Signs You’ve Been Infected by Malware

Chances are, you have found yourself in this predicament before:

You turn your computer on, wait for what seems like an eternity for it to boot up. When it finally does, your programs are slow to start, your internet is sluggish and your cursor is delayed several seconds behind the mouse. If this has happened to you, your first thought might be to reboot because you have too many things running at once. The more likely scenario is that you’re infected with a malware virus. While they can sometimes be fairly obvious to spot, malware can also hide really well. You’ll have to do a little searching to see how sick your computer is and how best to treat it so it can be totally cured.

How Do You Know If you’re infected by malware?

Well, the first sign of being infected is for your computer to wig out. It may act really strangely and sometimes it’s obvious, but other times it’s not. It helps to understand the symptoms that can happen so you’ll know what to look for. Here are some other symptoms and problems:

Ransomware

People who author ransomware actually want it to be crystal clear that they have infected your computer. They make a lot of money doing it and if you’ve been infected, you’ll most likely see pop-up windows with messages about your files now being encrypted. They will also usually demand a ransom by a certain deadline in order to restore your files.

Your Browser Constantly Redirects Someplace Else

Perhaps you do a search in Google for something. You choose a link to click on, only to be redirected to a different page. You’ll most likely hit the back button and choose another link to click on, only to have the same thing happen. This is a classic infection of malware.

Different Home Page

You set a custom home page but it won’t come up. Instead of the page you’ve set, a totally different page appears when you open your browser. Also, you may notice a row of toolbars under your browser that you don’t recognize. It may be impossible to get rid of these icons. This can be another classic malware infection.

Constant Pop-Ups

By constant, we mean constant! If you close one only to have one more come up, or you’re getting pop-up ads when you’re not even online, you’ve likely been infected.

Signs of Malware That Are Less Obvious

Computer is running too slow. This could be everything from too many programs active, to being low on space or memory. It could also be malware.

Icons you don’t recognize. It’s possible to get these icons from several sources, such as someone downloading a program or game without your knowledge, or even when you download software and a PUP (potentially unwanted program) comes along with it.

Crashing Constantly. Again, there can be many causes for crashing, but if it happens all the time or only with certain programs being opened, it’s likely you’re infected with malware. A professional can diagnose this.

Your browser freezes. If your browser becomes unresponsive, it could be nothing more than a slow or bogged down internet. Your internet provider can help you check your download speeds. If everything looks good, malware is a definite possibility.

A few other signs can include:

* Multiple bounced emails
* Battery dying too fast
* Bills that are larger than normal

Finally, it’s possible to get malware infections with absolutely no sign at all! The best way to avoid malware altogether is to have Tech Sentries keep you protected. We test constantly for computer viruses and can stop them before they create major issues. Tech Sentries can keep you safe in the background automatically so you can go about your business with confidence. If you have been infected, we will help you rectify and restore your computer to its original state.

Remember, the hackers are always inventing new ways to infect your computer. Tech Sentries stays on top of it so you don’t have to!

Call us today at 843-282-2222.

To Activate or To Cancel: The Flash Play Malware Conundrum

Before you suffer Hamlet-esque paralysis by analysis, we want to warn you about a Trojan that is currently targeting Android users around the world. This especially insidious malware doesn’t care how long you look before you leap because you are darned if you activate or darned if you cancel.

 

Flash Play Malware

 

Gotcha!

Once the app appears on your Android device, it doesn’t matter what you do. You’ve already been had. Taking the form of an Adobe Flash Player app, a typical, but counterfeit, appears on your device and displays the options of “Activate Device Administrator” or “Cancel.”

If an unsuspecting user chooses “Activate,” the pop-up screen disappears, but the Trojan activates in the background and effectively gains total administrative rights on the device. Obviously, “Activate” would not be the wise choice.

The Obvious Answer is Wrong

 Based on what we have shared so far, the obvious response would be to “Cancel.” Wrong. The “Cancel” option is another cleverly devised “Gotcha!” In fact, it may prove to be more frustrating than choosing “Activate.”

