Why you need to know about the Poweliks threat

security

Most of us have suffered the horrors of a computer virus at some point, and we know the damage that can be caused by these security infections. Our work gets disrupted as IT systems go down and, if we’re really unlucky, sensitive and valuable data might be lost or even leaked. But there’s a silver lining to most viruses, worms and other such malware, in that they can at least be tracked down and removed. Well, not always – enter the invisible Poweliks, which even your most sophisticated anti-virus software might not be able to protect you against. So, what do you need to know and how can you protect yourself?

What is Poweliks?

Security firm Symantec describes Poweliks as a trojan horse that performs malicious activities on the compromised computer. But it’s no ordinary trojan – unlike the majority, which infect your computer with malicious files, Poweliks is a silent and invisible threat that hides away in the memory registry of your system. It’s not entirely new for a virus to seek to cover its tracks by making itself “file-less” but, in contrast with Poweliks, most are wiped when you restart your computer and its memory is cleared. Worse still, Poweliks hijacks the legitimate processes and applications running on your network, inserting its code into them where it can largely evade detection.

First discovered back in August 2014, Poweliks has therefore created something of a headache for firms behind conventional security solutions like anti-virus software. Symantec and others have admittedly managed a number of updates to their protection in response to the threat posed by Poweliks. But although very minor records of the presence of the trojan are left behind by way, for instance, of registry logs, the signs of its destructive presence are much lower key than the computer world is used to, meaning Poweliks is unlikely to show up on most system scans.

Poweliks has links to Kazakhstan, the home of two servers the malware connects to once it is up and running from within your computer. The servers in Kazakhstan then send commands to the bug to tell it what to do next. In theory, this then makes way for the tool to be used to download other undesirable programs that could infect your system without your knowledge. It could equally be used to steal and disseminate data from your network.

How can I best protect myself?

As well as the anti-virus updates that have gradually been released – but which are still likely to have only a limited impact on threats of this type compared with those of the past – a number of Poweliks removal guides are now available online. Nevertheless, prevention as ever, remains better than cure. One method reported to have been employed in the distribution of the Poweliks infection is embedding it in a Microsoft Word document, which is then sent as an attachment to spam emails, and which the attackers hope your curiosity will lead you to open. Among the senders that these spam messages have masqueraded as being from are the United States Postal Service and Canada Post. Of course the best advice remains to be suspicious of any and every email attachment you open, particularly if you weren’t expecting mail or it’s from someone you don’t know.

Should I be concerned?

In fact, revisiting your everyday security precautions is probably pretty good advice all round, since experts predict that this type of threat is likely to become ever more common as attackers seek to exploit the techniques of Poweliks in order for their infiltration to remain unnoticed for as long as possible. Sure enough, a number of copycat threats have already been detected by security specialists as of the start of 2015.

General awareness around web sites you choose to visit is also recommendable in particular, since others have also reported the bug making its way onto their systems thanks to so-called ‘drive-by download attacks’ – whereby simply visiting a malicious web site is enough to trigger the infection, and actively downloading a file isn’t even necessary. As a result, organizations may wish to consider more comprehensive filtering of internet access, or at the very least reactive blocking of known malicious sites, in order to prevent employees from inadvertently infecting a company network.

To find out more about IT security solutions and protecting your technology from attack, contact us today.

Published with permission from TechAdvisory.org. Source.

5 common virus myths dispelled

Security_April03_BIt can be argued what the most important invention of the last 100 years has been, but many would agree that the computer has to be among the top. These complex machines helped usher in the information age. Unfortunately, they come with a downside: Destructive malware such as viruses have become a major problem for businesses because viruses have been built up to such mythical proportions that many users simply don’t know fact from fiction.

Here are five common myths about viruses that confuse people, and the truths associated with them. Before we delve deeper it would be a good idea to explain what a virus is.

A virus is a computer program that infects a computer and can generally copy itself and infect other computers. Most viruses aim to cause havoc by either deleting important files or rendering a computer inoperable. Most viruses have to be installed by the user, and usually come hidden as programs, browser plugins, etc.

