In October of last year news broke about a new form of malware called Cryptolocker. This malware posed a particularly large threat to many business users and led to many quick and important security updates. Now, almost a year later, it appears that the second version of this – CryptoWall – has been released and is beginning to infect users.

What is Crypto malware?

Crypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don’t pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn’t go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some “improvements” to the malware that make it more difficult to deal with for most users. These changes include:

• Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
• CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn’t paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
• Payment servers can’t be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn’t go after passwords or account names, so the usual changing of your passwords won’t really help. The best ways to prevent this from getting onto your systems is:

• Don’t open any suspicious attachments – Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
• Don’t open emails from unknown sources – Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don’t have an account with or bills from a utilities company you don’t use. Chances are high that they contain some form of malware.

IMPORTANT INFORMATION: US-CERT and UK security agencies warn users to stop using Internet Explorer because of the severity in this security hole that has been used in “limited, targeted attacks”.

United States Computer Emergency Readiness Team released an alert on April 28, 2014 regarding vulnerabilities in Microsoft’s Internet Explorer.  Internet Explorer versions 6 through 11 are susceptible to be victims of attacks to exploit the Remote Code Execution Vulnerability.

US-CERT Vulnerability Note VU#22292

Microsoft Security Advisory 2963983

Workarounds:

Basic protection includes the installation of Anti-malware software, enabling a Firewall and applying all Windows/Microsoft updates.  In addition to basic protection, we recommend taking extra preventative steps listed below.  It is not necessary to apply all of the following workarounds, apply one to help protect your system and data.

Enable Enhanced Protection Mode

1. Open IE 10 or IE 11.
2. Click the Tools menu and select Internet Options.
3. In the Internet Options window, click the Advanced tab.
4. Scroll down the list of options until you see the Security section, click the checkbox to Enable Enhanced Protected Mode.  For IE 11 in a 64-bit version of Windows, you also need to click the checkbox to “Enable 64-bit processes for Enhanced Protected Mode”.
5. Restart IE to force the new settings.

Change Access Control List and unregister VGX.DLL:

32-Bit Systems:

1. Open elevated Command Prompt (Run as Administrator)
2. Run the following command:
   

   “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll”

3. Click OK to close Dialog Box confirming un-registration has succeeded.

64-Bit Systems:

1. Open elevated Command Prompt (Run as Administrator)
2. Run the following command(s) separately:
   

   “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll” “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles(x86)%\Microsoft Shared\VGX\vgx.dll”

3. Click OK to close Dialog Box confirming un-registration has succeeded.

Windows XP and all other users.

For all user(s) that cannot follow recommendations from Microsoft are urged to use a different web browser.  For secure download(s) of Google Chrome or Mozilla Firefox, please follow the links provided.

For assistance with Changing IE Settings or Install a new Browser

 please contact us 856-745-9990 or click here.

Though we live in an age of nearly-ubiquitous broadband, it still seems like certain pages don’t load as quickly as one would like.  After you’ve tried changing your ISP (Internet service provider), or ordering a T1 internet connection, consider that many problems can be solved with a series of tips and tricks, outlined below.

• The first area to make changes is your browser.  Microsoft’s Internet Explorer once held an overwhelmingly large market share, but that’s no longer the case.  Browsers such as Mozilla Firefox, Google Chrome, and Safari from Apple have all become increasingly popular.  They are free to install and render websites much more efficiently than Internet Explorer.  Plus, they have two additional benefits, both of which can help keep your computer and internet running fast.  First, these browsers are more secure, including precautions to prevent malware such as viruses from being installed, a common cause of computer slowness.  Also, these browsers allow the user to install extensions, or programs designed to modify the browser’s functionality.
• Extensions can be used to remedy another common cause of perceived Internet slowness.  More and more websites include Flash and JavaScript.  While neither is inherently bad, more content takes more time to load and render.  Of you feel you can do without the bells and whistles, there are extensions designed to block this content from being downloaded and shown on your computer.  AdBlock Plus just blocks advertising, but Flashblock blocks all Flash content.  If you’re not ready to go that far, ClickToFlash is a great extension.  It stops Flash content from being shown initially, but gives the user the option of clicking to display it.
• If checking out your computer yields no positive results, your router might be to blame.  The router’s function is to take a single Internet connection and split it so that every device in the house can make use.  This is very handy, but if the router is wireless and the person installing it does not know better, it can open your network to attack.  All routers should be password protected and secured using the strongest method supported by your devices.  WPA2 authentication is currently the best.  If the network remains unprotected, your connection may be slowed by neighbors leeching from your connection.

These are only a few of the most common causes of Internet slowness.  Hopefully one of the solutions will work for you!

Protecting your identity is important and with Wi-Fi networks popping up nearly everywhere, many consumers don’t realize the dangers that come with using a Wi-Fi connection that is not their own. According to a recent poll conducted by Wakefield Research and Wi-Fi Alliance, 32 percent of respondents said they have tried to get on a Wi-Fi network that was not their own, a startling 18 percent more than a December 2008 poll. The Better Business Bureau, along with the Federal Trade Commission (FTC), urges consumers to think ahead before surfing the Web on a Wi-Fi hotspot.

