Share This

Wednesday, 30 August 2023

When malware strikes


Knowing what to do can be the difference between a costly trip to the repair shop and a diy fix at home.

MANY of us have been there before – an accidental click or file download that leaves us worrying about whether our passwords have been stolen or our webcam has been compromised.

Or maybe it’s the system becoming slow, erratic, freezing, or crashing, which may hint that something strange is going on with your machine.

But hiring a professional can be an expensive affair, and lugging around an entire desktop computer for troubleshooting is anything but fun, so it’s best to check if you can fix the issue yourself.

Those on Windows 7 or 8 should take note that their operating system (OS) is in end-of-life status, making it especially vulnerable to malware as it no longer receives security updates.

Antivirus 101

One thing to keep in mind is that no antivirus or anti-malware tool is perfect, as one may detect a virus while another misses it completely.

Like seeing a doctor, it’s valuable to have a second opinion in the form of another software scanner. Good options include Malwarebytes, Avast Antivirus, and antivirus programs from Kaspersky.

However, the first thing you’ll want to do is download Rkill (bit.ly/rkill), a handy tool from Bleeping Computer that kills malware still resident in memory and running in the background, also known as “processes”. It will also list them in a text file.

This is vital, as active malware can attempt to trick and hide from antivirus programs.

Then do an antivirus scan – don’t use more than one at the same time, as simultaneous scans can result in the antivirus programs mistaking each other for malware.

If the scans turn up positive, potentially malicious items will be listed, and the antivirus will prompt you on what action to take, such as to quarantine or remove the affected file or folder.

It’s best practice to look up the name listed by the antivirus, as it could be a false positive.

Then switch over to the alternative antivirus tool and run another scan to cover blind spots.

If the antivirus discovered an issue and fixed it, then all is well; otherwise, you will have to get your hands dirty by engaging in a little “digital forensics”.

‘Suite up’, digital detective

Your digital forensics work will require a toolkit to analyse and understand your computer better, especially what’s causing the issue.

Our recommendation is the Sysinternals Suite (bit.ly/sysinternalssuite), a set of utilities from Microsoft that provides a detailed view of what each and every program and process is doing.

Like Rkill, Sysinternals is meant to do the same, except that you will be the one identifying, disabling, and removing the malware manually.

One of the most useful tools it contains is the Process Explorer (procexp64.exe in the Suite folder), which lists all the active processes in a system, one of which could be malware.

In Process Explorer, click on the options tab and enable the options for both “Verify Image Signatures” and “Check Virustotal.com”.

Things to look for here are processes without descriptions or verified image signatures from a third-party vendor to indicate it’s a legitimate program.

The description and signature columns may turn up blank for some Windows processes, so ignore those and focus on the ones labelled “unverified”.

Virustotal.com is a website that collates information from 75 different malware-scanning engines because, you know, who needs a second opinion when you can get 75?

If a process is legitimate, then it should have a proper description, a verified image signature from a third-party vendor (like Microsoft or Adobe), and not be flagged by any of the antivirus engines (0/75).

A side note: users looking to check if a specific file is malware can also upload it directly to Virustotal.com, though the size is limited to 650MB.

Make sure to look up each process to find out more about it before taking action, as there are many different types of malware out there, with some being more difficult to remove. There’s a shortcut to searching online included in the right-click menu to help with this. Process Explorer can also be used to uncover processes that are utilising the resources of your graphic card, RAM, and storage.

For a more granular view of what a process is doing, the Process Monitor (Procmon64.exe) tool includes details like where a process is writing a file and whether it’s making a network connection to upload something.

Do note that it is still not immune to false positives. Two of my legitimate processes are always flagged by Virustotal: Apagent.exe (for an Apple Airport Router that was repurposed as network attached storage) and Gaming services. exe (an official process from Microsoft for its video game platform and store).

When a malicious process is discovered, right-click and view its properties, which will reveal details like how it is being launched and where the file is being stored.

Like with Rkill, you will need to kill the malicious process, though some malware types run multiple processes at once so that they can restart each other as you kill them.

In this case, it’s best to “suspend” the target processes first before terminating them.

Then move on to the Autoruns (Autoruns64.exe) tool to disable it from starting up automatically when the machine turns on.

Avoid deleting the entry right away since it could be a misidentified process; instead, disable it first to confirm it is indeed malware.

