Ransomware encrypted main server “Ethyrial: Echoes of Yore”

On October 19, 2023, ransomware actors successfully attacked the main server of the Ethyrial: Echoes of Yore game. The attackers encrypted all data, including local backup drives – as it usually happens in the course of ransomware attacks. They also left a ransom note demanding payment in Bitcoin for a decryption key.

What is unusual though is the profound impact on all 17,000 player accounts, resulting in the loss of account and character databases. However, game-related files, such as zones, items, monsters, etc., were not lost. Moreover, no customer data was accessed or removed – which is definitely a positive sign for both the developers and users.

Legend says that paying the ransom does not guarantee the return of files. So, faced with the dilemma of trusting the attackers, the developers chose not to negotiate with them. Instead, Gellyberry Studios pledged to restore lost all the info possible manually. To express gratitude for player acceptance and support, impacted users will receive their items and progress back, along with a premium “pet”.

Mitigation

This is not the first time a game publisher has been targeted in ransomware attacks. However, they usually impact the company rather than the players. It’s been a bumpy ride for Gellyberry Studios. The developer outlined security measures it will implement to prevent future incidents in light of the attack. These include:

• Increased frequency of offline account database backups. This solution will reduce the potential impact of any future attacks. So, in case of any security breaches, player accounts and progress can be immediately restored, and the effect of such incidents can be minimized.
• Implementation of a P2P VPN for all remote access to the development server. P2P VPN establishes a secure connection between two or more devices without a central server. This is a reasonable solution, that provides secure networking and additional protection against unauthorized access attempts. It elevates the overall security posture of the development environment.
• Restriction of access to a specific IP address range. By restricting access to the development server within a specific IP address range ensures that only designated IP addresses. By implementing this restriction, the studio reduces the attack surface and strengthens defense against potential external threats seeking unauthorized entry into the server infrastructure.

Although the game servers are currently available, users are prompted to create a new account when logging in. The developer asks players to email echoesofyore@gmail.com to restore the game’s progress. It’ll be interesting to see how the indie team comes out of the other end of this attack and whether or not the majority of those 17,000 accounts affected will return.

The post Ethyrial: Echoes of Yore Ransomware Attack Wiped Player Accounts appeared first on Gridinsoft Blog.

WeChat and Kaspersky products are Banned in Canada

The Canadian government, like many others, is committed to safeguarding government information and networks from potential threats. As part of this commitment, it regularly monitors emerging threats and takes swift action to mitigate risks. Consequently, Tencent’s WeChat and Kaspersky’s suite of applications have been removed from government-issued mobile devices.

Anita Anand, President of the Treasury Board, explained that this decision aligns with a risk-based approach to cybersecurity. It is emphasizes the importance of securing government mobile devices. The banned applications were singled out due to their considerable access to device contents. It is raising concerns about potential data breaches and privacy compromises.

But why so much suspicion towards these two programs?

While suspicions may appear politically motivated to some, they reflect a growing trend in many Western countries to scrutinize the cybersecurity implications of technology with ties to certain nations.

Here’s an example – WeChat, a Chinese messaging app, has been under scrutiny due to China’s history of strict internet censorship and surveillance. With over 1.2 billion active users worldwide, WeChat’s reach is extensive. However, its close alignment with the Chinese government’s regulations and laws raises concerns about data privacy and potential government access to user data.

Kaspersky, a Russian cybersecurity vendor, faces suspicions linked to Russia’s history of cyber espionage and interference in other nations’ affairs. Moreover, Eugene Kaspersky himself was once working for FSB, which means life-long ties with the Russian special services. The worry is that Kaspersky’s products could be exploited to facilitate Russian cyberattacks. The U.S. government’s ban on Kaspersky products from its devices heightened these concerns.

Implications for Canadians

The ban on WeChat and Kaspersky applications in Canada represents a significant development in the context of national security and data privacy. Canadians should stay informed about the potential risks associated with these apps and take proactive measures to safeguard their digital lives.
The ban has several implications for Canadians:

• Those using WeChat and Kaspersky on their government-issued mobile devices must remove the apps by October 31, 2023, or potentially face disciplinary actions.
• The ban does not extend to the general public, but users should be aware of the associated risks and potential data privacy concerns.
• Businesses employing WeChat and Kaspersky should also be cautious and take steps to safeguard their data and their clients’ information.

