Nokia Security Report for 2017

Are you concerned about malware (malevolent software), such as viruses, keyloggers, and trojan horse programs? If so, you might want to read a new report from Nokia.

The Nokia Threat Intelligence Report examines malware infections found in mobile and fixed networks worldwide. It provides analysis of data gathered from more than 100 million devices by the Nokia NetGuard Endpoint Security solution. The new report details key security incidents and trends from the first three quarters of 2017. Amongst the findings:

  • Devices using the Android operating system were the most likely to be infected this year, according to Nokia research.
  • Android was the #1 target for Malware, about 1% of all Android devices will be infected, an increase from 2016. This means 0.94% of all Android devices were infected, slightly above Google’s 2016 Q4 estimate of 0.71%.
  • Out of all infected devices, 68.50% were Androids, 27.96% ran on Windows, and 3.54% used iOS.

Continue reading

Mac OSX Trojan Malware Spread Via Compromised Software Downloads

Macintosh owners used to feel smug that “Macs never get viruses.” Then a few viruses appeared but did not spread the way Windows viruses normally spread so Mac owners still were able to say, “Macs rarely get viruses.” However, any Mac owner who isn’t careful bout files being downloaded my find himself or herself on the receiving end of a virus.

Details may be found in an article by Danny Palmer in the ZDNet web site at:

Luckily, these new viruses are easy to avoid by using a bit of common sense. Mac owners can still rest assured by saying, “Macs rarely get viruses as long as you don’t download files from questionable sources.”

Necurs Ransomware-Spreading Botnet Will Now Screengrab Your Desktop Too

The Necurs botnet has recently undergone a resurgence, distributing millions of malicious emails – large swathes of which have most recently been spreading Locky ransomware. It’s also been known to deliver the Trickbot banking trojan, indicating the attackers behind it have their fingers in many pies. But not happy with just that, wow those behind Necurs – a zombie army of over five million hacked devices – are also attaching a downloader with the functionality to gather telemetery from infected victims.

Uncovered by researchers at Symantec, the Necurs downloader can take screengrabs of infected machines and send them back to a remote server. It also contains an error-reporting feature which sends information back to the attackers on any issues the downloader encounters when performing its activities.

Continue reading

Alabama County Succumbs to Bitcoin Ransomware Demands

A lack of preparedness cost one county in Alabama $37,000. Ransomware attacks are easily neutralized if a data center’s staff is properly prepared in advance.

One of the largest counties in Alabama was the victim this time, and the security breach and subsequent encrypting of sensitive information cost the local government a not-inconsequential $37,000.

Hannah Hawk, a spokesperson for Montgomery County said that the attack “locked up” the county’s data using encryption methods. This prevented the necessary departments from accessing various pieces of sensitive information. Data ranged from vehicle tags to business and marriage licenses.

Continue reading

Petya Author Releases Master Decryption Key for All Versions of the Ransomware

From an article by Mark Wyciślik-Wilson in the BetaNews web site:

“The Petya ransomware — and several variants — wreaked havoc with data around the world, but now the author of the original malware has released the master decryption key.

“Janus Cybercrime Solutions has provided a key that work with all “official” variants of Petya (meaning NotPetya is not included). The key was released to — of all places — Mega, and its authenticity has been verified. While Petya has already been cracked, the key offers the fastest and most reliable decryption method yet.”

The brief, but full, article may be found at:

How to Prevent Ransomware from Stealing Your Files

Interesting reading:

The latest malware (malevolent software) is called Petya or Petrwrap. It appears to be a more vicious version of the earlier WannaCry problem that caused so much damage to Windows systems. Petya is expected to be worse.

Both are versions of “ransomware,” products that lock up your files and block you from accessing your own information until you pay a ransom. The thieves then promise to unlock the files and restore your access once you pay the ransom. Unfortunately, experience has shown the thieves often simply take the money and then disappear. The files typically never get unlocked.

Fortunately, there are several methods to restore your files without paying a ransom if, and only if, you are properly prepared in advance of the problem.

Continue reading