When you choose “Cancel” the pop-up screen disappears – just like you would expect it to. Momentarily. Then it reappears. No matter how many times you click “Cancel,” the pop-up keeps popping up. It won’t go away until you choose “Activate.”

But, Wait! There’s More!

A good criminal (Look folks! An oxymoron!) always has a backup plan. In this case, the malware has its own deletion prevention system built in. Imagine a bunch of cyber-thugs certified in virtual martial arts. This malware will not go away simply because you want it too and it already anticipates what you will do to get rid of it.

Houston, We Have a Problem

Like the Apollo 13 astronauts, we can be thankful that there is a way. It may look like duct tape and bailing wire, but who doesn’t love duct tape?

The Trojan can be manually removed by going to: Settings>Security>Device Administrators>Google Play Services>Deactivate.  Once the administrative rights are deactivated, the user can find the Flash Player update and delete it.

The moral of the story is that sometimes you get stuck between a rock and a hard place. Often, there seems to be no way out. Sometimes the way out is not evident or easy. At Tech Sentry, it is our mission to protect you wherever we can and to rescue you when you need us. Contact us today to learn how we can help.

Meet Hicurdismos. On Second Thought, Don’t

“It is truly marvelous, that in this art, and in this only, the various methods of falsification should be made a study: for the sample of the false denarius is now an object of careful examination, and people absolutely buy the counterfeit coin at the price of many genuine ones!”

So said Pliny the Elder, the first century A.D. philosopher who died in the eruption of Mt. Vesuvius, proving that men have engaged in the art of counterfeiting for more than two millennia. While it may not be the world’s oldest infamous profession, it is a close second.

Meet Hicurdismos

This is where you, the reader, think that Hicurdismos was an ancient Greek or Roman counterfeiter. You would be wrong. Hicurdismos is not Greek not Roman nor ancient, but one this Hicurdismos is a counterfeit.

Hicurdismos is a form of malware disguised as a BSoD (Blue Screen of Death) alert. It is a counterfeit of Microsoft Security Essentials tech support software for Windows 7 and Windows 8. In addition to going to blue screen, the malware hides your cursor so that you PC appears to be frozen. A warning message then appears. It includes a toll-free number to call for tech support. Of course, when you call the number, you discover that this counterfeit is also ransomware. Gotcha!

Meet Hicurdismo

 

The Problem with Counterfeiting

The problem with counterfeiting is that is so deceptive. It was deceptive in the first century. It is even more deceptive today. Why is that?

The reason is simple. Every solution for counterfeiting has always been the same: develop a better technology. Granted it didn’t take a giant leap in technology to craft a different drachma or denarius. It just took a while for the counterfeiters to catch up with the change.

In the 21st century technology is the answer for every problem. Technology is advancing at a rate that was unimaginable even 20 years ago. Think about that. Technology itself is moving so fast that a) it is more difficult to stay ahead of counterfeiters, and b) counterfeiters can move as fast or, in some cases, faster that the “feiters” can count.

Digital counterfeiters don’t have to be any faster. They only have to be good enough to fool the average person. As soon as a new technology exists, they can move rapidly to replicate the original for the pernicious purpose of pulling one over on us.

The Son of Hicurdismos

It remains to be seen what the next iteration of the Hicurdismos DNA will be. When it does become apparent, we will warn you to be on guard. In the meantime, don’t believe everything you read on your computer screen – unless, of course, it is from us. Be concerned. Be careful. Be cautious. We are here for you.

Call Tech Sentries at 843-282-2222 for assistance.

ransomware alert 090716

Ransomware Alert – 09.07.16

In yet another case of “Don’t believe everything you read,” a new ransomware attack has been discovered.

If this image shows up on your computer, the first thing you need to know is that THERE IS NO GOVERNMENT CENTRAL SECURITY TREATMENT ORGANIZATION. You and your computer are being held for ransom.

(843) 282 - 2222 info@techsentries.com
According to one reliable source, the “new ransomware that pretends to be from a fake organization called the Central Security Treatment Organization has been discovered by security researcher MalwareHunterTeam. When the Central Security Treatment Organization ransomware infects a computer it will encrypt a victim’s files and then append the .cry extension to encrypted files. It will then demand approximately 1.1 bitcoins, or $625 USD, in order to get the decryption key.”

