Wiperware: New Malware That Shouldn’t Be Taken Lightly

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Any business can be a target for hackers who use ransomware. However, in recent months, a major new threat has emerged. The recent Petya attack was initially perceived to be another form of ransomware.

However, as the firms involved took stock in the aftermath of the events, it became apparent that the attack took the form of “wipeware,” code that is designed to completely destroy the files stored on any system.

What is wiperware?

Wiperware is designed with one goal in mind: total destruction. The malware asks users to install a software update and then it immediately takes control of the device. Once it has gained admin access, it completely overwrites all files on the device and in some cases the entire network. Any attached storage is also vulnerable, included USB external drives, memory sticks and network shared drives.

While the motivations behind Petya remain unknown, what is abundantly clear is that wiperware is a threat that needs to be taken very seriously. Here are a couple of things you can do right now. [Read more…]

Rules Of Thumb To Avoid An Infection

Anthony Glover is Tech Expert’s senior network engineer and service manager.

A virus can be an upsetting, expensive endeavor to deal with. A virus can wreak havoc on your personal files (like important spreadsheets or family photos) or the system files that keep your computer functioning.

These files can become corrupted, encrypted, or deleted, which makes recovery difficult or sometimes impossible.

Some less obvious viruses — the ones that might slow down your system instead of destroying it — can still affect you by stealing data and what you type on your keyboard, gaining access to your stored credit card information or important sites you use, like your bank. [Read more…]

Anti-Virus: It’s Worth Protecting Yourself

Ron Cochran is a senior help desk technician for Tech Experts.

You can have any machine — from the latest and greatest, to the old dinosaur in the corner — but if you don’t have virus protection, your latest and greatest machine might soon run like that dinosaur in the corner.

All of your sensitive images, documents, billing information, and passwords are subject to infection. No matter how careful you are, there is always something that slips through the cracks.

Often, users say, “I have such and such subscription,” or “I don’t click on anything I don’t know,” but the people spending countless hours causing havoc on computer users will always find new and sneaky ways to infect computers.

Viruses can be attached to images or links on websites. They can also be renamed to look like something that you should install. Once inside your computer, they are hard to track down even by a seasoned computer technician.

Viruses very rarely remove anything from your computer. Instead, they have a tendency to add things that can record your activities on your computer. A person could install a silent program that will start recording your keystrokes triggered by keywords; it can also take a screenshot or record email addresses and passwords. Most of the time, they don’t need to even gain access back to your computer to report the data.

They can have an email sent from your computer and Internet connection without you knowing it. That email, secretly sent from you to them, would contain your information (keystrokes, clicks, etc.).

By now, you have heard of the “crypto virus” and all of its variants. There are many solutions out there, but select few offer “zero-hour” infection reversal, however it’s something that businesses can especially benefit from. Let’s say you accidentally encrypt your machine; it would then be inaccessible until you pay the ransom to unlock your files.

Protection that offers infection reversal can revert your system back to its state right before you were infected and it would be like you never infected by the virus at all. This feature is part of Webroot Secure Anywhere, which is something we can provide.

Viruses not only help people steal your data, but they can also delete or corrupt files, degrade system performance, and make your computer run slower.

Viruses can also prevent programs from working and they can use your email to send out copies of itself to your contacts and other users. Sometimes, they can disable your computer from starting up by corrupting your BIOS firmware.

A couple of the main things that you’ll notice once you’re infected is that your system could run slower and you’ll receive all kinds of fake pop-ups, ads, warnings from “Microsoft,” etc. These type of files are referred to as “scareware” and the makers feed on the fear that you might lose your data, so you’ll pay them to “unlock” your system or “remove” the virus.

Again, we go back to protection. If you had virus protection, then it’s likely that would stop it before it even established itself inside your computer.

There are a few things you should do, if you haven’t already: get some sort of whole computer protection (such as Webroot), have restore points saved on your operating system, have a backup of your operating system install saved on some sort of external media, and save your documents, pictures, and videos to an external source.

