" rogueware "

Untitled-1

Keeping tabs on your employees in a multi-device environment

The traditional desktop computer is no longer the only device we use to get work done. For the past few years workers have increasingly begun to use their own smartphones and tablets for work. According to a study carried out by Tech Pro Research, 74% of businesses allow, or are planning to allow, their employees to bring their own devices to the office.

Despite the benefits, such as being able to communicate easily with employees when they aren’t at their workstations, security remains a priority and with the BYOD (Bring Your Own Device) culture – it is important to stay on top of it.

The variety of devices used in the workplace and the resulting loss of control held by the business, means that cybercriminals are able to take advantage of the many vulnerabilities in mobile devices to access the company’s network.

 

(more…)

new-malware

Ransomware on the Rise – PandaLabs Quarterly Report

The second quarter of 2015 shows that there was an average of 230 000 new malware samples created daily, totaling 21 million from April to June. This is a 43% increase in comparison to the second quarter of 2014.

Trojans continue to be the most common type of malware and are the main source of infection, with 76.25% of users infected. This quarter also showed the proliferation of PUPs (Potentially Unwanted Programs) which accounted for 14.39% of infections.

There has been a dramatic increase in ransomware over the last few months. What users don’t realise is that these kinds of attacks will continue to grow, as long as companies and consumers succumb to paying the ransom – this should be a last resort.

(more…)

Panda Antivirus Pro 2011 wins highest accolade from AV-comparitives.org

–       With a detection ratio of 99.9%, Panda Antivirus Pro 2011 has earned the highest Advanced+ rating awarded by the prestigious laboratory

–       The test, performed in December, pitched several security solutions against 82,036 samples of PUPs, a category that includes spyware, adware and rogueware 

Global IT vendor Panda Security has been awarded the highest Advanced+ rating for their Panda Antivirus Pro 2011, winning the latest on-demand test conducted by AV-comparatives.org. This test analyzed detection ratios of PUPs (potentially unwanted programs), a category that includes spyware, adware and rogueware.

The prestigious independent security laboratory AV-compartives.org ran a series of 82,036 samples against each antivirus solution. Detecting 99.9% of the samples, Panda demonstrated just how effective it is against this type of threat.

“This latest award for Panda indicates the importance of having a cloud-based security solution”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. “A solution that utilizes the cloud in order to provide almost real time protection is what’s necessary to keep up with the constant creation of malware.”

According to the 2010 PandaLabs Report, PUPs account for 11% of the more than 20 million threats that have appeared and been classified by Collective Intelligence over the last year. In fact, 40% of all fake antivirus programs in existence were created in 2010. In other words, since this new type of threat first appeared four years ago, at PandaLabs has classified a total of 5,651,786 individual examples of fake antivirus programs, of these, 2,285,629 appeared between January and November 2010.

The award-winning product, Panda Antivirus Pro 2011, forms part of the Panda Security retail lineup and shares its antimalware engine and detection capacity with the rest of the solutions. Its technology for detecting and identifying malware leverages the knowledge of millions of users that make up the community of Collective Intelligence, an automatic system for detecting, analyzing and classifying new threats in real-time. 

About Panda Security

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions, with products available in more than 23 languages and millions of users located in 195 countries around the World. Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology. This innovative security model can automatically analyze and classify thousands of new malware samples every day, guaranteeing corporate customers and home users the most effective protection against Internet threats with minimum impact on system performance. Panda Security has 61 offices throughout the globe with US headquarters in Florida and European headquarters in Spain. In 2006, Jeremy Matthews founded Panda’s local subsidiary in South Africa, opening the international vendor’s first presence on the African continent.

For more information, visit http://www.pandasecurity.com/

Follow Panda South Africa on Facebook and Twitter @PandaSecurityZA

40% of all fake antiviruses created in 2010

–       11.6% of all computer threats gathered over the last 21 years belong to this category

–       34,8% of all computers worldwide are infected

Panda Security has warned of the recent proliferation of fake antiviruses (also known as ’rogueware’), as 40% of all fake antiviruses ever created have been created this year. That is, ever since this type of malicious code was first reported four years ago, 5,651,786 unique rogueware strains have been detected, out of which 2,285,629 have appeared from January to October 2010. 

If the number of rogueware specimens is compared to the total number of malware strains included in Panda’s Collective Intelligence database, 11.6% of all samples correspond to fake antiviruses. “This is a staggering figure, especially if you consider that this database contains all malware detected in the company’s 21 year-history and rogueware only appeared four years ago”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. 

Rogueware’s sophistication, realism and social engineering techniques are the basis of its success, as shown by the fact that more and more users are falling victim to this scam. So far this year, 46.8% of all computers worldwide have become infected with some sort of malware, and 5.40% have been affected by rogueware.

While there are many different types of rogueware, the top fake antiviruses are created to generate a profit.

Every new victim of a fake antivirus scam allows hackers to make money by selling antivirus licenses that users will actually never get, stealing credit card data they can sell on the black market and use to make online purchases, etc.

According to a study conducted by Panda, rogueware authors make over $34 million a month (approximately $415 million a year).

How fake antiviruses work

Even though the fraudulent business of rogueware was first reported in 2006, it was not until 2008 that this type of malicious code actually started to proliferate. Users can become infected simply by browsing the Web, downloading codecs for media players, clicking links in emails, etc

Once they have infected a system, these applications try to pass themselves off as antivirus solutions that detect hundreds of threats on the victim’s computer. When the user goes to remove the threats, they are asked to buy the ‘full’ product license, and very often they take the bait and end up doing so. However, once they buy the license, they will never hear from the ‘seller’ again and still have the false antivirus on their computer.

