July 22, 2013

Outbreak Alert – Trojan.Win32.Medfos.m

Outbreak Alerts by StopSign Internet Security let you know when specific malware infections are trending, describe what they do, and provide tips on how to avoid them.

What Trojan.Win32.Medfos.m Does:

  • Downloads Malicious Rogue Anti-Virus Packages
  • Significantly Slows Down the Infected Machine
  • Displays False Error Messages

How It Infects:

  • Can be distributed by any means, including but not limited to: Email attachments, instant message attachments, infected websites, infected media or document files, peer-to-peer file sharing networks, or even downloaded by other malware;
  • Infection can also be found in hyperlinks to infected websites from email, instant messages, and social networking messages or posts.

How To Avoid Infection:

  • Use extreme caution when you receive a link or attachment from anyone, even those you know;
  • Do not download unknown files or files from unknown sources;
  • If using StopSign Internet Security, be sure the On-Access Scan is installed and enabled;
  • Scan all downloaded files with a malware threat scanner, such as StopSign Internet Security, before executing them;
  • Ensure that all updates are installed from Microsoft Update to help protect against vulnerabilities in the operating system.

Type: Downloader

Technical Name: Trojan.Win32.Medfos.m

Aliases:

  • Trojan.Packed.24060
  • W32/Medfos.B.gen!Eldorado
  • Trojan:Win32/Medfos.X
  • Medfos.CY
  • Medfos-FAYZ!962FB547D0C7

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Outbreak Alerts
July 9, 2013

Windows 8.1 Update On The Horizon

Windows 8.1 On The Horizon - Boot

Microsoft has announced that the preview of the much-anticipated update to Windows 8, Windows 8.1 (codenamed Blue), will be released at the upcoming BUILD conference with the final version available for download shortly afterward.

As expected, Microsoft has also confirmed the update from Windows 8 to Windows 8.1 will be a freely available to Windows 8 users as an online download from the Windows Store.

When it comes to system updates, it’s all too common to encounter the old colloquialism, “If it isn’t broken, don’t fix it.”  In a static environment where the machine doesn’t interact with the Internet or other machines in any way, and the user is perfectly content with the performance of the system, this may well be a valid stance to take.

Windows 8.1 On The Horizon - Laptop Casual User

Unfortunately, most of us don’t keep our computers in sterile bubbles.  We frequent social networking sites.  We download applications.  We watch and share online videos.  We write blogs and forum posts on everything ranging from aardvark anime characters to zebra zoology.  Even the most careful of us is likely to check our email from time to time, and the moment your machine is connected to the Internet, your machine is potentially at risk, however unlikely you may feel the possibility is.

Microsoft has generally been fairly reasonable with how quickly it addresses bugs and security holes, and they keep a fairly regular update schedule when it comes to small updates and “hot fixes.”  However, Microsoft is far more stingy when it comes to cumulative updates, service packs, and upgrades, and when one comes around, it bears serious consideration.

There is some debate among the StopSign research and development team as to whether Windows 8.1 best fits into the category of an upgrade (essentially a “New” version of Windows, fairly distinct from the previous) or if it is more appropriately considered a service pack (a collection of hot fixes, security updates, critical updates, and general system updates), but one thing uniformly agreed upon is that the update is important enough for Microsoft to publicize widely for both the development and user community.

Historically, Windows service packs have been tremendous boons when it comes to security and functionality.  The difference between the original Windows XP and Windows XP Service Pack 2 was dramatic, including nearly 1,000 hotfixes, changes to the networking infrastructure to include a new wireless API (Wireless Zero Configuration), and the Windows Security Center (now known as the Windows Action Center), a centralized console from which the user is able to manage the Windows Firewall, installation of Windows Updates, and anti-virus / malware software.

In the months following the release of Windows XP’s Service Pack 2, the StopSign technical support team reported significantly lowered instances of re-infected machines.  Bolstered by the security success of this free Microsoft update, it became a standard recommendation in cases where technical support encountered a user prone to frequent infections.

If security related concerns aren’t enough of a reason to give strong consideration to the upcoming release of Windows 8.1, consider that Microsoft also has a tendency to slip in streamlined and optimized code, often resulting in a smoother experience and notable performance benefits for the end-user.

Windows 8.1 On The Horizon - Updates Ready

While the full contents of the Windows 8.1 update have yet to be released, a full disclosure is expected by the time of the BUILD conference, and we are excited and eager to install and fully review the new and updated functionality.  If you are currently using Windows 8 and in doubt as to how to go about obtaining the update to Windows 8.1, your easiest solution may simply be to ensure you have enabled automatic updates.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog
July 3, 2013

Outbreak Alert – Trojan.Win32.Generic!BT

Outbreak Alerts by StopSign let you know when specific malware infections are trending, give you info about what they do, and tips on how to avoid them.