When you find yourself in a predicament where you have to wipe an entire computer to remove an infection, you’ll be glad you took the time to prepare for the worst.

The Importance Of Having Ad-Blockers

Luke Gruden is a help desk technician for Tech Experts.

Every day, millions of people go online and go to a familiar website, just to get an advertisement pop-up that disrupts their online experience.

Ads are a way of life for many websites to generate profit from viewers visiting their website and, when clicked, these ads can take a person to another website, usually for their product.

While annoying and harmless when used as intended, issues in this system start to happen when the intentions of an “advertiser” go beyond just advertisement.

There are malicious people on the Internet utilizing advertisements to leave our computers and information vulnerable for theft and abuse.

Some advertisements will come in as scareware trying to pressure people into calling their number or download a harmful program.

Scareware is a common pop-up that thousands have fallen victim to – giving up Social Security numbers or access to bank accounts, allowing malicious connections to their computers, leaving networks vulnerable and infected, and more.

Some advertisements, if not filtered by a website correctly, can actually contain viruses and infections that don’t allow a person an opportunity to protect their own browser and computer.

These infections usually leave spyware and trojans that try to steal your information from your computer.

Surprisingly, the websites with these sorts of advertisements may have never intended for you to fall victim to scareware or other infections.

Usually, websites with these ads tend to be smaller websites using an advertisement agency that does not fully screen all the advertisements they are receiving, allowing malicious people to send their harmful information out onto the Internet.

There is a very simple solution to these real threats: ad-blocking software. If you use Firefox or Google Chrome, there are two good options that you can attach to your browser.

The first option is Adblock Plus, which is a common choice that works well. There is also uBlock Origin that uses less processing power than Adblock Plus that also blocks most advertisements. Both of these options will go a very long way in protecting your computer.

If you are using Internet Explorer or Microsoft Edge, these web browsers do not support add-ons and have weak advertisement blocking capabilities.

Firefox and Chrome on their own, even without add-ons, are more secure than Internet Explorer. If you have not switched to Chrome or Firefox, I highly recommend you make the change soon.

The installation processes for Adblock Plus and uBlock Origins are very straightforward and easy on Chrome and Firefox. You can Google the ad-blocker you want to use and go to either the Chrome web store or Add-ons For Firefox, based on which browser you are using.

Keep in mind that this isn’t a substitute for anti-virus. Ad-blocking extensions for your browser simply help to block the things that could become nasty infections.

For a more protected computer, you should absolutely use both anti-virus and ad-blockers.

If you need help setting up ad-block software or have questions, you can always contact Tech Experts.

Stay safe and remember to use ad-blocking software to keep your Internet experience safe.

Five Tips For Staying Ahead Of Malware

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Malicious software has become an everyday issue for many computer users, and it can have serious implications for your finances. To keep your information, data, and finances safe, you need to be aware of the common threats to your online security that exist and how you can protect yourself against fraudulent activity.

According to research from Kaspersky Security, malicious software, which is also commonly referred to as malware, impacted as many as 34.2% of computer users in 2015. But what is malware and how does it work?

Malware is somewhat different than computer viruses because instead of completely stopping your computer from operating, it sits quietly in your system stealing important and sensitive information.

It is estimated that over 1 million new forms of malware are released on a daily basis in the form of spyware, Trojan horses, phishing links, and ransomware. [Read more…]

Anti-Virus Advice For Your Small Business

Brian Bronikowski is a field service technician for Tech Experts.

Anti-virus has always been a major concern for users at all levels. From trojans and keylogging programs, to ransomware and malicious software, there is always a new threat on the table.

When we purchase an anti-virus software, there is a certain feeling of security we expect to have, that there is no worry when it comes to those malicious attacks. That’s what the money goes towards. The problem is that sometimes anti-virus actually does quite the opposite.

In a recent study, household name Symantec (Norton) was labelled with multiple critical vulnerabilities that in fact make the system less secure than if it was running without an anti-virus program.

