RUPERT-TECH - Computer & Laser Printer Services

Avoid Being Hacked

Hacking is a major issue, and hackers use many tricks in an attempt to access your data. There are steps you can take to protect yourself and your data from the most common hacking methods.

Anti-virus software (Norton, McAfee, Sophos, etc.)

• One of the most important steps you can take is to run an anti-virus program.  If cost is a concern, there are free anti-virus programs such as AVG http://free.grisoft.com/freeweb.php/doc/1/ or Microsoft's Security Essentials http://www.microsoft.com/en-us/security_essentials/default.aspx You must make sure that you keep your anti-virus program updated by downloading the latest virus definitions. It is important to remember that you should only run one anti-virus program on any given computer.

SPAM

• Most spam will not cause harm, however the best practice is to delete emails from unknown sources and those with attachments. If you reply or attempt to unsubscribe, this will confirm to the spammer that your account is active and in use.

Anti-spyware

• "Malware" or "spyware" are terms used to describe malicious software that can be used to cause denial of service attacks or harvest sensitive data (credit card numbers, etc.) from your computer. These programs can cause you to receive pop-up ads and/or track your web surfing habits. Attachments can be harmful to your computer and can carry malicious viruses and malware. There are tools available, such as Spybot Search and Destroy or Ad-Aware, that scan your computer and identify malware and other harmful items. Once found, these programs give you the option to delete the items. These programs also need to be updated so that you have the most current versions.

Patches, security updates, etc.

• Virus writers and hackers will exploit holes in programs to gain access to your computer. To keep your computer up to date with the latest security fixes and patches, visit http://update.microsoft.com/microsoftupdate on a routine basis. If are you running an Apple or Linux machine, be sure to check routinely for updates also.

Here are some tips to ensure malware is not given access to your computer:

• Keep your computer up to date.
• Keep your browser up to date.
• Install a good antimalware program (Like Microsoft's own Security Essentials)
  
• Download free software only from sites you know and trust.
• Avoid clicking links inside pop-up windows.
• If you are offered antimalware programs while browsing, don’t install them.

Following these rules, you’ll protect yourself and decrease the chances of getting malware on your system.

A new variant of the Trojan Popureb burrows deep enough into the Windows operating system that users are recommended to reinstall the OS in order to remove it, or by fixing the master boot record, Microsoft said.

The "Popureb" Trojan corrupts the hard drive's master boot record to such an extent that the only way to remove it is to run Windows Recovery Console to rewrite the sectors to a clean state, Microsoft Malware Protection Center engineer Chun Feng wrote in an advisory posted on the Threat Research and Reponse blog June 22.

The Trojan was updated recently with the driver component that makes sure the malware can never be modified by an external process, according to Feng. The component accesses the DriverStartIO routine in the device driver to execute itself.

Trojan:Win32/Popureb.E overwrites the first sector on the hard drive so that it triggers at boot time. MBR is generally invisible to both the operating system and security software. To ensure it can't easily be removed, Popureb can intercept all commands to overwrite the MBR or any other part of the hard drive where the malware is installed and replace those commands with a read command. The operation appears to succeed and no errors are thrown, but no new data is actually written to the disk. This means that if a security software attempts to remove the malware, it fails automatically because it can't overwrite the MBR or the infected sector.

Most members of this particular malware family are fake antivirus software, but this variant "might be a little more severe, Symantec said, but pointed out that this Trojan doesn't do anything that "Trojan.Tidserv doesn't already do." The company has asked Microsoft for the sample to analyze further, according to the statement.

"How to Protect Your Network from Hacker Bots"

Not all hackers are only after your data. The real prize is your wallet. To carry our cyber-crimes, many hackers will use email spam, phishing attacks, or insidious websites to infect computers and turn them into "Hacker Bots." These Hacker Bots become drones that can be controlled remotely by cyber criminals, unleashing attacks on businesses that generate a steady revenue stream for the criminals.

A Trend Micro study recently found that roughly 25% of all infected computers belonged to businesses. It's often hard to know for sure whether your computer has been turned into a Hacker Bot. The best solution you can take is to contact a security expert to fully assess the machine.

Before you call a security expert, there are a few initial steps you can take:

1. Disconnect the potentially infected computer from the Internet. If the computer is infected, this step will immediately stop data from being stolen, and prevent attacks on other businesses.
2. Search for any sensitive data on the potentially infected machine and move it to a clean computer. Another option is to move the data to an external hard drive for safe keeping.
3. Clean the potentially infected computer using antivirus software. You can also hire a professional to utilize advanced tools to ensure a complete quarantine of your machine.

If you don't yet believe any of your machines are infected, you are in a great spot. Prevention is the best cure and is much easier and cost-effective to implement long-term. You can start by ensuring that your antivirus definitions are always updated and you download the latest security patches for Windows and the programs you run on Windows.

You can also outsource your security maintenance to a company such as ourselves who can professionally perform monthly work on your machines remotely to ensure they are as padlock safe as possible. This saves you the time and headache of having to do the work yourself, and will also give you peace of mind knowing that your data is professionally secure.

Cybercriminals are circulating a new piece of fake security software that spoofs a Microsoft security tool. It’s called the “MS Removal Tool.”

When you start your computer, you see a MS Removal Tool window that restricts you from accessing your desktop. You cannot start Task Manager, and you cannot open Internet Explorer or any other programs. This situation is the result of malware (a variant of Win32/Winwebsec) that is infecting your computer.

If you see a pop-up ad or an email for the “MS Removal Tool,” ignore it.

If you already have this malware on your computer, you might not be able to access Internet Explorer or any other programs.

As always, we highly recommend our users having their computers up to date and running a good antivirus application.

A good and free choice is Microsoft's own Microsoft Security Essentials.

If you can access Internet Explorer or another web browser, you can also use the Microsoft Safety Scanner to scan your computer and remove the MS Removal Tool.

Be safe!