You may hear the term malware used interchangeably with virus. Malware is short for malicious software and is more of an umbrella term that covers any software that aims to cause harm. A virus is simply a type of malware.

Myth 1: Error messages = virus
A common thought many have when their computer shows an error message is that they must have a virus. In truth, bugs in the software, a faulty hard drive, memory or even issues with your virus scanner are more likely the cause. The same goes with if your computer crashes, it likely could be because of something other than a virus.

When you do see error messages, or your computer crashes while trying to run a program or open a file, you should scan for viruses, just to rule it out.

Myth 2: Computers can infect themselves
It’s not uncommon to have clients bring their computers to a techie exclaiming that a virus has magically appeared on the system all by itself. Despite what some may believe, viruses cannot infect computers by themselves. Users have to physically open an infected program, or visit a site that hosts the virus and download it.

To minimize the chance of being infected you should steer clear of any adult oriented sites – they are often loaded with viruses, torrent sites, etc. A good rule of thumb is: If the site has illegal or ‘adult’ content, it likely has viruses that can and will infect your system if visited, or files downloaded from there.

Myth 3: Only PCs can get viruses
If you read the news, you likely know that many of the big viruses and malware infect mostly systems running Windows. This has led users to believe that other systems like Apple’s OS X are virus free.

The truth of the matter is: All systems could be infected by a virus, it’s just that the vast majority of them are written to target Windows machines. This is because most computers run Windows. That being said, there is an increasing number of threats to OS X and Linux, as these systems are becoming more popular. If this trend keeps up, we will see an exponential rise in the number of viruses infecting these systems.

Myth 4: If I reinstall Windows and copy all my old files over, I’ll be ok
Some believe that if their system has been infected, they can simply copy their files onto a hard drive, or backup solution, reinstall Windows and then copy their files back and the virus will be gone.

To be honest, wiping your hard drive and reinstalling Windows will normally get rid of any viruses. However, if the virus is in the files you backed up, your computer will be infected when you move the files back and open them. The key here is that if your system is infected, you need to scan the files and remove the virus before you put them back onto your system.

Myth 5: Firewalls protect networks from viruses
Windows comes with a firewall built into the OS, and many users have been somewhat misled as to what it actually does, and that firewalls can protect from viruses. That’s actually a half truth. Firewalls are actually for network traffic, their main job is to keep networks and computers connected to the network secure; they don’t scan for viruses.

Where they could help is if a virus is sending data to a computer outside of your network. In theory, a firewall will pick up this traffic and alert you to it, or stop the flow of data outright. Some of the bigger viruses actually turn off the firewall, rendering your whole network open to malware attacks.

What can I do?
There are many things you can do to minimize the chances of infection. The most important is to install a virus scanner on all of your systems, keep it up to date and run it regularly. But a defensive strategy like this isn’t enough, you need to be proactive by:

  • Not installing programs from sources you don’t know or trust
  • Being weary of any program that asks you for your password
  • Not installing any browser add-ons or plugins suggested by websites. Instead, download them from the browser’s app store, or the developer’s website.

If you are worried about the security of your systems and network, call us today. Our team of security experts can work with you to provide a plan that will meet your needs.

Published with permission from TechAdvisory.org. Source.