One would hope that a company of this size would be able to resolve these before they’re discovered — or at the very least, promptly look for ways to clean up their act. Unfortunately, Symantec wanted to put on the brakes and wait before patching these flaws that affect every product associated with the company.

Most of the affected systems have been patched since the first reports from June. When you see a report like this and pair it with the performance-degrading effects large anti-virus companies impose, it becomes a simple question: what do you do?

There are a multitude of protection software on the Internet and in-store. Some of these will go back and forth in terms of highest rankings. Some are big brands that are pre-installed on most computers. Others are less well known, but gaining ground. It’s all about finding the right one for you.

More often than not, we will see the likes of McAfee and Norton on systems. These are loaded for you when you buy a new system and will start as a trial. Users will often purchase the system instead of going through the arduous task of properly removing an anti-virus program.

The problem here is that generally the user will purchase whatever is “recommended” which will often be an entire security suite. These will bring a low-end computer to a halt and greatly degrade the mid-range and higher end computers.

It is important to stay away from the big names like these as there is little innovation and plenty of flaws. Some of these flaws may be performance alone and others are security flaws.

Some of the lesser known programs are often times a good alternative. With these, it’s always good to look at any recent vulnerabilities or complaints users have had.

Some protection systems have deleted files or overwritten system files in the past. Research is important for these situations. That said, common free programs, such as AVG and Avast, are found on millions of systems.

Keep in mind, most free protection softwares have one catch or another. Spam-like interfaces that constantly ask for purchase or the requirement for manual scanning are the most common culprits. If you are able to stay on top of things, these can work out well enough.

Unfortunately, most users are unable to due to the workload given to them. Protection ends up being an afterthought; one that can cost a lot more than the software itself. There is one nearly foolproof way to get rid of these worries for good: allowing professionals to take care of your protection.

Tech Experts is able to supply a managed anti-virus that is inexpensive, well-reviewed, and kept up-to-date with the latest virus definitions. We are able to install it in both home and business environments.

With that in mind, it’s an easy choice when picking what you want to shield you from the dangers of the digital world.

Yes, You Can Still Get Infected – Even With Anti-Virus

Scott Blake is a Senior Network Engineer with Tech Experts.

With the sudden release of a new variants of malware and ransomware such as CryptoWall, users are wondering why their anti-virus programs are not blocking the ransomware infection from infecting their computer.

As with many other forms of malware, the infection needs to exist before a cure or way to detect the threat can be created. This takes time and during this period of R&D, the malware spreads like wildfire.

While there are several forms and classifications of infections, there are basically only two different methods in which infections are released into your system: User Initiated and Self Extraction.

User Initiated infections are caused by a user clicking on a link within a webpage or email or by opening infected email attachment. Once opened, the malware is released and quickly spreads throughout your system.

Because the user manually clicked on or opened the link/document, most anti-virus programs receive this as an authorized override by the user and either internally whitelists the link/document or skips the scan.

CryptoWall is spread through this method, usually contained within an infected Word, Excel or PDF document. The creators of these programs take advantage of the programming of the document to hide the infection.

With the world becoming a paperless society, we are becoming more and more accepting of receiving and opening attachments sent to us through email. It has practically become second nature to just click and open anything we receive, regardless of any warning.

Self-Extracting infections are exactly what they’re named. These infections require no outside assistance to worm their way through your system, infecting as they go.

The number one method creators of this form use to place their software on your system is through “piggy back” downloads.

Red button on a dirty old panel, selective focus - virus

Piggy back downloads occur when you authorize the download and install of one program and other programs (related or unrelated to the original program) are automatically downloaded and installed with it. The most common way is by downloading programs promising to speed up your computer.

Infections can also exist on your system and lay dormant for long periods of time, waiting for the computer to reach a certain calendar day or time. These infections are called “time bomb” infections. Just like piggy back infections, they require no outside assistance to infect your system.

