" worm "

Smart-TVs

Smart TVs; the New Big Brother

Smart TVs offer countless benefits such as Internet access, social media access, live streaming and communication with other similar devices; mobile phones and tablets.

It’s the age of ubiquitous surveillance, driven by both Internet firms and governments. The Internet of Things is full of eavesdroppers who want to “listen”. Newer cars contain computers that record speed, steering wheel position, pedal pressure, even tyre pressure and third party companies such as insurance companies want to listen. And, of course, your cell phone records your precise location at all times. Add security cameras and recorders, drones and other surveillance airplanes and we’re being watched, tracked, measured and listened to almost all the time.

(more…)

10 tell-tale signs of PC infection

  • Does your computer talk to you? Can’t use the Internet? Have your files disappeared? You might be infected…

Users are often advised to use an antivirus to check if their systems are infected, but with the current cyber-crime scenario, this is simply not enough.

“It takes a least a basic grasp of security issues to work out if a computer is infected, and many first-time users have little or no idea” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “However, while many of today’s threats are specifically designed to go undetected, there are still some tell-tale signs if a system has been compromised.”

Global IT vendor Panda Security has produced a simple guide to the 10 most common symptoms of infection, to help users identify if their systems are at risk:

1. My computer speaks to me: There are all types of pop-ups and messages on the desktop either advertising things, saying that the PC is infected and needs protection etc. This is a typical, surefire case of an infection. There is either spyware on the computer, or it has been infected by a fake antivirus also known as “rogueware”.

2. My computer is running extremely slowly: This could be a symptom of many things, including infection by a virus. If it has been infected by a virus, worm or Trojan, among other things, which are running on the computer, they could be running tasks that consume a lot of resources, making the system run more slowly than usual.

3. Applications won’t start: How many times have you tried to run an application from the start menu or desktop and nothing happens? Sometimes another program might even run. This could be another type of problem, but it’s a symptom that tells you that something is wrong.

4. I cannot connect to the Internet or it runs very slowly: Loss of Internet communication is another common symptom of infection, although it could also be due to a problem with your service provider or router. You might also have a connection that runs much more slowly than usual. If you have been infected, the malware could be connecting to a URL or opening separate connection sessions, thereby reducing your available bandwidth or making it impossible to use the Internet.

5. When I connect to the Internet, all types of windows open or the browser displays pages I have not requested: This is certain sign of infection. Many threats are designed to redirect traffic to certain websites against the user’s will, and can even spoof Web pages, making you think you are on a legitimate site when really you have been taken to a malicious imitation. 

6. Where have my files gone? Hopefully nobody will be asking this type of question, although there are still some threats around designed to delete or encrypt information and to move documents from one place to another. If you find yourself in this situation, get help as quickly as possible.

 7. My antivirus has disappeared, my firewall is disabled: Another typical characteristic of many threats is that they disable security systems (antivirus, firewall, etc.) installed on computers. Perhaps if one thing shuts down it might just be a specific software failure; but if all your security components are disabled, you are almost certainly infected.

 8. My computer is speaking a strange language: If the language of certain applications changes, the screen appears back-to-front or strange insects start ‘eating’ the desktop; it is likely that you have an infected system.

 9. Library files for running games, programs, etc. have disappeared from my computer: Once again, this could be a sign of infection, although it could also be down to incomplete or incorrect installation of programs.

10. My computer has gone mad… literally: If the computer starts acting on its own, you suddenly find your system has been sending emails without your knowledge, Internet sessions or applications open sporadically on their own, your system is probably compromised by malware.

Panda advises all users, who have identified with one or more of the scenarios above, to look for alternative security applications to the one (if any) they have installed. Users don’t need to uninstall their existing application; but can simply use a free, online antivirus such as Panda ActiveScan. Alternatively, they can install an antivirus that is compatible with other engines, such as Panda Cloud Antivirus, which is also free.

“Getting a second opinion on the health of your PC could save your data, your privacy and in many cases, your money”, concludes Matthews.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.

iPads infected with iPhone virus

Panda  Security has found that malware designed to infect iPhones can also compromise the popular iPad.

Given the increasing popularity of Apple devices and their growing market share, malware designed specifically to target these platforms is beginning to attract more attention. Last year, Panda raised the alert about a worm, iPhone/Eeki, able to infect jailbroken iPhones (i.e. those that have been tampered with in order to install unofficial applications). The worm was also able to spread to iPod Touch.

Logically, all malware designed for iPhones will have the same ability to infect and spread to iPad devices. This is because the iPad and the iPhone share the same operating system, known as iPhone (v3), or iOS (v4) in the forthcoming version.

