Tag Archives: hack

New Trojan Malware through Word

New phishing emails that contain trojan malware are spreading, according to experts. The malware, named Ursnif, is contained in Word documents through emails and allow cyber hackers to steal personal credentials.

Ursnif isn’t the first of its kind, however. It was reported that this particular variant has been around since 2007 and specifically targets Windows OS. Fortinet, a top-rated security platform, recently stated this threat to be highly active.

“When a victim opens the Word document, it displays a security warning message designed to protect MS Word users from malicious macros (VBA code).  However, the document content deceives victims to click the “Enable Content” button, as shown in Figure 1. When the button is clicked, the malicious VBA code is executed because the code is in an AutoOpen sub that is executed at opening the document.”

Source: fortinet.com – Figure 1

It’s highly advised that you do not open any documents through e-mails unless you know exactly who it is from. Be sure to double check the address it was sent from as well. Many times, the name will show up legit, but the email address itself does not match.

Russia now has access to your photos through FaceApp

There is a strict warning from experts with the free FaceApp. The free filter app, that includes old age, began in 2017 in St. Petersburg, Russia, but has seemed to grow popular just recently. Experts say that it poses security concerns that may just allow them to acquire access to your identity through your photos. This could also very well give them certain personal information.

NYPost notifies readers, “FaceApp, which you grant permission to access your photo gallery, also includes in their Terms and Conditions that they have the right to modify, reproduce and publish any of the images you process through its AI. That means that your face could end up being commercialized — or worse.”

Even if an Apple iOS user set their photo permission to “never”, it’s not guaranteed that your pictures won’t be accessed.

Hackers have the ability to retrieve information from databases and steal any available information. According to TheBestVPN, an astounding 1.76 billion records were leaked in January 2019 alone. And they are vindictive and intentional.

This issue has raised so much awareness, that on July 17, Senate Minority Leader Chuck Schumer sent a letter requesting the FBI and FTC to start an investigation of the app. In the letter, he stated, “I ask that the FBI assess whether the personal data uploaded by millions of Americans onto FaceApp may be finding its way into the hand of the Russian government, or entities with ties to the Russian government.”

For help with any security issues, call us at 1-800-620-5285.  Karls Technology is a nationwide computer service company with offices in many major cities. This blog post was brought to you from our staff at the Denver Computer Repair Service, if you need computer repair in Denver, CO please call or text the local office at (720) 441-6460.



Can Your Smartphone Get Hacked?

In short, yes. Many people assume it’s only your computer. However, through fraudulent messaging clients, hackers can access data, location, photos and more from your personal or business mobile phones, invading your privacy. And there are a handful of ways they can get sneaky.

According to EFF.org, “The trojanized apps, including Signal and WhatsApp, function like the legitimate apps and send and receive messages normally. However, the fake apps also allow the attackers to take photos, retrieve location information, capture audio, and more.” (source: https://www.eff.org/press/releases/eff-and-lookout-uncover-new-malware-espionage-campaign-infecting-thousands-around)

Along with fake apps, you can also receive text messages, e-mails, and instant messages with web links from an unknown source. This technique is called phishing messages and can allow hackers to acquire any login information you may have saved on your phone.  

If you notice an open WIFI when choosing a network, you might also be at risk of your phone being hacked. Unsecured WIFI networks can sometimes have snoopers behind the scenes, waiting for users to join and surf the web or log in to highly sensitive (or personal) accounts. This gives them ample opportunity to steal anything they want. Keep an eye out for URLs with unsecured vs secured connections (http: VS https:).

You can protect yourself from these, and other possible risks, by creating strong passwords, using two-factor authentication and setting up security questions for your passwords. Be sure to play it safe with any and all personal information you add to your phone.

Handle Computer Viruses Properly

Computer viruses affect millions of computers each year, with 2018 ranking at over 800 million. In turn, this costed individuals and businesses billions of dollars in the process. This malicious software is created to access sensitive information, causing disastrous issues to your computer and allowing hackers to either collect or destroy data. In turn, this slows the computers functionality and operation or might even crash it all together, making it unusable.

The viruses can be spread through e-mail attachments, scam links, and pop-ups and often times seems legitimate. And while it’s extremely frustrating, you can take the necessary precautions of reducing your computers risk for a virus by avoiding clicking on any advertisements shown on web pages you might visit. You can also download anti-virus software, which can detect and remove harmful trojans or malware, and is beneficial to have even if you’re not concerned about a potential threat. Norton and McAfee are well known anti-virus software subscriptions, available for you to purchase online. Keeping your OS updated to the latest version is helpful as well, as it contains the protection and security needed.

Trust your gut – if it seems fishy, it probably is!

Unpatchable Nintendo Switch Exploit

 

A newly published exploit for the Nintendo Switch console is unpatchable.  The exploit can’t be fixed via a downloadable patch because the exploit makes use of a vulnerability in the USB recovery mode, circumventing the lock-out operations that would usually protect the bootROM. The flawed bootROM can’t be modified once the chip leaves the factory. Access to the fuses needed to configure the device’s ipatches was blocked when the ODM_PRODUCTION fuse was burned, so no bootROM update is possible.

Nintendo may be able to detect hacked systems when they sign into Nintendo’s online servers. Nintendo could then ban those systems from accessing the servers and disable the hacked Switch’s online functions.

You can read more about the Unpatchable Nintendo Switch Exploit at:

https://arstechnica.com/gaming/2018/04/the-unpatchable-exploit-that-makes-every-current-nintendo-switch-hackable/