They are mostly found buried in the registry of the system or deep within the system folders. Because they are not active on the time of placement, most anti-virus programs will not detect them. Active reporting through toolbars is another means of becoming infected over time.

When a user downloads and installs a toolbar for their browser, they authorize at the time of install that it is okay to install and all of its actions are safe. However, most toolbars are actively scanning, recording, and reporting back to the creator. They also act have conduits for installations of other unwanted programs behind the scene.

If left unchecked, those additional programs can become gateways for hackers to gain access to your system and spread even more infections.

To help stop the spread of malware/ransomware such as CryptoWall and its variants, we need to become more vigilant in our actions when either surfing the Internet or opening email and attachments.

The best rule of thumb to follow for email is: if you don’t know the sender, or you didn’t ask for the attachment, delete it. As for websites, read carefully before you download anything and avoid adding toolbars.

Strategically Upgrading Your Computer Systems

Michael Menor is Vice President of Support Services for Tech Experts.

With technology growing faster than most businesses can keep up with, organizations have to continuously upgrade their solutions in order to maintain a semblance of modernity. The only issue with this is that many businesses can’t keep up, simply because they don’t have a team that’s dedicated to this important task.

What technology upgrades should be made a top priority and why?

Naturally, the first thing you need to know about workstation and technology updates is that you need to integrate them periodically in order to ensure optimal security for your organization.

Most viruses and malware will attempt to take advantage of weaknesses in your infrastructure in order to infiltrate it.

These weaknesses in your software and operating systems’ source code will ultimately allow these threats to force their way into your network, putting any contained information at risk.

These flaws are often addressed in software patches and system updates issued by the software developer, but tackling the updates in a timely fashion is a whole other monster.

Managing all software updates is easier said than done, especially without a dedicated IT department watching over your technology. Regular maintenance is often pushed to the back burner and dangerously close to being forgotten about.

Therefore, the best way to make sure that your systems are prepared to handle the threats that are found in today’s computing environment is to make upgrading your technology a priority for your organization.

Software Updates
There are several programs that your organization needs in order to stay functional, so your software updates aren’t limited to just your workstations’ operating systems.

The fewer unnecessary security flaws that can be found in your IT infrastructure, the safer your information will be.

Furthermore, users who are working with top-notch, optimized technology will be far more productive than they would be if they were using sluggish, bogged down computers.

It doesn’t make any sense to let your employees use machines that hold them back from achieving their maximum productivity.

In fact, sometimes you might encounter a situation where using a different software will be better for your business strategy.

It’s always recommended that you consult with a professional technician before making drastic changes to your business’s software infrastructure.

Antivirus Updates
Your antivirus solution is often a software solution, but virus and malware definitions are continuously being updated.

If your antivirus and other security software solutions aren’t properly maintained, it’s like you’re “leaving your keys in the front door,” so to speak.

Your antivirus solution needs to be managed on all workstations – or, better yet, centrally controlled from the server to ensure that all users are protected and up to date at all times.

Hardware Updates
Older hardware that’s been around the block a time or two might have proven reliable, but it will eventually start to show signs of its old age. Hardware failure becomes more likely and you run the risk of losing information due to the degradation of your technology.

This is why monitoring your systems for faulty tech and periodically upgrading to more recent models is preferable, if not necessary.

Granted, all of these software and hardware upgrades may feel overwhelming. This is why Tech Experts offers a remote monitoring and maintenance solution that’s designed to administer patches to your mission-critical systems remotely.

This helps your organization ensure that your systems are always up-to-date. We can also monitor your infrastructure for any irregularities that might be caused by hardware malfunctions, hackers, and much more. Call us at (734) 457-5000, or email info@mytechexperts.com to learn more.

Is Antivirus Necessary For Smartphones?

July_2015_CellPhone_email_sizeChances are, you have an antivirus program installed on your personal computer. You may not, however, have the same sort of protection for your smartphone.

If you don’t, you’re certainly not alone. Being part of a majority, however, doesn’t make the data on your smartphone safe. The same threats that lurk in cyber land can attack your phone as easily as a personal computer, but there isn’t a lot of attention being given in the media and other venues about viruses on smartphones.

