Greetings from EagleTech Computer Service!
Here are some topics we will be covering in this edition :
- Neverquest - the worst banking virus/thief yet!!!
- Which Free Antivirus software is the best?
- Which Paid Antivirus software is the best?
- Do I need an Antivirus on my Smart Phone or Pad?
- Password Safety
As we come into this New Year my commitment to each of you is that I will do my best to assist you with each of your computers, to continually study concepts that make for enjoyable and safe computing, and pass along good advice in each of these Newsletters. Don't hesitate to request that I cover specific issues that you face in your computing.
Happy New Year to all our EagleTech Clients!
Thanks for being the great clients each of you are...!!!
Neverquest - the worst banking virus/thief yet!!!
New Neverquest malware steals bank account logins and lets attackers access accounts through victims' computers.
For over five years, Zeus has been the undisputed king of banking malware. Once this trojan was loaded onto a victim's machine, it could:
Detect when the owner entered banking information into a web browser.
Steal passwords and other pertinent login information.
Encrypt the stolen information and send it to the attacker's specified servers.
Zeus was also one of the first pieces of malicious software to be sold under a license. For the right price, any criminal could purchase and use it.
Zeus remains active today, but its source code was published online in 2011 and this cyberscourge has about run its course. Unfortunately, Security experts are already sounding the alarm about a new piece of malware that makes Zeus look like a simpleton. Neverquest significantly raises the bar for online banking malware.
How Neverquest works:
Like Zeus, Neverquest is a Trojan. Bad guys introduce Neverquest to the victim’s computer via social media, email, or file transfer.
According to the security blog Threat Post, Neverquest replicates in a manner similar to the Bredolab botnet client:
"Bredolab malware used the same methods of distribution that Neverquest is currently using. Bredolab would eventually become the third most widely distributed piece of malware on the Internet." Before it was shuttered, the Bredolab botnet consisted of 30 million computers.
If the victim’s computer is vulnerable to an exploit targeted by Neverquest’s trojan loader; the malware is installed. Then Neverquest starts paying attention to what the user is typing into their web browser. If a predetermined financial term is recognized, Neverquest checks the website domain name. Since, Neverquest has hundreds of banking and financial institutions in its database; there’s a better than average chance Neverquest will be familiar with the banking website.
Once Neverquest recognizes a banking site, it will relay the login information back to the attackers’ command and control server. Once the victim's credentials are in the hands of the attackers, they will remotely control the victim's computer using VNC, log into the victim's banking website, and do one of the following:
Transfer money to different accounts
Change login credentials, locking out the real account owner
Write checks to money mules
And to make matters worse, banking sites are unable to distinguish the victim's login from that of the attacker using Neverquest.
One capability Neverquest has that Zeus doesn’t, is the ability to cultivate new banking sites for its database. If the malcode recognizes certain financial terms, but not the domain; Neverquest will send the information back to the command and control server which then creates a new identity, and updates every compromised computer under its control.
Neverquest in the wild:
One sobering reality is that Neverquest is already for sale. Zeus, being “first of its kind” malware, required skilled controllers. Not so with Neverquest, script kiddies and malware non-experts are able to make use of the potent malware as soon as they buy it.
Standard antivirus software is not effective. Kaspersky mentions in this blog:
“Protection against threats such as Neverquest requires more than just standard antivirus; users need a dedicated solution that secures transactions. In particular, the solution must be able to control a running browser process and prevent any manipulation by other applications.” Kaspersky's Antivirus 2014 has just such a built-in module in its software when setup properly.
Kaspersky also reported that:
"Neverquest is also designed to start harvesting data when an infected user visits any number of sites not related to finance, including Google, Yahoo, Amazon AWS, Facebook, Twitter, Skype and many more."
It appears that Neverquest developers are looking to diversify.
Despite Neverquest's formidable capabilities, there are several things we can do to protect ourselves. First, there is the security expert’s mantra, “Make sure the computer operating system and all applications are up-to-date.” Doing so will at least prevent malware from exploiting known weaknesses.