This decision is part of a broader international trend. Where Western governments are taking measures to restrict the use of Chinese and Russian technology. While some criticize it as discriminatory, others defend it as a necessary step to ensure national security.

Is it Safe to Use Russian and Chinese Software?

The safety of using Russian and Chinese software has been the subject of much scrutiny. It is recently due to concerns about data privacy and national security. Both countries have been associated with government surveillance and cyber espionage, raising doubts about the integrity of their software products. In light of the developments described above, we recommend using analogs of similar software. It keep your data and your organization safe. Info about one person is not valuable, while info about millions of people can give serious hints in politics, economy and other large-scale topics.

The post WeChat and Kaspersky Ban in Canada – What You Should Know? appeared first on Gridinsoft Blog.

What is MOVEit MFT?

MOVEit is a software solution that allows convenient and secure data transfer inside the organisation. The product under this brand name has a long story that begins in 2002, and on its path got the cloud storage feature and support of mobile platforms. Solutions of such kind gained significant popularity since the companies started bearing on electronic document management. Retaining diligent security level for that process is tremendously important, as such apps are used to transfer any kind of corporate documents.

MOVEit MFT 0-day Allows to Steal Data

According to the advisory published by the Progress, the vulnerability in MOVEit MFT allows for unauthorised access that ends up with remote code execution. The vulnerability also relies on two HTTP ports – 80 and 443. Known cases of this vulnerability usage were bearing on an SQL injection that grants hackers access to the MOVEit MySQL server. Researchers detected a sample of the webshell code uploaded to VirusTotal – it is completely undetected. The consequent requests to the database tries to pick the password, and once the input is correct, the door is open. After the successful penetration, hackers get access to the list of the files, and possess the ability to add new and download what is already present.

The list of the vulnerable and secure MOVEit versions is as follows:

Security Advisory for Vulnerable Versions

Aside from the update request, developers released a list of recommended actions. The only solution is banning the connections via the aforementioned 80 and 443 ports in the firewall rules. Though, it is not lossless – without the access through these ports, users will not be able to log into the web interface; built-in automation tasks as well as some of the APIs and add-ons will not work either. After this manipulation, Progress still recommends checking the logs for potential attempts of malignant access and updating the software.

The post MOVEit MFT 0-day Vulnerability is Used to Steal Corporate Data appeared first on Gridinsoft Blog.

The basics of VPN encryption

A VPN encrypts all your Internet traffic so it can only be decrypted using the correct key. Before leaving your device, the outgoing data is encrypted and sent to the VPN server, which decrypts the data using the appropriate key. From there, your information is sent to its destination, such as a website. This way, the encryption prevents anyone who can intercept the data between you and the VPN server from decrypting the content. This could be your ISP, a government agency, or hackers. In some cases, they may be synonymous with each other.

With incoming traffic, the same thing happens, only in reverse order. For example, when the data comes from a website, it goes to the VPN server first, gets encrypted, and arrives at your device. Your device decrypts the data, and you can browse the website as usual. All of this ensures that your Internet data remains private and does not fall into the hands of unauthorized parties. But, of course, if the VPN provider does not keep much data about its users and will not provide it by order of the police.

Encryption types may differ in the following ways:

• The persistence of encryption, or the method and degree to which your data is encrypted.
• How encryption keys are managed and exchanged
• What interfaces, protocols, and ports do they use
• What OSI (Open Systems Interconnection) layers do they operate on
• How easy is it to deploy
• Performance (read: speed)

Difference between IPSec and SSL: Security

In a nutshell, a slight advantage in favor of SSL. IPSec connections require a shared key on both the client and the server to encrypt and send traffic to each other. However, sharing this key allows attackers to hack or capture the pre-shared key. SSL VPNs are devoid of this problem because they use public key cryptography to negotiate the handshake and exchange encryption keys securely. Unfortunately, TLS/SSL has a list of other vulnerabilities, such as Heartbleed.

Some SSL VPNs allow untrusted self-authenticating certificates and do not verify clients, which are especially common in SSL VPN browser extensions. Such virtual private networks allow anyone to connect from any computer and are vulnerable to man-in-the-middle attacks. However, this does not apply to most of OpenVPN’s clients. Likewise, SSL usually requires frequent patches to update the server and the client.