‘This doesn’t mean we’re about to face an avalanche of infections’, says Jeremy Matthews, head of Panda’s sub-Saharan operations. ‘However, we have always stated that as Apple takes more market share, cyber-crooks will begin to show more interest in targeting those that use this platform.’

Despite the fact that Apple decided to totally close off the hardware (making it impossible to install peripherals) and the software (all applications are installed from the manufacturer’s App Store) cyber-criminals have found a way to infect jailbroken devices with malware.

‘With more and more proof of Apple being targeted, we advise all Mac users to follow the manufacturer’s recommendations to increase security on their operating systems’ concludes Matthews.

Since 1990, Panda’s mission has been to detect and eliminate new threats as rapidly as possible in order to offer maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda’s new security model which can even detect malware that has evaded other security solutions.

Currently, 99.4% of malware detected by Panda is analyzed through this system of collective intelligence. This is complemented by the work of several teams, each specialised in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc).This translates into simple, secure and resource-friendly solutions for users.

For more information, visit http://www.pandasecurity.com/.

New FTLog.A worm spreads through Fotolog social networking website

Panda Security has reported the appearance of a new worm, FTLog.A, which spreads through the popular Fotolog social networking site, a photo-blogging portal used by almost 30 million users around the world.

“Cyber-crooks are increasingly exploiting social networking sites to spread their creations as they offer a huge number of potential victims,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “We have already seen malicious code that exploits Facebook or Twitter. Unfortunately, this time it’s Fotolog’s turn.”

The worm spreads by inserting comments in the targeted user’s page prompting them to click a link, supposedly pointing to a video. This comment reads as follows: “hey xxxxxxxxx, encontré este video tuyo acá” – hey xxxxxxxxx (user name), I found a video of you here. If the user clicks the link, the system will ask for permission to download a divx video codec, which is actually the worm.

FTlog.A comment inserted in Fotolog

Once installed, FTLog.A redirects the browser to a site with explicit content and a webpage that asks users for their data in order to claim a (false) prize. If the user clicks Get Free Access a setup.exe file is downloaded which, once run, installs the MediaPass Plugin.

It also changes the Internet home page and injects code into the browser to display pop-up ads, disrupting the user’s browsing experience.

To prevent this type of infection it is important to remind users not to click suspicious links from unknown senders and keep an up-to-date antivirus solution installed on their computers.

More information is available at Panda’s encyclopaedia.

For pictures of this infection, check out Panda’s Flickr stream.

Reward offer for Conficker arrest

According to a cnet article, Microsoft is offering a $250 000 reward in attempt to bring the perpetrators of the Conficker worm to book. The article says:

The worm, which has been around since last year, spreads through a hole in Windows systems, exploiting a vulnerability that Microsoft patched in October.

It also spreads via removable storage devices like USB drives, and network shares by guessing passwords and usernames, which is “causing it to spread like wild fire in the enterprise,” Jose Nazario, manager of security research for Arbor Networks, wrote on a company blog.

The article estimates that 12 million PC users have been infected by the worm, highlightng the importance of having up-to-date antivirus installed on your PC.

Conficker worm ravages six percent of world’s computers

Panda Security study reveals scale of security crisis

The number of computers infected by the Conficker worm continues to surge, according to data provided by Panda Security, the global IT security vendor. A study carried out by Panda’s malware detection laboratory revealed that almost 6 percent (5.77%) of computers worldwide are infected by this worm.

The study, involving almost 2 million computers, show that the infection, which originated in China, has now extended across 83 countries, and is particularly virulent in Spain, the USA, Taiwan, Brazil and Mexico. In Spain, Panda has identified more than 36,000 infected computers, although the real figure could be much higher.

“Of the 2 million computers analyzed, around 115,000 were infected with this malware, a phenomenon we haven’t seen since the times of the great epidemics of Kournikova or Blaster”, says Jeremy Matthews, the head of Panda Security’s sub-Saharan operations. “This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels.”

Panda’s researchers have also turned up new data on this dangerous worm. Some variants are launching brute force attacks to extract passwords from infected computers and from internal networks in companies. The frequency of weak passwords (common words, own names, etc.) has aided the distribution of this worm. By harvesting these passwords, cyber-crooks can access computers and use them maliciously.

“This highlights the need for users to establish strong passwords both on personal computers and corporate networks as, otherwise, an infection could spread across an entire company leaving computers at the mercy of attackers,” says Matthews.

This worm also uses an innovative system of social engineering to spread via USB devices: in the Windows options menu that appears when inserting a USB device, it has disguised the option to run the program (activating the malware) as the option to open the folder to see the files – so that when users simply want to see the contents of a memory stick, they will actually be running the worm and infecting their computers.

You will find more information about this and other malware in the PandaLabs blog.