The new CryLocker ransomware will

  • send information about the victim to the Command & Control server using User Datagram Protocol (UDP).
  • use social network site to upload and host information about each of the victims.
  • query the Google Maps API to determine the victim’s location using nearby wireless SSIDs.
  • stay persistent despite continual reboots
  • require a victim’s personal ID information with payment

For those who are wary, but not quite vigilant enough, this ransomware has a special feature designed to “prove” that the organization can unencrypt your computer files. It includes a user demo decryption of a single file. They apparently think that if you don’t fall for trick number one, you might fall for trick number two. These guys are good at understanding human nature too. Then again, we would remind you, “Fool me once, shame on you. Fool me twice, shame on me.”  Our goal is for you not to be fooled – ever.

Bleepingcomputer.com has detailed information about CryLocker. KnowBe4 has a free Ransomware Hostage Rescue Manual available to educate consumers and businesses on how to deal with these growing threats.

For fast, effective, and reliable protection against ransomware and other computer threats, contact Tech Sentries at 843-282-2222.

Petya-Mischa Ransomware

Authors of Petya-Mischa Ransomware Leak Decryption Keys From Competitors

The people behind the ransomware Petya-Mischa have leaked decryption keys from their competitors. You might be wondering why. So are many of us!

Petya-Mischa has now released a “service” for their ransomware called RaaS. Oddly enough, it was released only a matter of hours before the decryption keys were leaked to the ransomware called Chimera. Some might question whether this is really about rivalry between competitors and an attempt at drawing more awareness to RaaS.Petya-Mischa Ransomware

If you aren’t aware, RaaS was created as a service to allow hackers anywhere to have access to specific ransomwares. They then have the option to act as a “distributor” for that ransomware, thus making money by getting a percentage of the ransoms that come in. These ransoms are paid by bitcoin. According to many of the top security forums, this will release of Petya-Mischa RaaS will lead to a huge increase in attacks of ransomware.

To protect yourself, we highly recommend employing a strong anti-virus service that can keep you secure through application whitelisting. They should also be up-to-date in training dealing with cyber security. Tech Sentries provides all these services and features and we stay on top of all the latest threats so you don’t have to.

Call us today and let us keep you safe online! 843-282-2222.

Scareware

Scareware – What Is It? Should You Be Concerned?

According to IN Homeland Security, the probability of scareware, a software developed to be the solution to a nonexistent problem, is going to make a huge return. The possibility of these forecasts being true seems rather high.

A security specialist recently got in touch with the Spiceworks IT platform for help on a possible scareware infection. The IT expert reported that after running multiple scans, nothing was suggesting there was an internal problem. It is believed these messages were scareware, utilized to trigger the user to call the number within the message for “assistance.”Scareware

In an effort to avoid falling for incorrect information or alarms meant to scare you, contact Tech Sentries if you receive any messages on your computer about a malware infection. If you call the phone number noted in the malware alert, there is an excellent chance you’re calling the hackers. This can be a significant problem, as you might be offering payment information or remote access to an individual who is most certainly not looking out for your best interest. As I stated, it is best to call your security software application business directly.

This results in another question. What about phones and tablets? Do you have security software on them? If so, you may need to use it if you’re a part of the most recent Pokémon Go trend. Reports made by Huffington Post stated the app “Guide and Cheats for Pokémon Go” included scareware, which potentially includes ransomware. So, to be clear, not only could you possibly get messages for concerns that are nonexistent, you might likewise be infected with ransomware ! Your best option for this particular case—avoid this app completely.

Call us today (843-282-2222) or contact us at www.techsentires.com and see how we can keep you safe, all while you sleep or work. Never worry about scareware or being held hostage by ransomware.