The lack of open source for IPSec-based VPN protocols may worry people who fear government spies and spyware. Thus 2013, Edward Snowden reported that the U.S. National Security Agency’s Bullrun program was actively trying to “insert vulnerabilities into commercial encryption systems, IT systems, networks and communication endpoints used by targets.” The NSA allegedly used IPSec to add backdoors and side channels that hackers could exploit – even the ones hired by the government. In the end, strong security is likely the result of experienced and careful network administrators, not protocol choices.

Firewall traversal

In short, SSL-based VPNs are better suited for bypassing firewalls. However, most Wi-Fi routers and other network equipment contain NAT firewalls. So they reject unrecognized Internet traffic and data packets without port numbers to protect against threats. IPSec encrypted packets (ESP packets) do not have default port numbers assigned to them. Therefore, NAT firewalls can intercept them, which can interfere with IPSec VPN workflow.

To avoid this, many IPSec VPNs encapsulate ESP packets into UDP packets. This assigns the data a UDP port number (usually UDP 4500). Although this solves the problem of NAT traversal, your network firewall may not allow packets through this port. Thus, network administrators at airports, hotels, and other locations may only allow traffic through certainly required protocols, and UDP 4500 may not be one of them.

SSL traffic can go through port 443, which most devices know as the port used for secure HTTPS traffic. Since almost all networks allow HTTPS traffic through port 443, it is likely to be open. In addition, although OpenVPN uses port 1194 by default for UDP traffic, it can be redirected through UDP or TCP ports, including TCP port 443. This makes SSL more helpful in bypassing firewalls and other forms of censorship that block port-based traffic.

Speed and reliability

Although both are reasonably fast, IKEv2/IPSec negotiates connections faster. Most IPSec-based VPN protocols take slightly longer to negotiate connections than SSL-based protocols. However, this does not apply to IKEv2/IPSec. IKEv2 is an IPSec-based VPN protocol that is more than a decade old. Nevertheless, it is still popular among VPN providers. Its crucial feature is quickly reconnecting whenever the VPN connection is interrupted. This makes it especially useful for mobile iOS and Android clients who don’t always have a reliable connection or frequently switch between Wi-Fi and mobile data.

As for the actual bandwidth, things are not clear here, as there are arguments on both sides. However, according to some claims, IKEv2/IPSec can offer higher throughput than OpenVPN, although both protocols typically use 128-bit or 256-bit AES encryption. The extra layer of UDP that many ISPs add to IPSec traffic to help it pass through firewalls adds to the load. This means that more resources may be required to process it. However, most people won’t notice the difference because, in most consumer VPNs, throughput is determined by server and network congestion, not the VPN protocol.

Ease of use

IPSec is more versatile, but most VPN provider applications users will not notice the difference. Because IKEv2, SSTP, and L2TP are built-in IPSec-based VPN protocols in most major operating systems, they do not necessarily require an additional application to run and work. However, most consumer VPN users will still use an ISP application to connect. In addition, although SSL works by default in most web browsers, you will need a standalone application to use OpenVPN. From an end-user perspective, IKEv2 offers a more user-friendly interface. This is because IKEv2 connects and handles interruptions faster. That said, OpenVPN is more versatile and may be better suited for users who can’t get what they need with IKEv2.

If we talk about corporate VPNs, they aim to provide access to the company network, not the Internet. The consensus is that SSL is better suited for remote access, and IPSec is preferred for VPNs between networks. Because IPSec operates at the network layer of the OSI model, it gives the user full access to the corporate network regardless of the application. Consequently, restricting access to specific resources can be more difficult. On the other hand, SSL VPNs allow businesses to control remote access to specific applications at a fine level.

Generally, network administrators who work with VPNs find that client management using SSL is much easier and less time-consuming than using IPSec.

Conclusion

If you have both options, we recommend using IKEv2/IPSec first, and if you have any problems, try OpenVPN. IKEv2 connection speed will be more comfortable for everyday VPN users while offering comparable security and speed. However, it may not work in some circumstances. Until recently, OpenVPN/SSL was considered the best VPN combination for most consumer VPN users. It is fast enough, secure, open-source, and can overcome NAT firewalls. It can also support UDP or TCP.