Once sure, navigate to the folder hous usually ing the malware – these are “user folders” like Temp or Appdata, as administrative rights are not required for malware to access them – and delete the source file to end your woes.

Though, for more complex malware, manual removal may be difficult or downright impossisure ble, so make to check what is involved.

In the worst scenario, case there’s always the nuclear option of doing a clean install of Windows, but this will wipe out your entire system.

Source link

Related post:

DIGITAL WAVE of deception

DIGITAL WAVE of deception


DIGITAL WAVE of deception




Sophisticated scam technology harnessing artificial intelligence is capable of deceiving even the most vigilant.

COMPUTER-GENERATED children’s voices that fool their own parents. Masks created with photos from social media deceive a system protected by face Id.

They sound like the stuff of science fiction, but these techniques are already available to criminals preying on everyday consumers.

The proliferation of scam tech has alarmed regulators, police, and people at the highest levels of the financial industry. artificial intelligence (ai) in particular is being used to “turbocharge” fraud, US Federal Trade Commission chair Lina Khan warned in June, calling for increased vigilance from law enforcement.

Even before ai broke loose and became available to anyone with an Internet connection, the world was struggling to contain an explosion in financial fraud.

In the United States alone, consumers lost almost Us$8.8bil (Rm40.9bil) last year, up 44% from 2021, despite record investment in detection and prevention. Financial crime experts at major banks, including Wells Fargo and Co and deutsche Bank ag, say the fraud boom on the horizon is one of the biggest threats facing their industry.

On top of paying the cost of fighting scams, the financial industry risks losing the faith of burned customers.

“It’s an arms race,” says James Roberts, who heads up fraud management at the Commonwealth Bank of australia, the country’s biggest bank.

“It would be a stretch to say that we’re winning.”

The history of scams is surely as old as the history of trade and business.

One of the earliest known cases, more than 2,000 years ago, involved a greek sea merchant who tried to sink his ship to get a fraudulent payout on an insurance policy.

Look back through any newspaper archive, and you’ll find countless attempts to part the gullible from their money.

But the dark economy of fraud, just like the broader economy, has periodic bursts of destabilising innovation.

new technology lowers the cost of running a scam and lets the criminal reach a larger pool of unprepared victims.

Email introduced every computer user in the world to a cast of hard-up princes who needed help rescuing their lost for tunes.

Crypto brought with it a blossoming of Ponzi schemes that spread virally over social media.

The future of fake

The ai explosion offers not only new tools but also the potential for life-changing financial losses.

and the increased sophistication and novelty of the technology mean that everyone, not just the credulous, is a potential victim.

The Covid-19 lockdowns accelerated the adoption of online banking around the world, with phones and laptops replacing face-to-face interactions at bank branches.

It’s brought advantages in lower costs and increased speed for financial firms and their customers, as well as openings for scammers.

Some of the new techniques go beyond what current off-theshelf technology can do, and it’s not always easy to tell when you’re dealing with a garden-variety fraudster or a nation-state actor.

“We are starting to see much more sophistication with respect to cybercrime,” says amy Hoganburney, general manager of cybersecurity policy and protection at Microsoft Corp.

Globally, cybercrime costs, including scams, are set to hit US$8 trillion (RM37.18 trillion) this year, outstripping the economic output of Japan, the world’s third-largest economy.

By 2025, it will reach US$10.5 trillion (RM48.8 trillion), after more than tripling in a decade, according to researcher Cybersecurity Ventures.

In the Sydney suburb of Redfern, some of Roberts’ team of more than 500 spend their days eavesdropping on cons to hear firsthand how ai is reshaping their battle.

a fake request for money from a loved one isn’t new. But now parents get calls that clone their child’s voice with ai to sound indistinguishable from the real thing.

These tricks, known as social engineering scams, tend to have the highest hit rates and generate some of the quickest returns for fraudsters.

Today, cloning a person’s voice is becoming increasingly easy.

Once a scammer downloads a short sample from an audio clip from someone’s social media or voicemail message – it can be as short as 30 seconds – they can use ai voice-synthesising tools readily available online to create the content they need.

Public social media accounts make it easy to figure out who a person’s relatives and friends are, not to mention where they live and work and other vital information.

Bank bosses stress that scammers, who run their operations like businesses, are prepared to be patient, sometimes planning attacks for months.

