Malware Attacks Are Costly And Disruptive-Stay Protected!

There are several new malware threats that have made their way into the public already this year. We will continue to see malware in 2017 that has never been seen before and more sophisticated file-less malware (RAM malware). Coders of these malicious programs continue to become more creative and skilled at their trade. 2017 malware will also be the year of MAC infections and public awareness that they are just as vulnerable as a PC’s. We have all heardmalware threat “MACs don’t get viruses” which is not true and never was. MACs are being hit by 3 major infections already this year and more are on the horizon.

Your first line of defense is to be aware that something you do on a day to day basis appears wrong or not the same. Antivirus programs can only protect to a point. Even security appliances like FortiGate don’t offer 100% protection. Users also need to be educated on best practices and prevention.

Here are some helpful tips to keep yourself malware free and safe from information theft.

  • To close pop up windows: Click the “X” in the top right hand corner of internet browsers to close it, instead of clicking “cancel” or “no” in a pop-up window.
  • Keep your operating system updates current.
  • Stay away from free Anti-Virus programs; they no longer cut it. Invest in a quality Antivirus platform like these mentioned inmalware subscription TechRadar
  • Keep Anti-Virus updates current, and subscriptions renewed. Expired subscriptions = no current updates.
  • Delete emails: from people you don’t know, with file attachments that you are not expecting, containing unexpected e-cards, that mention money related/banking/winner scams and poorly written in broken English.
  • Create strong passwords containing at least 8 characters, upper and lower case, special characters, and numbers. Don’t use common dictionary words. Strong passwords are needed for all internet accounts and processes as well as your machine. Try this password generator by Norton Identity Safe
  • Be extemely cautious when using default settings to download freeware which are often loaded with “junkware” bundles.

Listed below are a few of the major malware threats floating around right now. Always be on alert for anything out of the ordinary.

MAC Based:

  • MacDownloader – Fake update to Adobe Flash player, steal passwords from the macOS keychain.
  • Backdoor– Two simplistic files on the surface, that launch another simple .client file that runs at all times. The .client file then transforms into a Perl script and launches. This Perl script has the ability to morph into several processes, all which steal data, infect other machines, and cause mayhem.malware attack
  • Freeze – Users are tricked into visiting a phony website, typically from a bogus email, that loads malicious code onto the machine. It then executes actions, depending on the OS version. One action infects the email client and its resources causing a complete lockup of the machine. The other action infects iTunes and continues to open multiple instances until the machine locks up. Both cripple the memory available and cause an overload to the RAM. The RAM cannot recover from this type of attack.

Windows Based:

  • Chrome Malware– Chrome users are lured into downloading malware disguised as a fix for corrupted fonts. A JavaScript malware examplewaits for Chrome to open again and breaks poorly written website fonts and informs users they need to download a “font” to correct the viewing of the website. The “font” in this case is a click-fraud adware, which loads hidden ads and clicks them automatically. It puts money in the pockets of those responsible for the malware.
  • RAM Malware (File-less) – Hosted on poorly controlled country code top-level domains. The trick of using such domains is that they are free and are missing WHOIS domain information after domain expiration. It’s a hacker’s goldmine for every type of banking fraud.
  • Popular Sites Mimic – Once infected, this malware waits until the user visits an established shopping or financial services website. When making a purchase or logging in, the virus activates by redirecting the user off the legitimate site to a fake authorization form that looks like it is coming from your trusted vendor. It’s intelligent enough to grab the last 4 digits of your credit card/account. It requires you to re-enter your credit card/account information, including CVV and expiration dates. It’s important to know that your vendors are not compromised. The virus cannot detect the information already inside your account. It can see public information, the last 4 digits of your credit card, and use that data to trick you into thinking the authorization is legitimate. When you are directed to the authorization site, it is not your vendor’s site. When you type in the authorization information, the malware uses keylogger tools to capture your financial data.

In ConclusionMalware Protection

  • Stay alert to unusual appearance and behaviors.
  • Avoid malware infection by subscribing to trusted Anti-Virus programs and regularly installing updates.
  • Protect your data and devices with strong passwords.
  • Be aware of trending Malware threats
  • And lastly, if your machine has been the victim of an attack, check out this article for some ideas on recovery and this information specific to Mac protection.