In turn, IKEv2/IPSec is a new competitor to OpenVPN. It improves L2TP and other IPSec-based protocols with faster connections, excellent stability, and built-in support for most new consumer devices. In any case, SSL and IPSec boast reliable levels of security with sufficient bandwidth, safety, and ease of use for most commercial VPN service customers.

The post Difference Between IPSec and SSL appeared first on Gridinsoft Blog.

What Is Data Protection?

People have been practicing data protection since ancient times. Imagine a messenger running from one city to another, carrying a ribbon with seemingly random letters. Or a medieval scribe who makes copies of his manuscripts. Both were protecting data. The runner was using a scytale encoding to keep the message from being read by enemies should he even be caught. The writer made a copy of the text to hide it in a chest to protect it from wind, rain, snow, and thieves. Today we do the same things, but the threats are different.

Data protection encompasses any measures we take to secure data regardless of where it is stored: on a remote server or a hard disk of our computer. These measures include inputting passwords to any devices or Internet accounts, undergoing biometric authentication, installing antivirus software, conducting regular scans, etc. These measures can be arbitrary or obligatory.

What Are Data Protection Regulations?

People’s attitude to the security of their private data can be astoundingly careless. But it’s their problem. On the contrary, those companies who take responsibility for storing or processing their clients’ personal data (like social networks or electronic mailboxes, state registries, public services, etc.) oblige themselves or are obliged by law to implement data protection regulations within their workspace. An example of such obligatory guidelines is GDPR, the International General Data Protection Regulations accepted in the European Union in 2018.

Why Is it Important?

One can hardly find a modern industry that would not rely on information technologies or involve them. Criminals and thieves of all sorts now have a new catch – information. Computer hackers can steal information, destroy it, blackmail owners with its disclosure, or encrypt the data on hacked computers. Then they can demand a ransom from their victims for having their data decrypted. The last case is the first viable and widely-used hacker business scheme – a ransomware attack. In a world where all person’s work, private life, plans, notes, and even dreams become the content of a portable device – the security of this content becomes crucial, and its loss can be deplorable.

Tips & Ways to Protect Yourself

What is very important to remember is that although various internet services comply with their data security policies and regulations, users should cooperate with these services and not overthrow all the responsibility for the safety of their data on the corporations. The following list of data-safety measures is good for protecting data on a personal device and the cloud.

1. Set up two-factor authentication on your financial accounts. Financial accounts are usually more protected than social media profiles, mailboxes, or messengers, but they require more attention and care. A breach of a bank account is like nothing you want to experience. Therefore, use the two-factor authentication in your banking service to protect yourself from fraud, deceptive social engineering, and phishing attacks. All it takes is to press a button on your telephone every time you try to access your banking account. If any crooks get your login and password, you won’t let them use those credentials.

2. Malware protection is a must. Without an anti-malware solution any system today is bare against a jungle of harmful entities. A modern security program will 1) warn you about suspicious webpages you are trying to access, 2) stop you from entering overtly dangerous sites, 3) quarantine and remove any recognizable malicious programs as soon as they end up on your device, 4) clear all hidden threats with the help of a deep scan function.

GridinSoft Anti-Malware is a versatile solution featuring all the described functions and providing consistent protection without inconveniences typical for bulky and “heavy” antivirus programs. Economically beneficial, Anti-Malware is one of the most efficient and quick security programs on the market.

3. Use a firewall. A firewall is a program filter separating a network it protects from the external environment. It can be protecting one computer or an entire workgroup. Most of the OSs have an in-built firewall. It controls the incoming and outbound traffic using pre-defined rules. Users tend to switch off firewalls temporarily to access suspicious websites but later forget to reactivate the defense. That is dangerous and puts a device or a network at risk.

4. Use free Wi-Fi with care.  A Wi-Fi router can be a source of a so-called Man-in-the-middle attack that uses a spoofed network name. After you access the wrong network by mistake, all the data outbound from your device comes into the possession of crooks. Later your data can be used directly against you up to identity theft or blackmailing, or, in better cases, it can be collected and sold to third parties for their own needs.

5. Protect your email accounts. An email account is the core of any person’s virtual representation. Profiles in social media and other internet services often refer to your email address, and that address is essential to password restoration if you happen to need that. Therefore, email safety should be of the utmost concern. Remember to log out from your mailbox on any device except for yours. Also, make sure you use a strong password and change passwords from time to time.