Use an effective Antivirus Software, such as Kaspersky, to watch over your Internet connections. While no Antivirus Software is 100% effective, as you will see from the article below, where I discuss Kaspersky, having at least some form of Antivirus Software loaded on your computer is a good idea, making sure it is regularly updated.
Be very careful with Email links, Advertising Links on websites, sketchy websites (any website that even begins to appeal to prurient interests should be considered suspicious), websites that offer free programs, lesser known websites, and clicking on any pop-up message while surfing the internet.
Which Free Antivirus software is the best?
I'm continually studying the answer to this question, and based upon all that I can find at this point I'm going to say that Avast holds the top spot.
If you are very careful on the Internet and with your emails then Microsoft Security Essentials has proven to be just fine, especially if you want an Antivirus that doesn't make you decide what to do with very many popup messages regarding decisions over whether to allow a given process or not. This is the Antivirus software that I most often loaded onto my client's computers in 2013, but I'd have to say with the new attacks entering the world of computing I may be shifting back to Avast again.
If you are willing to think through the popup messages of Avast, and carefully watch that they don't trick you into upgrading to a trial version of their paid software that will expire in a month, then Avast is a very good way to go.
Which Paid Antivirus software is the best?
Here is a site that carefully reviews each software and the results of their testing. As you will see Kaspersky gets the highest overall rating. For this reason, if you want the best then you want the paid version of Kaspersky. For the best free version I like the results of Avast. See what you think.
Do I need an Antivirus on my Smart Phone or Pad?
Many clients are beginning to ask me if they need an Antivirus app on their smart phone or pad and in a nutshell here is what I've discovered.
If you have an Android phone or pad then if you ONLY download from Google Play Store then you are far less likely to get a malware infected app. However, this is not to say it couldn't happen but that Google's screening process is the best in class right now and for this reason I suggest you only download apps from the Play Store.
If you have an iPhone then your only option, unless you break the operating system's protective mechanism, is to get all your apps from within the iTunes store. Apple has by far the strongest system of protection for apps of any device. You are very safe with Apple apps. Having said this, while it is true that with smart phones and pads generally the most likely source of viruses will be apps the playing field is starting to shift and more and more web link and email link viruses will be coming at us in 2014.
Generally the goal of virues for these devices has been the stealing of personal data rather than infecting viruses that shut down or corrupt your operating system but this may change in 2014. There is a rapid transition among criminals towards "Ransom" oriented viruses, that seize your operating system and hold your device ransom until you pay them a fee to release it. I am being told this type of virus will begin to be far more prevalent in 2014.
So, do you get an Antivirus app from either Google Play Store or iTunes Store? I'd say a strong "Yes" for those who are using Android based devices, and a soft "Maybe" for those using an Apple device.
If you do decide to go with an Antivirus, at this point, I'm most impressed with Avast as a free service. They offer data protection, virus protection, and the ability to send a code to your device if it is stolen or lost which will instantly delete all your personal info off of it once the person who has it turns it on and connects it to the Internet.
Sooo, yes, I'd suggest you install an Antivirus app on your device right away.
From my wife and I at EagleTech Computer Service we'd like to wish you a -
Many clients ask me what I think is the best way to keep their passwords safe and sorted out so they can easily reach and use them, well I've found that Keeper Security may be one of the best programs. The cost is $9.95 per year per device (smart phone, computer, tablet) so the cost is reasonable. The setup is easy, and it really works.
Here's a link to check it out: http://kepr.co/FVtr2A
Let me know if you have any questions and of course...I'd be happy to help you set it up.
Best of success to you in all your computing.
I’m here to assist you when you need it. As just a reminder... my onsite residential fee is $35 per hour and for the commercial setting it is $45 per hour. Once again...for any clients you send my way, who use my services for an hour or more, I'd be happy to credit you with $9 of free computer service at your next call. Do let me know if you send folks my way and I'll keep notes on that as a credit for my next visit to you, and don't feel embarrassed to remind me you would like that credit when I visit.
Thanks so much!
Your Computer Technician