Monday, January 20, 2014

Not very funny threats

“Our 'Mortadelo Virus' evolved, it took different 'faces', and even used different modus operandi to get to us." That is how Angelucho (@ _angelucho_), one of the most recognized security experts in Spain, expains what has beenwas, in his opinion, the main threat that we faced over the past two years.

But what does Angelucho mean by 'Mortadelo Virus'? What does the peculiar Spanish cartoon character created by Francisco Ibáñez have to do with aa lethal piece of malware? What kind of malware are we talking about? Well, we mean ransomware viruses and their ability to camouflage themselves in different forms, as Mortadelo used to do on Ibañez’s comics. However, their aim is basically always the same: to block user’s device or encrypt user’s files to force him to pay a ransom if they want them back.

But along with ransomware, we can find a long list of threats and some dangerous trends. We witness with concern to the gradual adoption of cloud computing solutions by cybercriminals. This way, they can host malware using major hosting services as Amazon or GoDaddy, which by the way, lead the hosting of malware worldwide with 16% and 14% respectively.

Many times, threats come from flaws in the systems or applications that we use and the "bad boys" can take advantage of them to hit us. For instance, they could do it through the recently discovered an active VPN configurations vulnerability on Android, which allows them to intercept secure communications. Also through a vulnerability in the Microsoft Office 365 Administration portal that would provide full Administrative permissions to an attacker. Microsoft, which has already corrected that major security hole, announced that it will keep Malicious Software Removal Tool updated on Windows XP for one more year, despite the end of the update support for that operating system in less than three months.

Some other common Internet dangers are phishing campaigns, especially dangerous when the target are "banking users". In this regard, the Spanish National Institute of Communication Technologies (Inteco) alerted about two such attacks aimed to mislead clients of Banco Santander and Caja España. Their objective is clear, to obtain user’s access credentials to their accounts.

As users, we should not relax some good practices such as making a backup of our files or letting common sense and prudence guide our steps. Citing Angelucho again, "we are our major vulnerability, but we are also our best antivirus."


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)


Post a Comment