6. Update your software regularly. Computer software nowadays gets updated automatically or with the slightest effort from the user. However, many program vulnerabilities emerge in in-between moments, when one program (let’s say operating system) is already updated, while some different software is not yet up-to-date. Such inconsistent versions can lead to malware infection if cybercriminals intend to pull that over. The most wanted updates are the updates of security programs. The more malware signatures an antivirus program has in its libraries, the more malicious items it will remove from your PC before they can even harm it.

7. Back up your data. Advice to have a backup of all critical information to preempt physical damage of the drive, loss, or theft is one of the wisest hints one could harken to. Anyone who has ever experienced anything mentioned above knows how important it is to have everything in two or maybe even three instances.

8. Don’t store passwords on your laptop or mobile device. Always consider that your portable device might get into someone else’s hands. It might be a good person, but some bad person might also steal your device. You must be ready for such an unfortunate event. And that means not only photos and videos you wouldn’t like anyone to see should not be there on your device, but definitely, passwords should not be stored thereon. By the way, don’t forget to log out from all the accounts remotely when you notice your device is gone.

Always know what you are doing on the web. This tip is not as silly as it sounds. Advertising banners that lead users from one site to another create a wave of curiosity. At first, the user thinks that he or she is surfing that wave, but eventually, it turns out that this wave pushes the user towards dangerous websites that can be filled with scripts – commands that the operating system will start executing if no security software stops this process. These scripts can be the beginning of an automatized malware attack.

The post 10 Working Tips to Protect Your Personal Data appeared first on Gridinsoft Blog.

Alas!

The browser starts to act stupid, redirecting and taking you places filled with creepy adverts or worse yet, issuing warnings of possible harm if you don’t “Update Your Flash Player.” And while the naïve would likely fall for the trap, smart and tech-savvy individuals may automatically note the adware running in the background. But as ubiquitous as the phenomenon is, adware attacks are a discreet way cyber criminals are using to make money off the unsuspecting.

Though it is probably the most popular way of telling that you are under attack, there are other subtle and perhaps less ferocious cyber attacks. There’s a form of adware gradually going mainstream. Besides redirecting, the virus goes ahead and alters your default search engine to something weird.

You start your PC, ready to browse the web, but once you key in whatever you need to search the web, you are redirected to a page with bizarre search results. It happens often and hurts the unsuspecting!

Pop-ads are yet another sign your computer is under an immense adware attack.

Simple as they appear, these pop-ads can be a source of immense misery, hurt your typical browsing habits and perhaps steal valuable data as you browse.

Many other times, these malicious occurrences make the PC act slower than it normally does, including lowering the average browsing speed and how the computer executes simple tasks. Of course, the phenomenon becomes more suspicious when you note the occurrence yet your PC doesn’t have a heavy program running or when you’re connected to a fast internet.

How Adware Works

Generally, these malicious tools are embedded into ‘free-ware’ or pirated software and act as part of a bundle of payment to the proprietor of the freely downloaded software.

Adware is simple software that comes with integrated advertising materials, including those that trigger redirects and pop-ups.

Mostly, the adware is activated whenever the tool that it is embedded in runs and the PC is connected to the internet.

At the moment, many software developers offer their products as “sponsored software” so that the ad pays for the free services provided. It is a pretty common type of adware and may continue until the user pays to register and thus unlock the ad off the software.

Regardless of how they work, these malicious attacks are very much annoying. Pop-ads waste a lot of time, while redirects and the slowing down of the PC hurt the ordinary performance of the computer. Aside from these, adware can set the stage for various other attacks, including spyware, ransomware and virus attacks.

How to avoid Adware

Tip #1 Never click any suspicious-looking pop-up windows and ads
Tip #2 Don’t answer or reply unsolicited emails and messages
Tip #3 Exercise utmost caution when downloading free software applications

Above all, invest in the best malware removal software. GridinSoft Anti-Malware does a great job!

The post Adware Everywhere: Who Knows What Is Happening? appeared first on Gridinsoft Blog.