What fraud teams are seeing so far is only a taste of what ai will make possible, according to Rob Pope, director of new Zealand’s government cybersecurity agency, CERT nz.

He points out that ai simultaneously helps criminals increase the volume and customisation of their attacks.

“It’s a fair bet that over the next two or three years we’re going to see more ai-generated criminal attacks,” says Pope,

a former deputy commissioner in the New Zealand Police who oversaw some of the nation’s highest-profile criminal cases. “What AI does is accelerate the levels of sophistication and the ability of these bad people to pivot very quickly. AI makes it easier for them.”

To give a sense of the challenge facing banks, Roberts says right now the Commonwealth Bank of Australia is tracking about 85 million events a day through a network of surveillance tools.

That’s in a country with a population of just 26 million.

The industry hopes to fight back by educating consumers about the risks and increasing investment in defensive technology.

New software lets CBA spot when customers use their computer mouse in an unusual way during a transaction – a red flag for a possible scam.

Anything suspicious, including the destination of an order and how the purchase is processed, can alert staff in as few as 30 milliseconds, allowing them to block the transaction.

At Deutsche Bank, computer engineers have recently rebuilt their suspicious transaction detection system, called Black Forest, using the latest natural language processing models, according to Thomas Graf, a senior machine learning engineer there.

The tool looks at transaction criteria such as volume, currency, and destination and automatically learns from reams of data what patterns suggest fraud.

The model can be used on both retail and corporate transactions and has already unearthed several cases, includone ing involving organised crime, money laundering, and tax evasion. 

Wells Fargo has overhauled its tech systems to counter the risk of Ai-generated videos and voices. “We train our software and our employees to be able to spot these fakes,” says Chintan Mehta, Wells Fargo’s head of digital technology. But the system needs to keep evolving to keep up with the criminals. Detecting scams, of course, costs money.

The digital dance

One problem for companies: Every time they tighten things, criminals try to find a workaround.

For example, some US banks require customers to upload a photo of an ID document when signing up for an account.

Scammers are now buying stolen data on the dark web, finding photos of their victims on social media, and 3D-printing masks to create fake IDS with the stolen information.

“And these can look like everything from what you get at a Halloween shop to an extremely lifelike silicone mask of Hollywood standards,” says Alain Meier, head of identity at Plaid, which helps banks, financial technology companies, and other businesses battle fraud with its ID verification software. Plaid analyses skin texture and translucency to make sure the person in the photo looks real.

Meier, who’s dedicated his career to detecting fraud, says the best fraudsters, those running their schemes as businesses, build scamming software and package it up to sell on the dark web.

Prices can range from US$20 (RM95) to thousands of dollars.

“For example, it could be a Chrome extension to help you bypass fingerprinting or tools that can help you generate synthetic images,” he says.

As fraud gets more sophisticated, the question of who’s responsible for losses is getting more contentious.

In the United Kingdom, for example, victims of unknown transactions – say, someone copies and uses your credit card – are legally protected against losses.

If someone tricks you into making a payment, responsibility becomes less clear.

In July, the US top court ruled that a couple who were fooled into sending money abroad couldn’t hold their bank liable simply for following their instructions.

But legislators and regulators have leeway to set other rules: The government is preparing to require banks to reimburse fraud victims when the cash is transferred via Faster Payments, a system for sending money between UK banks.

Politicians and consumer advocates in other countries are pushing for similar changes, arguing that it’s unreasonable to expect people to recognise these increasingly sophisticated scams.

Banks worry that changing the rules would simply make things easier for fraudsters.

Financial industry leaders around the world are also trying to push a share of the responsibility onto tech firms.

The fastest-growing scam category is investment fraud, often introduced to victims through search engines where scammers can easily buy sponsored advertising spots.

When would-be investors click through, they often find realistic prospectuses and other financial data. Once they transfer their money, it can take months, if not years, to realise they’ve been swindled when they try to cash in on their “investment”.

In June, a group of 30 lenders in the UK sent a letter to Prime Minister Rishi Sunak asking that tech companies contribute to refunds for victims of fraud stemming from their platforms.

The government says it’s planning new legislation and other measures to crack down on online financial scams.

The banking industry is lobbying to spread responsibility more widely, in part because costs appear to be going up. Once again, a familiar problem from economics applies in the scam economy, too.