Malware Takes Hackers to Terrifying New Roles

You may not be familiar with the term, but there is a new breed of hackers out there known as “nation-state attackers.” They are an evil bunch who use malware to create upheaval and harm to people on a material level. They are life-threatening, rather than just being a financial threat. We think of people who use malware as only being after the money of their victims, but that’s not the case any longer. Their role has now taken a terrifying turn…

It’s scary to think of, but nation-state hackers are now able to hack our systems of infrastructure, such as power grids, water supply and even transportation systems. How would a failure of power or transportation affect us? Malware has the potential of bringing down the infrastructure of a major metropolis at any time, making it a terrifying enemy. In the age of modern technology, our world faces modern threats. Malware is a big part of it.

Ransomware has been a big part of the malware problem and is quite the money maker. It’s growing out of control. Hackers have altered the lives of ordinary citizens by hacking into the systems that control everyday life.

As scary as it is, it’s unfortunately not a new problem. In the Ukraine last year, more than 225,000 people had their power shut down by a sinister group known as the Black Energy Group. Just last week, a nasty form of malware manifested itself in yet another energy company in Europe.

It had the ability to give hackers backdoor access to the system and obtain all the data that would allow them to create havoc. When the system is in the early stages of being rebooted, that’s when a lot of the automatic security software kicks in.

Backdoor

This malware can get in at these early stages of a reboot and do its damage, gaining the info and access it needs. What makes it even more sophisticated is the ability for it to go undetected by removing itself automatically should it get sandboxed in by one of these security systems.

Hackers are using increasingly dangerous malware and ransomware. It’s never been more important to protect yourself than now and there’s never been a better way to do it than with Tech Sentries.

Call us today 843-282-2222 and sign on for the best protection you can buy!

ransomware sidekick

Ransomware Has a New Sidekick

ransomware sidekick

Ransomware is nasty no matter how you slice it. And now it has a sidekick called ranscam. In this article, we want you to know what it is and how to keep from becoming a victim of it.

The very term “ranscam” sounds like what it is—ransomware that gets wormed in to your computer system and creates a ransom demand that it sends to you. It does not cause your files to be encrypted but it does actually delete them! In the ransom demand, you will be told what they want you to do to retrieve your files, but you can rest assured it involves collecting money from you.

ransomware ranscam

Many cyber security experts believe this particular strain of ransomware will not last very long since its reputation is very negative. Other ransomware is far more sophisticated such as that in the series called Crypto. The only reason these viruses exist is for their creators to turn a very quick profit. This poses the question of how you can tell if your computer has been affected by either ransomware or the ranscam virus.

Read on….

If you are wanting to know if you have either ransomware or ranscam, unfortunately, you can’t really know. And if you pay the ransom demand, there’s no guarantee that your files will be recovered. Remember—it’s a criminal asking for the money so you’re not paying a normal person. They could care less about your personal pictures, movies and other files. They only want your money. Even if you pay what they demand, they really don’t care about your stuff so you probably will never see your files again.

If you think you’ve been victimized by ransomware, you need to understand and follow the following steps:

  • Don’t pay any ransom money! All you’re doing is funding these hackers to continue on to their next criminal act.
  • Restore your system by using your back-up files. Do NOT pay anything!
  • Let the FBI know. The FBI needs to know about these hackers in order to bring justice through legal proceedings.
  • Report all cyber-criminal activity you see to IC3, which is a federal agency. It is here so you can file any complaints.
  • ALWAYS notify your security company!! They MUST know if they’ve missed a huge security threat or they won’t be able to protect against it in the future.
  • Keep in mind you are helping to protect others by reporting any breech of security.
  • Educate yourself! Simply doing one webinar or meeting is not enough. You must keep up with some continuing education on the matter and really know what you’re dealing with.

Tech Sentries has the latest and greatest cyber security technology on the market today!

Call us today (843-282-2222) or contact us at www.techsentires.com and see how we can keep you safe, all while you sleep or work. Never worry about being infected with crazy ransomware again!

Ransomware Satana

The Latest Ransomware from Hell: Satana

It sure seems that ransomware is rampant! As soon as we get control of one virus, the cyber criminals are at it again, creating an even more vicious strain of ransomware, spyware, malware and any other “ware” that will bring harm to your computer. The fight must go on and we will work hard to keep you informed of the latest dangers to your system and help you to stay safe.

