Bad USB

Bad USB

Most USB devices can have their firmware updated by software. Hackers have found ways to modify the USB firmware to make the USB device (yeah, not just thumb drives, but it could be anything) malicious. For example, a buddy has malware on his PC. Plugs your USB stick into his PC. It modifies the firmware, but you can’t tell. It still just looks like a USB stick. You take your USB stick home and use it without issues. Then you reboot with the USB still hooked up. The malware on the stick sees that you are powering on your system (no OS yet) and changes itself from just a USB stick to a bootable USB stick. The malware boots before the OS, so you now have a root kit on your system.

They didn’t release a proof of concept yet, but now that people know it’s possible it’s going to be interesting to see what comes of it.

For more information go to: http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/

Decrypt Cryptolocker

Decrypt Cryptolocker

Ransomware is a term used to described a particular kind of malware.  All variations of ransomware attempt to extort money from the user of the infected PC.  Some of the early versions disguised themselves as anti-virus software and tricked the user by claiming that the PC was infected and could only be cleaned if the user purchased the software.  Recently, ransomware has become even a greater threat with the advent of encryption versions.  The encryption variation attempts to encrypt the data files on the infected PC.  It may also encrypt data files on network shares.  After the files are encrypted, the ransomware then opens a window on the infected PC demanding payment for the encryption key to unlock the data files.  This payment demand also includes a time limit for this payment to be made.  If the payment is not made within the time limit, the encryption key will be destroyed and the encrypted files will be permanently lost. Cryptolocker was one of the first and most common of this new ransomware strain.  Fortunately, the Cryptolocker infrastructure has been disabled, but new variations continue to be detected.

If you are in need of assistance with any ransomware or any other virus, please call us to help!

Windows XP End of Life Announced

Windows XP End of Life Announced

As many of you may have read in our last newsletter, Microsoft has announced that Windows XP has reached end of life and the extended support period ended on April 8, 2014. Thereafter, no security updates will be provided. This means your PC will be at risk of obtaining viruses, spyware, or malicious software that could result in the exposure of your data. Many technology companies, including Jayhawk Software, recommend that you do not operate Windows XP after April 8, 2014. More →