Read Me”. There you’ll find the terrifying ransom note unique to each victim:

“Your documents, photos, database, and other important files have been encrypted!

Warning: Any attempts to restore your files with the 3rd party software will be fatal to your files. WARNING

To decrypt your software you need to buy the special software – “My Decryptor”

All transactions should be performed via Bitcoin network.

Within 5 days you can purchase this product at a special price: BTC 0.35

After 5 days the price of this product will increase up to BTC 0.700”

Creepy right?

The encrypted files are bugged with a unique key. Surprisingly, no patterns visible at first glance. This ransomware is scary as is, however it continues to grow and expand. It’s a major issue in Asia, but, it’s making its way to the US. It’s best to stay on your toes!

If you’re a business experiencing activity like this contact a professional immediately. A Business It Support is something your business need to stay safe as well as stay protected from future danger your computer might undergo.

How To Prevent Magniber Ransomware:

Regularly storing files in a cloud backup is ideal and the perfect backup plan for worse case scenarios. If you have valuable information that needs to be protected by all means, hire a professional managed IT service.

If you’re a business owner, it’s worth while to look into a Server Management service.

5) Thanatos Ransomware

Newer than its counterpart Gancrab, this guy is making its way through the tech world with ease. Remember the ILOVEYOU computer virus some time ago? Very similar.

Some of the most difficult ransomware to decrypt in 2018. It creates a randomly generated key every time for encryption. Which makes this malware hard to catch, and recover.

Soon after, it drops a payload (a.k.a. The all famous ransom note) in the user’s system in the form of the hacker’s favorite: .exe file or .txt file

Which is then set for auto run and opens every time the system is restarted. Thanatos Ransomware will start adding “.thanatos” extensions to infect your files. Soon enough, the user will receive a ransom note on it’s system.

How To Prevent Thanatos Ransomware:

  • Disable macros & Activex when using MS Office products
  • Backup your files & data regularly
  • Update your operating systems & applications

Whether it’s a business computer or a personal computer, running into malicious malware, ransomware or computer virus isn’t on anyone’s to-do list.

When you’ve done all you can, updating your pc’s operating system, updated your current antivirus program, avoid anything suspicious and somehow still fell victim, don’t be ashamed! This could happen to anyone. These malware are designed to trick even the most careful of users.

You won’t be the first victim, nor be the last! Hiring professional Managed IT Service might be something you need this October. It’s towards the end of the year, which is every hacker’s favorite season, right around the holidays.

Keep your PC and business computer safe from malware / ransomware with an antivirus and malware protection plan.

A Virus Removal service will be taken care of by a professional who seen this issue before and will know what to do right away to help save your computer from current / potential danger it might undergo.

IRS Reports Surge in Email, Phishing and Malware Schemes

The IRS has issued several alerts about the fraudulent use of the IRS name or logo by scammers trying to gain access to consumers’ financial information in order to steal their identity and assets. Scammers use the regular mail, telephone, fax or email to set up their victims. When identity theft takes place over the web (email), it is called phishing.

The IRS saw an approximate 400 percent surge in phishing and malware incidents in the 2016 tax season.

Scam emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. These phishing schemes can ask taxpayers about a wide range of topics. Emails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information.

Variations of these scams can be seen via text messages, and the communications are being reported in every section of the country. The IRS is aware of email phishing scams that appear to be from the IRS and include a link to a bogus web site intended to mirror the official IRS web site. These emails contain the direction “you are to update your IRS e-file immediately.” The emails mention USA.gov and IRSgov (without a dot between “IRS” and “gov”), though notably, not IRS.gov (with a dot). These emails are not from the IRS.

The sites ask for Social Security numbers and other personal information, which could be used to help file false tax returns. The sites also may carry malware, which can infect people’s computers and allow criminals to access your files or track your keystrokes to gain information.

For more details, see:

The IRS does not initiate taxpayer communications through email. Unsolicited email claiming to be from the IRS, or from an IRS-related component such as EFTPS, should be reported to the IRS at phishing@irs.gov.

For more information, visit the IRS’s Report Phishing web page.

It’s the season of giving but scammers are taking

The holiday season is one of the busiest times of year for scammers and many Americans are putting themselves at risk. Don’t be one of them.

Here are 10 tips on how to protect yourself from holiday scams:

holiday-security-tipsCheck the charity: Before donating to a charity, make sure it is registered with the Secretary of State and ask how much of the money goes to the charitable fundraiser and how much goes to the charitable purpose.

Travel Safely: Millions hit the road, rail and sky during this holiday season. But with the cost of travel on the rise, especially airfares, passengers are easy prey for a host of scams.  Some seem legitimate. But there are some warning signs. For example, you want to travel to Europe or the Bahamas and a travel site offers you a hotel or apartment rental at a great price in a city you want to go to. It seems perfect, except you can’t pay with a credit card. They want cash, a bank or wire transfer. DON’T do it. It’s a scam.  Also, during the holidays, you can often be targeted using familiar e-mail addresses of your friends. You may receive an e-mail purporting to be from friends saying they were traveling and had their wallet stolen and that they’re in a hotel, unable to pay their bill. This is a travel scam that uses details taken from social networking sites (such as Facebook) to send phony distress e-mails to family and friends. And of course, these e-mails ask that money be wired or transferred.

Gift Card Fraud: Only purchase gift cards from reputable sources and try to get them directly from the store they’re from.  Ask the store cashier to scan the card to ensure it has the correct balance and provide a receipt before leaving.  Look at the back of the card to ensure the area with the protective scratch-off is intact.

Surf safely: Do not use public Wi-Fi to check sensitive financial information, or to make purchases using your credit card.

Package Theft: Require a signature on all package deliveries. You can also write specific instructions for the delivery company on where to leave your package, and don’t forget you can always have your package delivered to you at work.

Use credit: Use a credit card instead of your debit card when making holiday purchases.

Fake checks and free gift offers:  Websites may offer free gifts if you “click here,” and letters in the mail could ask for personal information in exchange for a $500 check.  Believe us, people you don’t know don’t want to give you free money. Remember the adage that there ain’t nothing in life for free. Similarly, the emails and shared status updates on social media saying “click here for your free gift” are likely phishing schemes or malware-laden, and letters asking for an advance payment to receive your free check for thousands of dollars are bogus.

skullBeware Suspicious Emails: Pay special attention to emails you receive from sources such as your bank, retailers and shipping companies such as FedEx or UPS. Scammers use the names of reputable companies to try and get you to open attachments containing malicious software or enter logon credentials to your accounts.  Never click links from emails or open the attachment in an email, especially if you’re not expecting a message from the source.  Instead, close the message and visit the site by manually opening it in your browser.  Call the source directly if you are suspicious or believe the message to be false.

Beware of deals: Watch out for deals offered by companies with unfamiliar websites. Look for reviews on Yelp, Google and the Better Business Bureau or search the retailer’s name and “scam” to see if it checks out before giving your payment information.

Secure your systems: Take added precautions with your security.  Make sure your antivirus and malware software’s are up to date and functioning. Ensure your windows and java security patches are applied and your firewall is configured correctly.  Backup your data!  These steps along with some simple common sense can help mitigate your exposure while online.

If you need assistance securing your systems or help cleaning up from a suspected scam contact us.

(561) 404-9251 | TMDTechnology.com

Tech Support Scams

In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.

These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money.