One of the most recent discoveries of ransomware is a malware that has been nicknamed “Satana.” This could point to Russian roots. The two things this Trojan will do is corrupt and encrypt the Windows Master Boot Record, which means that the booting process on Windows is otherwise corrupted, your computer will be unable to determine which partition actually stores theRansomware Satana blocked.

Here’s a little education for those who might need it. The master boot record, or “MBR” is part of your hard drive. It stores information on the system’s files that various disk partitions use, along with the main partition that stores your operating system. If this becomes corrupted or encrypted, your computer loses critical information. Once your computer is unable to find this information, it cannot boot up.

The criminals behind “Satana” have taken this one step farther and not only locked these encrypted files into place, but also caused the booting system to be completely locked. The code in the MBR is then replaced with the code of a ransom note and the nightmare starts.

Satana Ransomware

There is some good news here. The MBR can be repaired with the right skills. It can take some serious understanding of how to navigate inside the command prompt and the OS restore feature. The average computer user will not feel at ease doing this and therefore will often get themselves in even deeper trouble. Basically, even if you could get Windows unlocked and get your OS turned back on, the encrypted files have yet to be recovered and while a cure is underway, none has been successful yet.

Satana has not become very widespread or sophisticated yet, so now is the time to get a grip on how to protect yourself! You must keep a close watch on these viruses and threats—that is your first and best defense. Follow our simple advice below to stay as safe as possible:

1. Regularly perform backups on your data! We can’t stress this enough.

It’s the only insurance policy you have against a ransomware attack. If you’re properly backed up, retrieving your files is not generally a big deal once the operating system has been reinstalled.

2. NEVER open emails with attachments you aren’t sure about.

Even if the link or attachment seems to have come from someone you trust, don’t open or click on anything you aren’t sure of. It’s the number one entry point of a virus into your system. The same goes for opening suspicious emails.

3. Get reliable anti-virus protection.

Tech Sentries will provide you with all the information and services you need to stay safe!

4. Follow Tech Sentries Guardian newsletter!

This is the best way to stay informed and aware. We find the malware and ransomware threats and pass them on to you BEFORE you become a victim.

Call Tech Sentries today (843-282-2222)! Stay safe while we do all the work behind the scenes.

Ransomware Virus Zepto

ALERT: Over 130,000 E-Mails Sent By New Ransomware Virus Zepto

Ransomware known as Locky hasn’t been very active in the last several weeks but now has resurfaced in a big way, and it’s extremely concerning. While Locky isn’t new, it appeared to have gone dormant awhile back. However, the creators of this vicious ransomware are just as evil now as they were then. There is now a brand new strain of this virus known as Zepto.

Unfortunately, it has struck its first victim. More than 130,000 emails were sent to users, tailor made for each email recipient. They were sent to look as though they came from executives in their respective companies. These emails were made to look official and came with instructions for the recipient to open and review various documents. As soon as that link is clicked on, the Ransomware Virus Zeptovirus gets in and the crisis starts.

It has been reported by International Business Times that Zepto is closely related to Locky based on three criteria:
• Both Locky and Zepto use RSA tools of encryption
• The same files are used to infect computers
• The ransom messages sent out to recipients is very similar

Here’s what you can do to protect yourself now!

• Perform a security update immediately! Updates are issued as soon as security companies discover any holes. This can only happen if you perform regular updates, so it’s crucial that you stay up to date on your security software.
• Don’t use security programs that use blacklisting technology only. If you employ security programs that also implement whitelisting technology, you will ensure your online safety. The threat of malware is constant and you need the right technology to combat it. This means whitelisting AND blacklisting.
• Make sure you have an up-to-date operating system. Seems rather benign, but it’s super important when it comes to cyber security! Keep in mind that performing updates will allow your system to repair itself automatically when problems are detected. If you don’t run updates, your system will not fix the issues. Your computer will scan for potential problems as you perform system updates.

The best way to stay safe is to stay connected with Tech Sentries. We have many options to make sure your system is backed up automatically, as well as protected against viruses of all kinds. Let us do the work for you so you don’t find yourself in a security nightmare. Tech Sentries is the best option available to both home and business users.

Call us today 843-282-2222 and stay informed!

1 2 3