Phishing Attack Fixes

Leave a comment

There is a phishing attack that affects Google Chrome, Opera, and Mozilla Firefox. Trusted sites are spoofed to make malicious domains look like the real ones. Check this website for more technical info. A phishing attack happens when an attacker/hacker sends you a link in an email that directs you to a malicious website. Just visiting the website might infect your computer with malware or it may trick you into typing in using your credentials or other personal info like credit card number or email passwords. With everything typed in, the attacker now has your information.

How can we prevent this?

1a. Update Google Chrome. Google has released an update to Chrome to address this issue. Your Chrome version should be 58.0.3029.81. On your Chrome browser, click the three dots found on the upper right corner and select Settings. In the Settings page, click About and Chrome will start updating itself. If the browser cannot update, use Firefox instead and apply the fix described in 1b.

1b. Apply fix for Firefox. Open a new tab in Firefox and type in about:config. Click the “I accept the risk!” button. In the search box, type in the word punycode. A result that shows network.IDN_show_punycode should appear. Double click it to change the last value from False to True.

2. If you receive links in emails, do not click them immediately. Make sure that you know the person who sent you the email or you’re expecting an email from that person. Check also the sender’s email address in the From field. It’s expected that the email address should be something like username@gmail.com or username@yahoo.com. Compare the username too. If it looks like a3nguillo@gmail.com or something like that, delete the email immediately.

3. Check the status bar of your browser as you hover the link. Make sure you did 1a and 1b. Place your mouse on the link but don’t click. Then check your browser’s status bar on the lower left portion of the screen. If the format of the site address looks different from other websites’ site address, don’t click the link.

4. Make sure your antivirus and anti-malware are updated. If you’ve accidentally clicked the link, they will intercept or prevent any malware that could enter your system.

There’s no fix yet for the Opera browser. Apply the suggested fixes and practices and help spread the word.

Advertisements

Mac OS and Malware Issues

Leave a comment

Two new Mac OS malware variants have been discovered as soon as the FlashBack Trojan issue is staring to decline. Discovered by Kaspersky, they are versions of SabPub – an information-stealing Trojan.

Mac OS is starting to get it’s own share of malware attacks now that it has grabbed a big marketshare. But still, Apple continues the won’t-get-infected-by-virus  proposition about the OS. And this is one of the features that PC consumers are anticipating everytime they buy these machines/devices. And that they’re safe from malwares without anything to be done.

Yes it won't get infected by Windows-based viruses.

It’s misleading. Macs won’t really get infected by malwares/viruses that are Windows-based. But they may get infected by those that are made for Macs. Even if those malwares attack third-party softwares (Java, Flash, etc.), it’s just inevitable to install them because they are part of everyday browsing and other computer tasks. Once they’re infected, Mac users would also be exposed to what their Windows counterparts are experiencing, e.g. stolen credentials and the like.

Apple should start educating its consumers about computer security on Macs. There’s nothing wrong on telling your users to install an anti-virus or that they should be extra careful when browsing the web. They should stop this misleading information about a virus-free Mac OS.

Flashback Trojan Removal

Leave a comment

It was reported that more than 650,000 Mac OS X computers were infected by the Flashback Trojan. For now, it only conducts a click fraud scam that takes control of users’ search results in their browsers. But according to this report, it can steal banking and other login credentials.
Flashback Trojan disguises itself as a Flash installer. If you are prompted to install Flash which looks like the image below, abort the installation by clicking the X button on the upper left corner of the window.
If you want to check if your machine is infected, download the removal tool (FlashbackRemoval.zip) from F-Secure. Unzip the file after downloading and double click the unzipped script. You will be asked to accept the license agreement.
If traces of the trojan are found, it will start the clean up process. But if your system is clean, you will be prompted by this:
Apple has already released an update which has an integrated tool for removing the trojan. Always keep your Macs updated. Here’s the screenshot of the update:

Older Entries

%d bloggers like this: