New Updates To This Malware Made It More Dangerous

If you haven't yet heard of a malware strain called 'Predator the Thief', it's something that belongs on your radar.

It first emerged as a threat in July of 2018, when it was used in conjunction with an extensive phishing campaign.

In its original incarnation, it proved more than capable of stealing passwords, browser data, user names and the contents of cryptocurrency wallets. In addition, it was able to access the infected victim's webcam and take pictures with it, sending everything to a command and control server.

Unfortunately, the group behind the malware has been busy updating it. It's recently been spotted in the wild with a new set of enhanced capabilities that make it more difficult for antivirus programs to detect its presence.

In addition to that, the hackers have upped their game on the phishing campaign front. This included adding new documents to use as lures to hook the victim into inadvertently installing the malicious code.

The new and improved version of the malware was discovered by Fortiguard Labs, and apparently version 3.3.4 was released on Christmas Eve, 2019.

Although there's no clear indication as to who is behind the code, a forensic analysis reveals it to be Russian in origin. Fortiguard's researchers reached this conclusion based on the fact that the malware is specifically designed not to operate in Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine or Uzbekistan. Those are countries that Russian hackers tend not to target as a rule.

In terms of minimizing the threat that Predator the Thief poses, Fortiguard's researchers recommend ensuring that macros are disabled by default and that all software (including OS software) is fully patched and up to date. These are, of course, sensible precautions to take when protecting against any threat, so it makes for good advice in general. Stay on your guard. It's dangerous out there.

Call SpartanTec, Inc. in Wilmington if you need the expertise of IT professionals in making sure that your network is protected against malware and other possible online threats. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Cybersecurity Trends In 2020

Corporate and personal privacy keep on eroding because data breaches and cyberattacks increasingly common. During the first half of 2019, over 4.1 billion data records have been exposed in reported data breaches. The average cost of these data breaches for companies that have been affected is almost $4 million per business.

Becoming alert as the society becomes increasingly dependent on technology is the cybersecurity industry, worth $120 billion and is expected to grow to a massive $300 billion once 2024 comes. With the ages of IoT and AI are coming, you will benefit from having a home or vehicle that is connected to the internet, or every day schedule to organize and automate your lives further. However, you need to ask yourself: are there possible hidden costs of increased internet connectivity? With hackers breaching devices and networks every 39 seconds, it is crucial for firms to have necessary security measures if they want to survive and thrive as a formidable business. Now that 2019 has ended, here are five of the top security trends you need to watch out for in the new year, 2020.

Cloud-Based Security Expansion

While the world is continuing to move most of tech infrastructure into the cloud, you will see security platforms that are cloud based and security services will also follow. Over the past twenty years, cloud computing has evolved significantly and it is now commonly utilized to support important operations of various businesses. From Dropbox and other data storage services that are cloud based, to all in one CRM clouds like Salesforce, businesses and consumers have become increasingly dependent on storing essential data in these clouds.

Data Encryption Advancements

Over the past years, cyberattacks have become much more sophisticated. Plus, an increasing number of advancements in data encryption have followed. The rise in encryption advancements will help you stay ahead of current security threats including distributed ledger technologies, zero-knowledge proof, ring signature, and privacy technology. If these techs are used in combination with any of the others, not only partial or full data anonymization will be achieved but identity and data verification will also be automated.

Cyber Insurance

The world faces countless cyber threats and that is why cyber insurance has become a need for not only large firms but small to medium enterprises, too. About $11.5 million is the estimated aggregate global loss linked to cyber extortion and hacks. At the moment, the size of the market for cyber insurance is at $2.4 billion in premiums and it is expected to grow twice in size or even triple this year. However, some growth may be limited due to the restrictive conditions and high cost of coverage on insurance policies.

Passwordless Authentication

Password protection and privacy will be a major problem that will plague consumers and business today because of the rise of AOL. However, just recently, there’s another method of authentication that sought to replace passwords. The password authentication tools may include hardware tokens or one time password generators, knowledge based authentication, and biometric authentication.

About 90% of mid size firms are expected to go with passwordless authentication in over 50% of their use cases by 2022. GETID and other similar companies will help other firms process AML and KYC checks for their clients using a compliant and secure biometric product. One of the biggest point of attack for hacking is password and that is why it is obvious for many businesses to prioritize identification through other means.

Cybersecurity Talent

Back in 2017, the World Economic Forum said there was as shortage of people who are trained in cybersecurity and it has not stopped increasing ever since. Unfilled cybersecurity jobs will continue to rise up to 3.5 million globally by 2021, which will be an increase of 350% from 2014. In the United States alone, there are 1 million people working on cybersecurity but there are around 500,000 positions that are still left unfilled. Since the list of security certifications and security training firms are still growing, finding work in this sector is almost certain if you are qualified.

Call SpartanTec, Inc. in Wilmington now and let our team set up the most effective strategies to improve and bolster your cybersecurity in 2020.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

New Ransomware Threatens To Release Stolen Data To Public

The leaders of the ransomware known as Sodinokibi (REvil Ransomware) have announced a nasty new tactic to get their victims to pay up when their files get encrypted.

The hackers are now threatening that they'll begin releasing stolen data to the general public or to competitors unless the ransom is paid.

While hackers have made this threat in the past, this year was the first time in history that anyone has followed through with it. At the end of November of this year, when Allied Universal was successfully attacked, they were given the ultimatum to pay up or see their files released. The company didn't pay, and the hackers promptly released more than 700MB of data on a hacking forum on the Dark Web.

Given this new reality, it raises some thorny questions. Should IT professionals begin treating ransomware attacks as data breaches? Possibly so, but doing so complicates matters. Right now, ransomware attacks are treated as a purely internal problem. Customers and vendors aren't necessarily contacted and formal disclosures don't have to be made as to the scope and scale of the data impacted.

If hackers start regularly releasing the files they encrypt, it puts a lot of information at risk. Information that includes sensitive data, personal information, salary information, termination letters, details on relationships with third parties, trade secrets, and a host of other sensitive, proprietary data. It is all at risk of public exposure. It will not only increase public concern but could easily lead to lawsuits. That is especially if the company falling victim to a ransomware attack fails to report it as a breach and the data is subsequently leaked.

It's too soon to say whether or not this is or will become the new normal, but before it happens to you, it bears thinking about how your company will handle the issue.

Don't put your client's information and your business data at risk. Call SpartanTec, Inc. in Wilmington now.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

New Malware Can Spy On You In Scary Ways

There's a new strain of malware in the wild. It is targeting Android devices and disguised as an innocuous chat app.

Researchers at Trend Micro have discovered it in two different apps so far:  Chatrious and the Apex App.  Chatrious has since vanished from Google's Play Store, but at the time this piece was written, the Apex App is still available for download.

If you have either of these, you should delete them immediately.

In both strains unearthed so far, when a user downloads the app and launches it, the program will quietly connect to a command and control server. It will then begin rooting around in the device the app is installed on, collecting contact lists, text messages, call logs and any files stored locally on the device.

In addition to that, the malware can activate the device's microphone to create audio recordings to be sent to the command and control server, and it is capable of taking screenshots of anything displayed on the device.

The app has only been found on the Play Store at this point. However, an analysis of the code reveals that the person or group behind it has already built in hooks that would make it capable of attacking iOS and Windows-based machines. The researchers fear that this malware is in an early stage of development.  What they found in the code points to this being the leading edge of a much larger and more widespread attack.

In addition to its being a potentially devastating piece of malware, the researchers indicated that this code would be perfect for conducting highly advanced cyberespionage campaigns. That is, given that high ranking corporate and government employees have such a wealth of information on their phones and almost always keep them close at hand.  The ability to make recordings of things going on in the immediate vicinity of the infected device could lead to no end of trouble.

In any case, if you have either of the apps mentioned above installed on your phone, delete them immediately.  Trend Micro has promised further updates about this latest malware threat as they get them.

Amp up your cybersecurity measures with the help of SpartanTec, Inc. in Wilmington. Call us now and let our team develop the most suitable IT security strategy for your company.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Cyber Security - Be Careful As You Travel This Week

Public Chargers Can Expose Your Device To Hacking And Malware

On paper, it seems like a lovely idea to use a public charger.

Airports, hotels, and other high traffic areas have begun to increasingly offer public USB power charging stations to give people a convenient means of recharging their favorite devices.

Unfortunately, things are not working out quite according to plan.

Naturally, hackers around the world have taken note, and regard such easily accessed terminals as juicy targets and low hanging fruit.  According to a security alert published by the Los Angeles District Attorney's office, many of these stations have been compromised, and using them could expose you to malware.  This type of attack even has its own name:  Juice Jacking.

