How Cyber Criminals can steal your money
It never ceases to amaze me how malware can get into your computer. The other day I was downloading Google Chrome for a customer from a malicious website. I was in a hurry and did not check the website URL. Before I knew it, I had downloaded 75 malware programs and viruses in a few seconds. I then spent the next 15 minutes removing them.
It seems that hackers are using malware to take over the cyber world. 8 million new variants per month are infecting computers. That’s right, malware does mutate to catch your computer and anti-virus protection off guard.
The best anti-virus program can detect only 30- 50 percent of the new ones and it takes about a day before it is detected. This means that it can already do damage to your system.
In this blog we will get down into the weeds to describe how vulnerable your computer and network is and how cyber criminals can steal your money.
First, it is important to have several layers of security to protect your data. Malware can come from a variety of places including malicious web sites, special down loads such as Torrent downloads, application downloads, online tool down loads, Web ads, malicious emails and community forums.
The best anti-virus program can detect only 30- 50 percent of the new ones and it takes about a day before it is detected. This means that it can already do damage to your system.
In a previous blog I described how cyber criminals used malware such as ZeusS, Gameover and Ransom ware to steal a lot of money from computer users. Criminals would recruit other hackers on the black market to do their dirty business.
Bits, a Division of the Financial Services Roundtable described in their report how the black market works and how hackers let their malware loose to find its own target. This report said that “Malware is typically used to steal information that can be readily monetized, such as login credentials, credit card and bank account numbers, and intellectual property such as computer software, financial algorithms, and trade secrets.”
Hackers use various means so you don’t know they are there
Hackers and dark hat programmers would use mutated variants to avoid detection. First, special programs from the black market would enable criminals to make their own custom malware. Second, crypters would then be used to hide malware from detection. Crypters work by compiling the binary code with an algorithm to avoid detection by antivirus and anti malware programs. To further avoid detection, the malware would mutant its code dozens of times. So, how can one protect itself from this kind of malware?
Second, these hackers go to great lengths to steal your money. The stealth crypter 2 and similar crypters are sold in black markets. Then these hackers design the custom code that creates the pseudo random domain names which then changes dynamically every hour by a sub domain algorithm It sounds like it is impossible to catch this kind of malware and it almost is.
Then, there is Fileless malware which does not reside in a computer file but hides in the Microsoft registry and executes by injecting the code into a running operating system process.
People ask me what is the registry. Microsoft defines the registry as “a database in Windows that contains important information about system hardware, installed programs and settings, and profiles of each of the user accounts on your computer. Windows continually refers to the information in the registry.” Microsoft recommends that you should not make changes in registry because an incorrect entry may crash your computer. Malware changes in your registry are almost impossible to detect.
Finally there is modular malware which is one of the worst malware programs. A good example is Regin which has been spying on government agencies and businesses since 2008. This is a back door Trojan which took a long time to develop and was probably developed by a nation-state with significant resources, according to Symantec. This malware goes through several stages of mutation and drops its final payload as an encrypted file. Thus, it has staying power because it avoids detection. One wonders how many other Regins are out there undetected.
Perry’s Computer Repair recommends a layered security approach to protect your home and business.
The following ten layers are suggested.
- A premium virus protection program which is not free such as McAfee, Norton or Kaspersky Labs.
- A good real time malware protection program such as Malwarebytes.
- A strong firewall and a check to see if it is doing its job.
- A Internet filter such as Open DNS.
- A good back up of all files in case malware destroys your files.
- Encrypted passwords on desktops and networks.
- Using facial recognition such as True Key on your banking websites. I use true key and can install it if you use Windows 10.
- Checking Window updates to see if recent updates have been added.
- Setting a restore point often so that if your computer is crashed by malware, you can get your computer restored.
- A monthly check of computer security by a professional like Perry’s Computer Repair.