Posts tagged: security risk

Ransomware (malware) on Cell Phones

 

ransomeWe thought that our cell phones were safe from ransomware, like CryptoLocker, which has been infecting hundreds of thousands of computers in the U.S.  Not so!  A recent article in CNet Daily News reports that there are as many as 5,000 attacks per day.  A mobile threat report from Mobile Lookout Security, which makes security software for smartphones, found 4 million of Lookout’s 60 million users were held hostage last year.  In 2014 they report a 75% increase in mobile threats in the U.S.  You can read about the most prevalent malware at the end of the post, below.

The article tells the story of  a 12-year-old girl from Tennessee who tapped a link on her smartphone to watch a new music video.  Instead of a video, she had unwittingly installed malicious software that downloaded child pornography, locked her Android phone, and threatened to report the pornography to the FBI if she didn’t fork over $500 in ransom.

What should you do to protect yourself?

1)  Never download applications from outside the official Google Play store or Apple App Store.  Be careful clicking on links when online.  “Free” could wind up being very expensive.  Keep that in mind when on social media sites.

2)  Install an application that will block ransomware.  Avast (free for mobile) and Mobile Lookout Security are two big players.  Note item #1 above before downloading software which will allegedly protect you, from an unknown source.

3)  Never pay the ransom, and always report the crime to police.  There is no track record to show that paying ransom will lead to removal of the malware and release of your mobile device. In most cases, you are only providing incentive for thieves to continue to create new and more sophisticated software.

It’s an even more dangerous computing world out there than it was just a year ago.  Be extra careful out there!!

The most prevalent ransomware threats in 2014, according to Mobile Lookout Security:

  1. NotCompatible| Malware

​NotCompatible is a trojan that surreptitiously acts as a network proxy.  It allows attackers to send and receive traffic through a victim’s mobile device onto connected networks for fraudulent purposes.

  1. Koler| Malware

Koler is a trojan disguised as a media app.  It locks a victim’s device, after falsely reporting the discovery of illegal activity.  Koler attempts to coerce victims into paying them to avoid criminal charges and regain control of their device.  The CNet article advises that police can tell that you are not the “guilty party” so don’t be afraid to report.

  1. ScareMeNot| Malware

ScareMeNot is a trojan that pretends to scan victims’ phones for security issues.  It then locks their device, after falsely reporting that its scan found illicit content. It attempts to coerce victims into paying them to avoid criminal charges and regain control of their device.  Again, report this to police.

  1. ColdBrother| Malware

ColdBrother is a trojan that pretends to scan victims’ phones for security issues, but then locks their device after falsely reporting that its scan found illicit content. It can also take a front-facing camera photo and attempts to coerce victims into paying them to avoid criminal charges and regain control of their device.

  1. ScarePakage| Malware

ScarePakage is a trojan that pretends to scan victims’ phones for security issues and then locks their device after falsely reporting that its scan found illicit content. ScarePakage attempts to coerce victims into paying them to avoid criminal charges and regain control of their device.

Notice that each of these Trojans are very similar.  It’s rumored that there is one very talented programmer who is being well paid by various criminal organizations to keep creating variations of the malware, in order to stay ahead of detection software.  Notice that each are “socially engineered” to make you want to run the software voluntarily.  So even if you don’t click on a malicious link out of ignorance, you can still fall victim.

Computer Security Issues – Windows XP, Adobe Flash, Internet Explorer

When Homeland Security issues a warning about new risks of using your computer, you should stop and pay attention.  When mighty Microsoft tells you to temporarily stop using one of their programs due to a security issue, you should stop and pay attention once you’ve recovered from fainting.

Yes folks, our computing environment has just gotten a whole lot riskier, especially when exploring the internet.

First, let me advise you that the issues have not yet been resolved, despite reports issued based on misinformation and misunderstanding.  That’s because we’re dealing with multiple issues, on multiple software platforms.

The issue dealing with Adobe Flash Player was resolved (hopefully) by a security update from Adobe on Monday, April 28.  That problem involved a Flash bug that was attacking computer visitors of a Syrian government web site.  Although that bug was significant, it is not at all related to the major boo-boo in Internet Explorer.  And it’s doubtful it would have impacted too many of you in the legal environment.

The “big” Microsoft bug, which Microsoft is currently scrambling to address with a patch, affects versions 6 to 11 of Internet Explorer.  It potentially gives data thieves the same access to a network computer as a legitimate user.  Microsoft has acknowledged that there have been “limited, targeted attacks that attempt to exploit a vulnerability.”  Excuse me?  It can’t be so limited if Homeland Security is involved, along with every major media outlet.

The security flaw in Internet Explorer comes into play if you click on a bad link.  Not the type which gives you an innocent “404, Not Found” but rather the kind which takes you to a fake web site, where malicious code can be injected into your computer.  Some of these sites are so realistically designed, you have no clue they’re fake and “bad”.

This is the first major security flaw discovered since Windows XP support was discontinued.  That means that when the security patch is issued, both Internet Explorer and Windows 8.0+ will be updated.  Windows XP will remain vulnerable.

What should you do?

  1. Stop using Internet Explorer for now.  Use one of the competitors like Google Chrome or Firefox.
  2. Don’t click on links found on web sites which go outside that site.  Rather, use your “favorites” to get to the other site, or look up the other site and go there directly.  It’s estimated that as much as 40% of legitimate web sites may unknowingly have malicious code on their site.  One example would be replacing a legitimate link with one which misdirects you to a “bad” web site.
  3. Make sure you’re installing all security updates which arrive at your computer.
  4. Be sure your anti-virus and anti-spyware software is kept up to date, and is running continuously in the background.
  5. Make sure your firewall is up to date.
  6. If you’re still using Windows XP, make a permanent change to your internet browser choice.  Also, whichever browser you choose, you may want to have your security software checking each site before it actually allows you to land on it.  It will slow your travels, but keep you much safer.

Keep in mind that you will have to get off of Windows XP in short order.  Hey, I don’t like it one bit either!  But keep in mind that law firms must take due diligence in safeguarding client confidentiality.  Knowingly using software which will never receive additional security updates is much like putting your most confidential client documents in a trash bag, and throwing it off the Empire State Building.  It’s not a question as to whether those papers will be scattered on impact, but rather how far they’ll be scattered!

WordPress Themes