In recent years, several proofs-of-concept have been created that demonstrate how these charging stations can be taken over by hackers and used to distribute malware to anyone foolish enough to plug into them.  Of these, the worst of the lot was proudly displayed at the 2013 Black Hat security conference. In that case, it was a malicious charger that could deploy malware on any iOS device.
Just a handful of years later, in 2016, Samy Kamkar raised the bar with an Arduino-based device he dubbed "KeySweeper." By all outward appearances, it was just a USB wall charger. However, it wirelessly and passively sniffed, decrypted, logged, and reported back all keystrokes from any Microsoft wireless keyboard in its vicinity.

While these two were the most prominent examples of the kinds of havoc hackers can cause on this front, there are many others.  To try and get a handle on the problem, the LA District Attorney's Office issued a security bulletin that recommended the following tips to all travelers:

• Use AC power outlets only, not USB charging stations
• Take AC and car chargers with you when traveling because you know and trust them
• Consider buying a portable charger for emergency use

Good advice.  If you're a frequent traveler, these tips are well worth incorporating into your travel preparation plans.

SpartanTec, Inc. wishes all of our readers a happy and safe travel weekend. Share this post on social media with you friends so all of us can keep our data safe and private.

We provide Dark Web Monitoring report which we can run for your company during the holidays. Complete the form on this page https://www.spartantec.com/darkweb for the free service.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Racoon Stealer Malware Is New One To Watch For

There is a new form of malware that you and your staff need to be aware of. That's because it's gaining in popularity among cyber criminals around the world.  Known as 'Racoon Stealer,' it is noteworthy not for its complexity but rather, for its extreme ease of use.  Worse, the malware's designers have been marketing it aggressively both inside and out of the Dark Web, which is driving rampant adoption rates.

Racoon Stealer was first spotted in the wild in April of 2019.  It's a Trojan virus that's relatively simple in its construction, but quite adept at collecting password information and sending it back to whomever launched it.

The Senior Director of Threat Hunting at Cybereason, Assaf Dahan, had this to say about the emerging threat:

"Raccoon, like other information stealers, poses significant risks to individuals and organizations alike.  Any malware that is designed to steal passwords and personal information from browsers and mail clients could potentially inflict great damage to its victims.

The stolen data is being sold to the highest bidder in the underground community and can be used in many ways--from identity theft, financial theft or even as an entry vector to penetrate an organization and in order to carry out a larger attack."

In addition to the general hype created by the marketing campaign, the group behind Raccoon provides its criminal user base with more tools. These include an easy-to-use backend, hosting, and dedicated 'round the clock support, all for $200 a month.  The data that this little piece of code can obtain can easily generate high amounts of income for the hacker. That makes it a fantastic investment for the criminal underground, which explains the malware's explosive growth and spread.

In any case, be sure your IT staff is aware, and be on your guard.  It looks like Raccoon is here to stay.

Keep your passwords, personal and company information secure from all kinds of online threats. Call SpartanTec, Inc. in Wilmington and let our team help set up the most effective strategy to improve your cybersecurity. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Discord Users Be Careful Of Malware And Information Theft

Do you use the Discord chat service?

If so, be advised that malware developers have been using the service to not only host various types of malware, but also to use it as a command and control server.

In addition, they are abusing the chat client to force it to perform a variety of malicious behavior.
Unfortunately, this is not a new problem.  Anyone familiar with the chat service knows that it has a long history of being abused.  Although designed primarily as a chat service, Discord also allows its members to use a chat channel where other users can download them.

Users can even right click on a hosted file to get a sharable download link. This is, in practice, one of the ways that hackers are abusing the system.  Of significance, these sharable links work even for non-Discord users, which gives malicious actors a convenient place to stash harmful files to be spread far and wide via email campaigns.

Even more interesting is the fact that the uploader can delete the file inside Discord itself, but the URL can still be used to download it.  This means that although the chat service gives the outward appearance of deleting the file, it still exists on the server. That gives malware developers an incredibly convenient, completely anonymous method of hosting their files.

In addition to that, Discord contains a feature called 'Webhooks' that allow third-party applications or websites to send messages to a Discord channel.  When a user creases a Webhook, the server owner will be given a special URL that is used with the Discord API to send messages to a specified channel.  In this case though, if a user has been previously infected by a hacker's malware, this service can be used to exfil collected data directly to the attacker.

All this to say, if you use Discord, beware.  To say that the chat service has problems is an
understatement.

Call SpartanTec, Inc. in Wilmington and let our team set up layers of protection for your computers and networks. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/