“The best way to protect yourself against fake antiviruses is to have a good real one, like Panda, stalled. Always initiate all program and software installations yourself, and don’t trust pop up programs that make excessive claims”, concludes Matthews.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow us on Facebook and Twitter @PandaSecurityZA

10 tell-tale signs of PC infection

  • Does your computer talk to you? Can’t use the Internet? Have your files disappeared? You might be infected…

Users are often advised to use an antivirus to check if their systems are infected, but with the current cyber-crime scenario, this is simply not enough.

“It takes a least a basic grasp of security issues to work out if a computer is infected, and many first-time users have little or no idea” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “However, while many of today’s threats are specifically designed to go undetected, there are still some tell-tale signs if a system has been compromised.”

Global IT vendor Panda Security has produced a simple guide to the 10 most common symptoms of infection, to help users identify if their systems are at risk:

1. My computer speaks to me: There are all types of pop-ups and messages on the desktop either advertising things, saying that the PC is infected and needs protection etc. This is a typical, surefire case of an infection. There is either spyware on the computer, or it has been infected by a fake antivirus also known as “rogueware”.

2. My computer is running extremely slowly: This could be a symptom of many things, including infection by a virus. If it has been infected by a virus, worm or Trojan, among other things, which are running on the computer, they could be running tasks that consume a lot of resources, making the system run more slowly than usual.

3. Applications won’t start: How many times have you tried to run an application from the start menu or desktop and nothing happens? Sometimes another program might even run. This could be another type of problem, but it’s a symptom that tells you that something is wrong.

4. I cannot connect to the Internet or it runs very slowly: Loss of Internet communication is another common symptom of infection, although it could also be due to a problem with your service provider or router. You might also have a connection that runs much more slowly than usual. If you have been infected, the malware could be connecting to a URL or opening separate connection sessions, thereby reducing your available bandwidth or making it impossible to use the Internet.

5. When I connect to the Internet, all types of windows open or the browser displays pages I have not requested: This is certain sign of infection. Many threats are designed to redirect traffic to certain websites against the user’s will, and can even spoof Web pages, making you think you are on a legitimate site when really you have been taken to a malicious imitation. 

6. Where have my files gone? Hopefully nobody will be asking this type of question, although there are still some threats around designed to delete or encrypt information and to move documents from one place to another. If you find yourself in this situation, get help as quickly as possible.

 7. My antivirus has disappeared, my firewall is disabled: Another typical characteristic of many threats is that they disable security systems (antivirus, firewall, etc.) installed on computers. Perhaps if one thing shuts down it might just be a specific software failure; but if all your security components are disabled, you are almost certainly infected.

 8. My computer is speaking a strange language: If the language of certain applications changes, the screen appears back-to-front or strange insects start ‘eating’ the desktop; it is likely that you have an infected system.

 9. Library files for running games, programs, etc. have disappeared from my computer: Once again, this could be a sign of infection, although it could also be down to incomplete or incorrect installation of programs.

10. My computer has gone mad… literally: If the computer starts acting on its own, you suddenly find your system has been sending emails without your knowledge, Internet sessions or applications open sporadically on their own, your system is probably compromised by malware.

Panda advises all users, who have identified with one or more of the scenarios above, to look for alternative security applications to the one (if any) they have installed. Users don’t need to uninstall their existing application; but can simply use a free, online antivirus such as Panda ActiveScan. Alternatively, they can install an antivirus that is compatible with other engines, such as Panda Cloud Antivirus, which is also free.

“Getting a second opinion on the health of your PC could save your data, your privacy and in many cases, your money”, concludes Matthews.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.

Fake antivirus now hijacks, blocks computers

Panda Security’s anti-malware laboratory has identified a new, more aggressive trend for selling fake antivirus programs or rogueware. Until now, when a computer was infected by this type of malware, users would typically see a series of warnings prompting them to buy a pay version of the program. Now, these technologies are being combined with ransomware, hijacking the computer and rendering it useless until victims complete the purchase.

“The way this rogueware operates presents a dual risk: firstly, users are tricked into paying money simply in order to use their computers; and secondly, these same users may believe that they have a genuine antivirus installed on the computer, thereby leaving the system unprotected,” explains Jeremy Matthews, head of Panda’s sub-Saharan operations.

Once a computer is infected, any attempt made by the user to run a program or open a document will be frustrated. The only response from the computer will be to display a message falsely informing the victim that all files are infected with the only solution being to buy the fake antivirus.

This fake program, called Total Security 2009, is offered for €79.95 (almost R600). Victims are also offered ‘premium’ tech support services for an additional €19.95 (about R150). Users that pay the ransom will receive a serial number, which, when entered in the application, will release all files and executables, allowing them to work normally and recover their information. The fake antivirus however, will remain on the system.

“Users are often infected unknowingly – in most cases, through visiting hacked websites, and once a computer is infected it is extremely difficult to eliminate the threat, even for those with a certain degree of technical knowledge,” says Matthews. “Users are also prevented from using any type of detection or disinfection tool, as all programs are blocked. The only application that can be used is the Internet browser, conveniently allowing the victim to pay for the fake antivirus.”

For this reason, Panda has published the serial numbers required to unblock the computer if it has been hijacked on the PandaLabs blog. Users can then install genuine security software to scan the computer in-depth and eliminate all traces of the fake antivirus.

PandaLabs recently published a report about the lucrative business of rogueware. The shift towards hijacking computers indicates either that users are becoming more adept at recognizing these threats and that security companies are beginning to close the net. This would explain why hackers are becoming more aggressive in the methods used to force the victims into paying. The PandaLabs report is available here.

The serial numbers and a video demonstrating how this scam operates is available on the PandaLabs blog.