So, despite that lack of attention, should you install antivirus protection on your smartphones and tablets?

The truth is that you should. Smartphones are fast becoming the prime method of accessing the Internet, and the amount and nature of sensitive data on these devices puts you, your business, and even others whom you hold dear at risk.

Since many viruses are designed to gain access to personal information on devices, the risks are greater than you may think. We may not think about installing antivirus applications on our smartphones because it doesn’t address a widespread problem at this time.

In the near future, however, viral attacks on phones is inevitable. From an employer’s standpoint, the need to protect smartphones is even more important than on a personal level. With more and more business being conducted via handheld devices, a virus on a smartphone has the potential to interrupt operations, causing costly delays and compromising sensitive company data.

Security software applications that can protect smartphones are available for download. Look for one that is not just vigilant against malware, however.

It should also provide an option to remotely wipe smartphones clean in the case of a viral attack to protect company data as well as have a GPS location feature to facilitate easy recovery.

Another feature experts recommend in a security software application is the ability to limit the types of applications employees download onto their company-provided smartphones.

Top Signs Your Computer May be Infected

Scott Blake is a Senior Network Engineer with Tech Experts.

Ranging from minor spyware and adware to complete system lock-outs courtesy of ransomware, infections have become a standard in today’s high-speed electronic age.

Even when using the latest state of the art detection software, the most modern systems are prone to infection.

Some basic low-level forms of adware and spyware are add-ons called toolbars. A toolbar is an add-on to a web browser, putting another bar at the top of your browser window below the address bar.

They can come in several different forms and functions. Some are helpful and pose no threat to your system. Others serve as a reporting tool for the toolbar’s designer.

They can collect data on surfing habits such as websites visited and search topics used. This data is then transmitted back to the designer and sold off to advertisers who, in turn, use the information to start spamming you with their client’s websites and ads.

Building off of the spam generated from the data collected from the adware and spyware, you will start to see more and more pop-ups on webpages and possibly even on your desktop.

Sometimes, these pop-ups are harmless and very easy to remove, but more often, they are the beginning stages of an invasion of malicious programs.

The pop-ups use false and misleading information to scare the user into believing they are already infected and they need to download “their” software to clean the infections.

What ends up happening is that you think you are downloading one program to clean your system, but you are really downloading and installing additional programs in the background.

I have seen instances where one so-called program install downloaded nine additional programs in the background. None of the additional programs had anything to do with “cleaning” or “speeding” up your system. They just wreak havoc on your operating system.

Through these malicious programs, more dangerous infections can occur. High-risk level malware, trojans, and viruses become residents on your system.

From this point forward, you will start to experience extreme slowness or even a complete inability to browse the Internet. You will start to see an increase in spam email and email messages containing attachments or web links to strange web addresses.

The attachments are what you need to be very cautious about. A very high-risk level malware called Crypto is primarily transmitted through these infected attachments. Once infected, the Malware spreads though your system, encrypting all of your data.

After that, there is little hope of recovering any of your data.

Viruses, malware, trojans and malicious programs are lurking on the web at every turn.

The most important thing to remember is “knowledge is power.” Don’t fall victim to the overwhelming number of companies advertising that their products can and will clean your computer of these nasty bugs and speed up the performance of your computer at the same time.

The truth is that the vast majority of these companies will install a ton of “freeware” programs on your system that will bog down your CPU and eat up your memory resources.

Once these programs are installed, get ready for Pop-Up City. It turns into a giant game of Whack-A-Mole just trying to close all the windows and pop-ups generated by these programs.

Several of these programs will also inject a proxy server into your Internet settings. This will severely limit your Internet browsing and even redirect you to predefined webpages in an attempt to lure you into purchasing additional programs to remove the programs you already installed.

For additional information or if you think you may have a virus or spyware infection, contact Tech Experts at (734) 457-5000.