Wi-Fi hotpots like coffee shops, libraries, airports, hotels and universities are all breeding grounds for hackers. According to the FTC, new hacking tools—available for free online—make hacking easy, even for users with limited technical know-how.

Consumers should be cautious before using a non-secure wireless network and before sending personal information via unencrypted websites. When surfing on a non-secure Internet connection, an individual’s personal information, private documents, contacts, photos and even login information can be up for grabs as other users on the network have the capability of seeing what is being sent.

Steve Cox, President and CEO of the Council of Better Business Bureaus, warns consumers against two popular security scams that can be associated with using an unsecure Internet connection. “Many consumers don’t realize the repercussions that come from using a Wi-Fi hotspot. Phishing, a popular e-mailing scam, and smishing, a SMS texting scam, grow exponentially when hackers obtain access to personal information on the Web via an unsecure Wi-Fi network.” BBB urges consumers to protect themselves from such scams by securing their Internet surfing.

In order to confirm that an Internet connection is secure, BBB advises consumers to follow the FTC’s top Wi-Fi tips:

• Make sure the connection is protected by a unique password. If a Wi-Fi hotspot doesn’t ask for a password, the Internet connection is not secure. If a hotspot asks for a password just to grant access, consumers should proceed as if the connection were unsecured. Only trust home and work internet connections that are protected by a customized user password. Wi-Fi hotspot connections with generic passwords are vulnerable to hackers.

• Transmitted information should be encrypted. When sending personal information like addresses, credit card numbers and Social Security numbers over the Internet, make sure the website is fully encrypted and the network is secure. Look for https (the “s” stands for secure) at the beginning of the URL address to confirm its security.

• Don’t stay permanently logged-in to wireless hotspots. Never leave your Internet connection running while your computer is unattended and make sure to log-off after every use.

• Change your passwords frequently. When creating new accounts, make sure you use different passwords. Do not use the same password for different sites. If one password is hacked, the chances of other accounts being hacked becomes greater with repeated passwords.

For more advice on security scams, visit www.bbb.org or to learn more about protecting your privacy online and what to do if your information is compromised, visit www.OnGuardOnline.gov and http://www.ftc.gov/opa/2011/02/wireless.shtm

With more consumers spending money online, sales will rise, but so will the risk of exposure to some sort of scam or cyber-crime right alongside those fabulous deals.

Black Friday and Cyber Monday may mark the high points of the holiday shopping season, but they are by no means the end of it. In a still struggling economy, with everyone searching for value, consumers will encounter technology deals that might seem too good to be true.

As reported by the Dow Jones newswires, online shopping may well top $1 billion dollars on a single day this year. With more and more consumers willing to spend money online, sales will rise, but so will the risk of exposure to some sort of scam or cyber-crime right alongside those fabulous deals.

So, how can you avoid being taken advantage of?

There are many ways to keep yourself, your privacy, and your money safe this holiday season. But, as the countdown to Christmas grows shorter, many of us abandon our common sense in the desperate pursuit of that one great gift or that one fantastic deal.

Therein lies the problem. The number one way to guard against online scams is to employ some common sense.
For example, many of us will go to extreme lengths to save a few dollars. This often includes venturing off the ‘beaten path’ and looking outside the major retailers on online auction or classified sites such as E-Bay or Craigslist, which the Better Business Bureau has cautioned against. While many of the deals offered on such sites are perfectly legitimate, the likelihood of stumbling into a scam is far greater on these sorts of sites.

Tip #1 — If a deal seems too great, it probably is, especially if it’s from an individual user or a ‘minor’ retailer. Be suspicious of any deal or sale that you can’t believe is real. Maybe you’ve found the best buy of the season, but it’s more likely that you’ve stumbled into a scam set up to defraud you and steal your money or information.
It’s also important to remember that anyone you do business with online knows more about Internet commerce — and its dangers — than you do.

An excellent Tip #2 is to do some research about any online vendor you’re considering making a purchase from. Some vendors believe quality customer service goes hand in hand with turning a profit. Others, however, such as Vitaly Borker, seem to value their bottom line over the satisfaction of their customers.

As reported in the New York Times and on Cnet.com, Borker took advantage of loopholes in credit card policies to refuse refunds and threaten customers. Only when he was in danger of being cut off by Visa and MasterCard did Borker begin meeting his customer’s needs.

Some simple research might have tipped customers off that Borker’s website was one to be avoided.

As heinous as Borker’s actions may seem, they do bring to light Tip #3 for the online shopper: understand your credit cards. Borker and other merchants like him, were able to take advantage of customers because of the rules set up by the credit cards those customers use.

With credit card purchases being the dominant form of online shopping, it’s vital that consumers know the policies of the cards they use and what recourse they have should those policies be abused.

Tip #4 — Consumers would also be wise to investigate other forms of payment, such as PayPal or Bill Me Later, a PayPal service. While alternative methods may not offer the convenience of credit cards, they may provide more security against potential scams and those who know how to abuse the system.

Regardless of where and when you shop online, Tip #5 applies: be cautious. The Internet can be a dangerous place at the best of times. During the often stressful and expensive holiday season the dangers increase exponentially.

Be wary every time you shop online and help to make sure this time remains a time of giving, and not of taking.

To read the original article in it’s entirety please Click Here