1. Update your software: Before you leave for vacation, make sure your laptop’s operating system and security software are up to date. This will help protect against known vulnerabilities and keep your computer secure.
2. Use a strong password: Use a strong, complex password to protect your laptop. Avoid using common passwords like “password” or “123456,” and consider using a password manager to keep track of your passwords.
3. Enable two-factor authentication: Two-factor authentication adds an extra layer of security by requiring a code in addition to your password. Enable this feature on your laptop and any accounts you access while traveling.
4. Encrypt your data: Encrypting your data can help protect it from unauthorized access. Use software like BitLocker or VeraCrypt to encrypt your hard drive, and consider encrypting any sensitive files you’ll be traveling with.
5. Use a VPN: A virtual private network (VPN) encrypts your internet traffic and hides your IP address, making it harder for hackers to intercept your data. Use a reputable VPN service when accessing public Wi-Fi networks.
6. Be cautious on public Wi-Fi: Public Wi-Fi networks can be vulnerable to cyber attacks. Avoid logging into sensitive accounts or transmitting sensitive data when using public Wi-Fi networks.
7. Disable automatic Wi-Fi connections: Many laptops are set to automatically connect to available Wi-Fi networks. Disable this feature to prevent your laptop from connecting to unknown or unsecured networks.
8. Back up your data: Make sure you have a backup of all your important data before you leave on vacation. This will protect your data if your laptop is lost, stolen, or damaged.
9. Use a laptop lock: A laptop lock can help deter theft when you’re out in public. Use a cable lock to secure your laptop to a fixed object, such as a desk or table.
10. Keep your laptop with you: Finally, the best way to protect your laptop is to keep it with you at all times. Don’t leave it unattended in public places or in a hotel room, and always keep it within your sight when traveling.

Following these tips can help keep your laptop and data secure while on vacation.

Safe travels!

The post 10 Tips to Secure a Laptop on Vacation 🏝️ appeared first on Gridinsoft Blog.

• CIH, 1998

  This virus was created by a student from Taiwan whose initials were CIH. It had spread across the network on April 26 – the date of the Chernobyl accident, so many users call it simply – Chernobyl. This virus is dangerous because it not only overwrites data on the host PC’s hard drive, making it unusable, but it is also capable of overwriting the BIOS of the host. After this, the PC can’t boot up. For the time being, CHI or Chernobyl has infected nearly half a million PCs worldwide.

• Morris worm (1998)

  The first ‘Worm’ virus. It gained a huge amount of attention via the press, and the creator was the first person convicted in the USA under Computer Fraud and Abuse Act. November 1998 was the month when one virus paralyzed the entire Internet’s work, resulting in direct and indirect losses totaling $96 million. It crashed a lot of PCs because of a minor mistake in its’ code – it continued installing on one PC an unlimited number of times, causing the total death of the system.

• Melissa (1999)

  On Friday, March 26, 1999, a new problem appeared– Melissa. It’s an email-based virus. You received an e-mail that contained just one sentence, “Here is that document you asked for…don’t show anyone else. ;-),” with an attached Word document. Nowadays, we understand that it is a virus, but in 1999, it was something new. Those who opened the DOC file (thousands did so) allowed the virus to infect their system and send this e-mail to all the contacts in your e-mail account using your name. Even worse, this virus modified users’ Word documents with quotes from the TV show “The Simpsons. The cybercriminal responsible was caught and sentenced to twenty months’ imprisonment.

• ILOVEYOU (2000)

  The most romantic one on our list of dangerous viruses is the ILOVEYOU virus. Maybe because of its lovely name or insidious strategy, it infected 45 million users for two days! The CHI virus would have taken about two years. So how did it work? A person receives an e-mail with a ” LOVE-LETTER-FOR-YOU ” file with a VBS extension (Visual Basics script). When entered into the system, it would replace all your files, images, and music and then spread itself to all your contacts. The damage was enormous – no one had expected this type of virus. And do you know what? The creator was found but wasn’t charged for this crime because the Philippines had no laws against cyber criminals then.

• Code Red (2001)

  July 13, 2001 – The day when another virus infected the Web. This time, you didn’t need to install a malicious file or even open the e-mail. Code Red or Bady virus just needed an Internet connection that changed the Web page you opened by displaying the text “Hacked by Chinese!”. It spread quickly, and it took less than a week to infect almost 400 000 servers and nearly one million damaged computers.