Macs: Hardly Malware-proof

Security firms and experts are finding out that since people tend to be more complacent security-wise when using a Mac, they make for pretty ripe pickings for unscrupulous online scammers, fraudsters, and thieves. Macs are famous for a lot of things – some true, some false. For instance, many people believe that Macs are virus- and malware-proof – but unfortunately that’s not true. Just because many of the malware and viruses out there are targeted toward the Windows OS, Macs are not impervious to attack as well. And the operative word is “targeted”. Security firms and experts are learning that since people tend to be more complacent security-wise when using a Mac, they make for pretty ripe pickings for unscrupulous online scammers, fraudsters, and thieves. Not only are more security flaws being discovered on the Mac OS and programs, but also more viruses are being created that specifically target those vulnerabilities. Of course, the scale of the threat can be debated – but while it is true that more viruses and malware are designed for Windows, it’s also true that some of these viruses can be applicable to Macs as well, in addition to those specifically designed to attack the Mac OS platforms. If you aren’t convinced, then this video might just turn you into a believer: http://www.youtube.com/watch?v=RTeSYmQS820&feature=player_embedded . Here, a Mac anti-virus program catches a would-be Trojan. And that’s just one of the many hundreds of thousands of Mac viruses and malware out there. Is it sound business practice to take risks with your system security? Whether you use Windows or Mac, you need malware protection – because too often all it takes is a single incident to bring your whole system on its knees. Give us a call and we’ll be happy to discuss your options with you and offer a tailor-made security solution that is guaranteed to keep you safe, regardless of which OS you’re using.

Continue reading

Majority of Malware Attacks are Triggered by USB Enabled Drives

It looks like gone are the days when employees can safely transfer files using the ever reliable USB device. According to various reports, there is an increasing number of malware attacks targeting USB devices. Small businesses should be very wary of using USB drives, without considering security parameters to prevent these malware threats. A USB device is indeed a useful, economical way to transfer data. In fact, according to Gartner IT research and advisory company, there were roughly 222 million USB devices shipped in 2009. However, a recent study shows that though USB devices are a convenient means of transferring information, they can also serve as channels to transmit potential threats. In fact, 25% of malware these days is built to spread via USB devices. Most small businesses particularly are utilizing USB drives for the convenience they bring. But as consumers become more technically savvy about malicious attacks via email and other modes, cyber offenders are now shifting to USB devices to spread malware. Moreover, they want an easier and faster way of hacking into secured computers, making malware distribution via USB devices a viable option. Being a small to medium-sized business, your company might also be at risk for the following reasons: Outdated operating systems. Newer versions of operating systems like Windows Vista and Windows 7 definitely provide more security against malware-infected USB devices. If you’re still running on Windows XP, contact us immediately and we will update your operating system to avoid unwillingly sharing your confidential business information to servers across the globe. We will ensure that you have the latest version of Windows, Macintosh, or whatever OS your company uses. Insufficient security knowledge. Not all employees are familiar with malware attacks via USB devices. Some may even plug a misplaced flash drive into their work PC, hoping to find its rightful owner—without knowing that it contains a script that can search sales record and or contact list. As your IT service provider, we will help you implement security guidelines against unsafe USB use to prevent potential malware attacks that can ultimately harm your business operations. No other options to share information. Most small businesses solely rely on USB devices to share data with their employees. While it is convenient, using them on a daily basis can be unreliable and risky. Talk to us about cloud-based solutions and other better and more secure methods to share and store files. We believe that USB-spread malware is even more perilous than email and other means of transmitting malware.  That’s why companies, no matter how big or small, should take this alarming issue seriously. Contact us soon and let us help you protect your business from any would-be malware attacks.

Continue reading

Number of Infected Websites Doubles in One Year

According to a new study released by security firm Dasent, the number of malware-infested websites has increased to 1.2 million in 2010, from 560,000 in 2009. Dasient , a company specializing in combating malware on websites, has released a new report claiming that over 1.2 million websites were found to be infected by malware in the third quarter of 2009 , more than double the number during same period last year. These infected websites are especially dangerous since, unlike other forms of malware vectors, they don’t require the user to click on a link or open an attachment. They infect users through “drive-by-downloads” or by just visiting the infected website. Hackers take advantage of the dynamic and interactive features of today’s modern websites and social networking sites to deliver their payload. Other dangerous forms of infected websites are those hosting fake antivirus scams, which fool users into downloading malware posing as legitimate antivirus software, as well as malvertisements, which pose as legitimate advertisements but instead are malware vectors. With the growing threat of malware, how confident are you that your systems are safe? Contact us today and find out how we can help.

Continue reading