What Trojan.Win32.Generic!BT Does:

  • Downloads Malicious Rogue Anti-Virus Packages
  • Significantly Slows Down the Infected Machine
  • Displays False Error Messages

How It Infects:

  • Can be distributed by any means, including but not limited to: Email attachments, instant message attachments, infected websites, infected media or document files, peer-to-peer file sharing networks, or even downloaded by other malware
  • Infection can also be found in hyperlinks to infected websites from email, instant messages, and social networking messages or posts

How To Avoid Infection:

  • Use extreme caution when you receive a link or attachment from anyone, even those you know
  • Do not download unknown files or files from unknown sources
  • If using StopSign, be sure that the On-Access Scan is installed and enabled
  • Scan all downloaded files with a malware threat scanner, such as StopSign, before executing them
  • Ensure that all updates are installed from Microsoft Update to help protect against vulnerabilities in the operating system

Type: Downloader

Technical Name: Trojan.Win32.Generic!BT

Aliases:

  • Trojan.Win32.Generic.126FD58E
  • HackTool:Win32/Wpakill.B
  • HackTool.Wpakill
  • Variant of MI Network
  • W32/Risk.TOSU-1645

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Outbreak Alerts
July 2, 2013

Outbreak Alert – Lookslike.Win32.Sirefef.u

Outbreak Alerts by StopSign let you know when specific malware infections are trending, give you info about what they do, and tips on how to avoid them.

What Lookslike.Win32.Sirefef.u Does:

  • Restricts access to the infected machine until the user provides credit card information
  • Significantly slows down the infected machine
  • Displays false error messages

How It Infects:

  • Can be distributed by any means, including but not limited to: Email attachments, instant message attachments, infected websites, infected media or document files, peer-to-peer file sharing networks, or even downloaded by other malware
  • Infection can also be found in hyperlinks to infected websites from email, instant messages, and social networking messages or posts

How To Avoid Infection:

  • Use extreme caution when you receive a link or attachment from anyone, even those you know
  • Do not download unknown files or files from unknown sources
  • If using StopSign, be sure that the On-Access Scan is installed and enabled
  • Scan all downloaded files with a malware threat scanner, such as StopSign, before executing them
  • Ensure that all updates are installed from Microsoft Update to help protect against vulnerabilities in the operating system

Type: Trojan

Technical Name: Lookslike.Win32.Sirefef.u

Aliases:

  • Variant of Win32/Kryptik.APJK
  • BackDoor.Maxplus.7107
  • Backdoor.Win32.ZAccess.adiv
  • Trojan:Win32/Sirefef.P
  • Trojan.Win32.A.PornoAsset.184832.FA

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Outbreak Alerts
July 1, 2013

Outbreak Alert – Trojan.Win32.Zbot.id

Outbreak Alerts by StopSign let you know when specific malware infections are trending, give you info about what they do, and tips on how to avoid them.

What Trojan.Win32.Zbot.id Does:

  • Attempts to collect online user account and banking information
  • Significantly slows down the infected machine
  • Displays false error messages

How It Infects:

  • Can be distributed by any means, including but not limited to: Email attachments, instant message attachments, infected websites, infected media or document files, peer-to-peer file sharing networks, or even downloaded by other malware
  • Infection can also be found in hyperlinks to infected websites from email, instant messages, and social networking messages or posts

How To Avoid Infection:

  • Use extreme caution when you receive a link or attachment from anyone, even those you know
  • Do not download unknown files or files from unknown sources
  • If using StopSign, be sure that the On-Access Scan is installed and enabled
  • Scan all downloaded files with a malware threat scanner, such as StopSign, before executing them
  • Ensure that all updates are installed from Microsoft Update to help protect against vulnerabilities in the operating system

Type: Trojan

Technical Name: Trojan.Win32.Zbot.id

Aliases:

  • Trojan.Ransomlock!g29
  • SScope.Trojan.Winlock.2113
  • VirTool:Win32/CeeInject.gen!HL
  • Trojan.Win32.Jorik.Ransom.jj
  • Trojan.Generic.KD.750295

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Outbreak Alerts
June 17, 2013

Email Spoofing – Basic Policies to Keep You Safe

Email Spoofing – Basic Policies to Keep You Safe

Your PayPal account has been locked!

Confirm your Bank Information Now!

You’ve Received a Secure Fax From The IRS.

Email spoofing, the process of sending emails designed to appear as if they were sent by another sender, is certainly not a new method of distributing malware that harvests personal information or financial data. Each year, potentially hundreds of new spoofing schemes appear, ranging from emails claiming to contain faxes from the IRS to videos of social events such as the Boston marathon bombing.

Mere hours after the recent Oklahoma tornadoes, the various email traps (often referred to as SpamPots, a take on the term HoneyPot) used by the StopSign research and development team to collect samples and monitor trends had already seen several large surges of emails attempting to capitalize on the disaster, almost all of which containing attached viruses or links to malicious web sites.

There are several key actions you can take to protect yourself.

  • Don’t Click the Link — If a bank or merchant needs your information, you will always be able to enter it directly on their website, logging in as you normally would.
  • Don’t Open the Attachment — If you are not expecting an email attachment, or if it seems out of character for the sender, don’t open the attachment, even if the sender is someone you know personally.
  • Update Your Virus Scanner — Even emails you were expecting, and from people you know and trust, can contain viruses and links to malicious sites the sender may not have noticed.

Scanning every unknown file is always good policy, regardless of its origin. Even large corporations, which may rely on the browsing and email habits of hundreds if not thousands of people, are not free from the risk of infection. On more than one occasion, history has even seen companies accidentally distribute viruses via CD and even seemingly harmless devices containing flash memory. You can safeguard your own computer, but you can never account for another’s actions.

Safe browsing!

Image courtesy of intelfreepress

Related Articles

Fake Website:  What is Spoofing?

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog Tagged With:
« Previous Page