Like pollution from a factory, new technology is creating an externality, or a cost imposed on others. In this case, there’s a heightened reach and risk for scams.

Neither banks nor consumers want to be the only ones forced to pay the price.

Chris Sheehan spent almost three decades with the country’s police force before joining National Australia Bank Ltd, where he heads investigations and fraud.

He’s added about 40 people to his team in the past year with constant investment by the bank.

When he adds up all the staff and tech costs, “it scares me how big the number is”, he says.

“I am hopeful because there are technological solutions, but you never completely solve the problem,” he says. It reminds him of his time fighting drug gangs as a cop.

Framing it as a war on drugs was “a big mistake”, he says.

“I will never phrase it in that framework – of a war on scams – because the implication is that a war is winnable,” he says. “This is not winnable.” – Bloomberg

Source link

Related post:

When malware strikes

Monday, 28 August 2023

Fukushima discharge worries Malaysians, Unknown human health, marine life and the environment concern many

 

Save the oceans: Ho Sin Leng, 13, adding her signature to the ‘Raise Your Voice, Stop the Discharge of Nuclear Wastewater into the Ocean’ mass petition event at the Nirvana Memorial Garden in Semenyih. — ART CHEN/The Star

Unknown impact on human health, marine life and the environment concern many


HULU LANGAT: As Japan began to release contaminated wastewater into the Pacific Ocean last Thursday, voices of concern among Malaysians are being heard.

A large number of them have shared their reservations about the scheduled discharge of 1.3 million tonnes of wastewater from the Fukushima nuclear plant despite assurances of safety from the Japanese government and scientists including the International Atomic Energy Agency.

A 9.0-magnitude earthquake in 2011 had triggered a tsunami that hit three reactors of the plant located about 250km north of Tokyo.Malaysians are worried about the effects the water release – to be conducted in phases over the next 30 years – would have on human health, marine life and the environment.

Among those who are strongly against Japan’s action is philanthropist Tan Sri David Kong Hon Kong, who is also Nirvana Asia Group founder and executive chairman.

He said the released radioactive substances could spread and “cast a long shadow over the entire world”.

“Since this is the first large-scale release of nuclear wastewater in the world, the extent of its harm is unknown, and no one can guarantee its safety,” he said.

He also questioned the long time frame needed for the wastewater release, saying that it showed there were concerns and uncertainties about its possible effects on humanity.

Kong was present at the launch of the “Raise Your Voice, Stop the Discharge of Nuclear Wastewater into the Ocean” mass petition event held at the Nirvana Memorial Garden in Semenyih, Selangor, yesterday.

It was held concurrently with the company’s annual Zhong Yuan enlightenment ceremony, an event to remember the ancestors, advocate filial piety and pay tribute to the departed.

Kong said the petition has so far received tens of thousands of signatures from Malaysians spread across three huge banners.

He called on more Malaysian companies and individuals to speak out against the matter.

“Being in business does not mean we don’t care. We have our social responsibilities to fulfil. Furthermore, the world is still grappling with the hardship and disarray caused by the pandemic.

“This time, everyone should unequivocally protest the release of nuclear-contaminated water into the ocean to prevent the world from another crisis,” he said.

Kong added that Japan’s action runs contrary to the environmental, social and governance (ESG) principles that are growing in importance and prominence in the country and the rest of the world.

“I call upon everyone and all corporations to participate in this and petition the Japanese government to stop the wastewater release,” he said.

Kong said more petition zones will be put up by his company at its upcoming enlightenment ceremonies at other locations.

They include Nirvana Center Kuala Lumpur on Sept 2 and 3, Nirvana Memorial Park in Klang on Sept 3 and in Shah Alam on Sept 9 and 10.Kong said all the signatures collected will be handed over to the Japanese Embassy in Kuala Lumpur.

Source link

Related posts

Is Fukushima nuclear-contaminated wastewater release safe? What the science says

 A close up of a staff member wearing a hard hat and face mask measuring the radiation levels of storage tanks



Related news:

We must be highly vigilant of Tokyo's ill intentions: Global Times editorial

We must be highly vigilant of Tokyo's ill intentions: Global Times editorial

In the face of the Japanese government's determination to proceed with this action, we need to employ even more sophisticated fighting skills, firmly understanding the purpose and cause we are defending. We must always stand on the high ground of international justice, rendering Japan's political tricks useless.