• MyDoom (2004)

  My Doom appeared in the malware world on January 26, 2004. Not for days, but for hours it infected nearly 2 million PCs! So how did it work? It came as an attachment to an e-mail with an error message containing the text “Mail Transaction Failed.” When you clicked on the attachment, it duplicated this e-mail to all addresses found in your address books. To stop this invasion was tough because the virus blocked access to the sites of antivirus software developers and Microsoft update services.

• Sasser (2004)

  This virus impressed the world because it managed to shut down the satellite communications for French news agencies and even led to the cancellation of several Delta airline flights. Impressive, isn’t it? Instead of e-mail, this virus used a security flaw in non-updated Windows 2000 and Windows XP systems to break into the system. Once the virus infected a computer, it looked for other vulnerable systems. Infected systems were experiencing repeated crashes and instability. Interestingly, this virus was written by a student who released the virus on his 18th birthday. He was fortunate because he wrote the code when he was a minor, so he just got a suspended sentence.

• Bagle (2004)

  At the beginning of 2004 new virus appeared – The Bagle worm. It has a classic method of infection – via e-mails. Why have we put it on the list? Because this virus is the first one created to make a profit by gaining access to financial, personal, and other information. Since then, a malware-for-profit movement has appeared and is currently a huge problem for many users and antivirus companies.

• Conficker (2008)

  Worm Win32 Conficker or just Conficker is a very insidious virus written to attack the Microsoft Windows systems. Using OS vulnerabilities, “Conficker” slipped unnoticed by antivirus programs, and even worse, it blocked access to their databases and updates for the OS. The names of all services were substituted, and the virus was registering in different parts of the system, so it was almost impossible to find and destroy all its fragments. There were more than 12 million infected computers worldwide, and it taught antivirus companies and OS providers a harsh lesson to improve their security.

• Stuxnet

  Last but not least was the worm called Stuxnet. It was discovered in 2010, and you’ve probably already heard about it. It targeted industrial control systems that monitor and control large-scale industrial facilities, including power plants, dams, waste processing systems, and chemical and nuclear operations. It allows the hackers to take control of every important system control without being noticed. This is the first-ever attack that allows cybercriminals to manipulate real-world equipment and bring huge damage to world security. Iran has suffered the most damaging effects of Stuxnet (nearly 60 percent of all the damage caused)..

So, as we can see, it took less than 20 years to develop viruses from the commonplace spam e-mail to a massive threat to the world. What will be next? Will antivirus programs be capable of protecting us in the future? And what about world peace? There are a lot of questions, and there are no definite answers. Leave a comment below. What do you think awaits us in the future of viral progression?

The post Top 10 Deadliest Virus in appeared first on Gridinsoft Blog.

A beautiful example of the free Wi-Fi danger was presented by Evan Robertson, 11 years old white-hat hacker in his amazing project for the school science fair. This boy programmed fake Wi-Fi portals by using Raspberry Pi and took them to shopping centers in Austin. Evan wrote the honest Agreement, which users should accept before their connection. He asked people to agree for the Wi-Fi owner to do things like “reading and responding to your emails, monitoring of input and/or output, and ‘bricking’ of your device”. Who on the Earth can agree to such terms? However, more than half of the shoppers do!

(View full Evan’s project presentation on source)

Obviously, the cause is in people carelessness. And if Evan did this just to show, that people usually don’t really care about their privacy, there are many hackers who are not pursuing so noble goals. So, bear it in mind when you transfer money into a checking account, or even just search for the product review using a free Wi-Fi spot in the mall. If you’re not ready to share your identity, all your data and money with someone unfamiliar, take a look at the following tips:

1. Look around to found a source. You should see the store nearby, which can be a spot for a network you’d like to connect with.
2. Beware of the word “free”. Crooks used to give their Wi-Fi networks the names, which include this tricky word.
3. Check the lock on the top. This symbol shows you that your login data and any information you send through the web are unreadable by strangers.
4. Disconnect from the Wi-Fi network immediately when you notice any errors or untypical behavior of your device.
5. VPN will encrypt all your data before it leaves your device. Use it.

The public Wi-Fi shouldn’t be used for some things – avoid to log into your bank’s mobile app while you’re not sure that your connection is really secure. And don’t forget, that the best tip for staying safe and happy is to turn your device off and enjoy your real life

The post How to use Wi-Fi for free and keep your data private appeared first on Gridinsoft Blog.