Cybersecurity Blog

Your ad-blocker Chrome extension may be malware – 04/19/18

Adguard has found 5 very popular ad-blocker Chrome extensions in the Google Webstore which contain malware that allows a criminal to take control of your browser.

  • AdRemover for Google Chrome
  • uBlock Plus
  • Adblock Pro
  • HD for YouTube
  • Webutation

Google has removed the extensions. However if you have installed one of them:

  1. Uninstall it immediately.
  2. Change the passwords on all your accounts.
  3. Keep an eye on your bank accounts and credit card statements.

The malware these extensions contain work in the background making detection very difficult. As far as the user is concerned the extension is what it appears to be. For this reason millions of unsuspecting users downloaded them onto their machines.

How do you protect yourself from malignant browser extensions? Don’t download them.  If you really, really need the extension make sure you know who the developer is. Stick to well known trusted developers that you recognize.

Why you should worry about cryptocurrency mining – 01/26/18

First things first, what is cryptocurrency? Cryptocurrency is digital currency. The most known is Bitcoin, however others are popping up such as Monero.  How do they work? Well, I found a nifty little video that tells you the basics. It refers to bitcoin but the premise applies to all cryptocurrencies.

Neat huh?  Notice the part where they say it takes lots of computing power and lots of electricity to mine? This is where things get interesting. Criminals have figured out that if they use the computing power of other machines, they can mine more cryptocurrency faster without having to invest in all the computing power or electricity themselves.

Why should you be concerned? More and more malware is mining cryptocurrency. The malware is often hidden on legitimate websites, applications or browser extensions.  Why is this a problem? After all it is just using the processing power of my computer, its not actually doing any real harm is it? Well, no and yes. No it isn’t doing anything malicious like encrypting your hard drive or stealing your data. However, it is wearing out your machine and slowing it down. The more clever mining malware waits until you aren’t actually using your machine to mine. This reduces the chance you will notice that it is actually there, but still wears out the processor, eats up bandwidth and increases your electricity bill. Less clever creations, slow your computer down to a noticeable crawl.

Having millions of other peoples computers mining cryptocurrency for you can be quite lucrative. So much so that some websites have turned from using adware to generate revenue to asking users to lend their computing power. This is just fine if the user knows it happens and consents. It is another thing entirely when its done behind the scenes. Finding out your machine is being used for mining after the fact tends to leave you feeling like you need to take a shower. Its just not nice.

So what can you do about it? First of all, if your workstation seems slow contact the Service Desk. If it is your home machine, check the CPU processes to see if you have any spikes in usage.  How do you prevent the mining in the first place?  The mining software is considered to be malware, so the regular security measures that you take to protect yourself from malware will protect you from crypto mining. Make sure you:

  • Use an Ad blocker
  • Stay away from shady websites
  • Only download software from reputable sites with good reviews
  • Beware of browser extensions

Las Vegas Victims Charity Scam – 10/12/17

Just like clockwork, the scammers have surfaced to take advantage of the tragic shooting in Las Vegas. The have created fake gofundme pages, fake facebook pages and fake charity sites all designed to tug on your heart strings and take your money. They are enticing you to visit these fake sites by sending texts and emails encouraging you to donate and help out the unfortunate victims.

At the very best clicking one of these links or visiting one of these websites will result in the donation going to the scammer. At the worst, your financial information can be compromised or malware can be loaded onto your computer.

If you wish to donate, be careful of the sites you visit. Use a google search or bookmark to find your favorite charity.  Ignore facebook posts, texts and emails asking you to donate as they could be set up by scammers.

Want to donate, but you aren’t sure who is legitimate? Visit www.charitynavigator.org. This free website will let you know if a charity is legitimate or a scam.  By being aware, you can make sure your money goes to the victims and not the criminals.

Adult Websites Delivering Malware via Pop-ups – 03/21/17

A new malvertising (malware masquerading as advertising) campaign is targeting popular adult websites in Canada and the UK. Unsuspecting visitors to these trusted sites are clicking on the webpages to view content. Unfortunately instead of being rewarded with juicy pics, they receive a pop-up advertisement loaded with malware.  Normally the user’s anti-virus will detect the malware and block it from doing any damage. However, some of these nasty things are brand new and unknown to many types  of anti-virus software so they are not detected and infect the user’s computer.

Adult websites receive millions of visitors every month and therefore are favorite targets of hackers. However, any site can be hijacked by a cyber criminal and used to deliver malvertising.  How do you protect yourself from being a victim?

  • Keep your anti-virus software up to date.
  • Set your browser to block pop-ups.

Unfortunately, your browser cannot determine which pop-ups are malicious and which ones are delivering legitimate content. How do you know if you are missing out on content because a pop-up is being blocked? Your browser lets you know.

After you have set your browser to block pop-ups, when you visit a website that contains them your browser notifies you.  At that point you can choose to allow pop-ups for that specific site or continue to block them. Do not allow pop-ups unless you are sure the content being delivered is not malicious.  Happy surfing!!