Tuesday, June 9, 2015

Fake copies of Windows10 contain a virus

Windows operating system has been  historically the best business for cybercriminals. When used by millions of people, any attack against Windows has a chance of success. If only 1% of users fall it is still a good deal. They have thought those who are distributing fake copies of Windows 10 with a virus as a gift. Another very insecure environment are the routers offered by ISPs to their customers, we will talk about it, like the recent theft of data to the US government, and we´ll end up with an interesting reflection on APTs.

Windows 10 will not come to market until 29 July, but  there are messages on social networks offering copies already, a scam in which many users are falling. Actually they are fake copies installing viruses and stealing data. Youtube videos, with  Microsoft logo design and explain how to get a copy and install it. To perform the download you have to register from a Google+ account, Facebook or Twitter, whose credentials go straight to the criminal´s sack.

We do not stop talking about home users safety risks, it has just been made public a study by researchers at the European University of Madrid on 22 routers widespread in Spain because they are a gift from different ISPs to their customers. They have discovered 62 vulnerabilities in these routers, being the most insecure ones Observa T., Comtrend and Huawei. Basically, it is possible entering the router and switch it´s configuration in many cases.

Let´s go now to the United States, where we can still hear echoes of the last great blow to the government of the United States, with the theft of personal data of 4 million public servants by the Chinese government, supposedly. Today the media highlight the poor security of the system which should have protected these data, outdated and mismanaged. Certainly the Syrian Electronic Army has used the troubled waters to assault the official website of the US Army ((www.army.mil).

We end up, just as always, with a text for reflexion. This time it comes from the advisable blog Areópago21 and talks about a new type of advanced and persistent attacks called APT 2.0, where malware is not installed on the victim computer to send their movements to a control center, but other techniques are used as back doors, small scripts or stolen credentials, for not leaving any trace.

And still so much to come…. Have a nice day or night, dear readers.


Post a Comment