World’s Largest Contract Chipmaker Recovering After Ransomware Attack
Taiwan tech firm and Apple chipmaker, TSMC, said it was recovering from a ransomware attack over the weekend. Apparently one machine was online when it shouldn’t have been and this lead to the infection of more than 10,000 of their manufacturing machines in multiple factories. The ransomware was a variant of WannaCry which is a type of ransomware cryptoworm used by bad guys to encrypt computer data and hold it for ransom. TSMC says they are now back in full production again.
Always make sure you have a good antivirus program installed and up to date! Just as important, make sure you have a good, solid back up of any data that’s important to you!
Android has continued to increase marketshare and with the new releases of Jellybean and KitKat the platform has become a favorite for consumers and developers alike. Along with the popularity, Android has now become the target of even more attacks using virus and malware applications. The most recent has been dubbed Trojan.Droidpak. It tries to install mobile banking malware. The thing about it is that it tries to install it via Windows.
“We’ve seen Android malware that attempts to infect Windows systems before,” Symantec researcher Flora Liu said in a blog post. “Android.Claco, for instance, downloads a malicious PE [portable executable] file along with an autorun.inf file and places them in the root directory of the SD card. When the compromised mobile device is connected to a computer in USB mode, and if the AutoRun feature is enabled on the computer, Windows will automatically execute the malicious PE file.” – Source Blog
Windows malware drops a DLL file that is malicious on the computer, then registers it as a system service. The from a remote server it downloads the configuration file and this is where the malicious APK which is called AV-cdk.apk.
The installation is repeated over and over to insure that the device does end up infected. Successful infection requires that USB debugging mode be enabled. The APK actually looks for certain online banking apps on the device and then prompts the user to delete and install the malicious version.
It has been recommended that users disable USB debugging mode unless it is absolutely necessary to what they are currently working on. It’s also recommended that users install a trusted security application as well.
Security experts have stated that over the past few years and months that there has been an explosion of virus and hacker attacks on mobile devices including smartphones and tablets. Beware of viruses, malware, and new scams that you might have never looked at.
Some viruses and malware are annoyances like Leanne Karlgut experienced. Others are not.
“My phone started singing a song and the song had a couple curse words in it and there’s no way I could make it stop,” Karlgut said.
Security experts have noticed a 600% increase in the number of malware found targeting mobile devices. Cyber security expert George Waller says it’s estimated that up to 50% of devices are currently infected.
“As more people are using the phone for both their personal use and their business use, the malware writers are viewing that as a good, a good spot to hit you,” Waller said.
It’s as easy as clicking on a poison link and malware can be downloaded directly to your handheld device. These viruses and malware and log every keystroke you make. That means that they are recording text messaging, emails, and even your usernames and passwords.
“It could get your banking credentials and essentially go into your bank, act as you,” Waller said.
Another prediction is that newer versions of malware called “Ransomware” will be released shortly where the virus hijacks your phone rendering it useless until you pay a fee. Mobile wallet apps are also vulnerable using a shortwave transmission and interception technique
. The details on this continue to roll out as hackers begin moving toward mobile hacking.
There have been reports of Flash update pop-ups that are leaving people with infected computers. There is always one rule of thumb. Never install anything that isn’t directly released from the distributor. This is really the only way to ensure that you are not installing a tainted piece of software.
In this case, I would go directly to adobe.com and download any updates that might be offered. You can see by the below url that this “update” is suspect and shouldn’t be trusted. It was released by treyeats.com/flashpro/download5.php?src=114695&kw=sear&lp=4n. This is obviously NOT an adobe domain and therefore should not be trusted.
Below is the message that these people are receiving and leading them to download corrupt software. Beware when on the internet. You computer, school work, and work life might be under attack.
Flash Player Pro is distributing custom installers which are different from the originally available distribution. These new installers comply with the original software manufacturers’ policies and terms & conditions. Optimum Installer is an install manager, which manages the installation of your chosen software. In addition to managing your download and installation, Optimum Installer will offer free popular software that you may be interested in. Additional software may include toolbars, browser add-ons, game applications, anti-virus applications, and other types of applications. You are not required to install any additional software to complete your installation of your selected software. You can always completely remove the programs at any time in Windows’ Add/Remove Programs.