Ransomware now targets Smart TV's

And the saga continues...... just when you thought it couldn't get any worse some ass just created a strain of ransomware that can infect Smart Tv's. Lets set the mood, you come home from a stressful day at the office get some dinner and sit down to watch your favorite channel to discover a message demanding bitcoin to gain access to your Tv, now I'm guessing that will put you in great form for the evening. Thanks to a new version of the Frantic Locker (better known as FLocker) Ransomware has now the ability to infect and lock down your Smart TVs until you pay up the ransom making the above scenario much more realistic.


Researchers at Trend Micro have discovered the updated version of FLocker that is capable of locking Android smartphones as well as Smart TVs. Originally launched in May 2015, the FLocker ransomware initially targeted Android smartphones with its developers constantly updating the ransomware and adding support for new Android system changes. So what exactly does Smart Tv locking ransomware do ? is it the same as the other nasty laptop/desktop strains ? Well the answer to those questions is yes and no. 

• FLocker locks the device's screen.
• Displays a fake notice from United States Cyber Police or other law enforcement agency, accusing potential victims of crimes they did not commit.
• Demands $200 worth of iTunes gift card as Ransom to unlock the infected TV.

Trend Micro says the malware is configured to deactivate itself in some regions including Russia, Bulgaria, Hungary, Ukraine, Georgia, Kazakhstan, Azerbaijan, Armenia, and Belarus.

However, if FLocker detects devices outside these countries, the malware will wait for 30 minutes before requesting admin privileges for the device. If the victim rejects the request, FLocker freezes the screen, faking a system update.


"The C&C [command and control] then delivers a new payload misspelled.apk and the ‘ransom’ HTML file with a JavaScript (JS) interface enabled," Trend Micro said. "This HTML page has the ability to initiate the APK installation, take photos of the affected user using the JS interface, and display the photos taken in the ransom page."

Although the new variant of FLocker does not encrypt files on the infected device, it has the capability of stealing data from the device, including contacts, the phone number, device information and location data. Trend Micro's report does not make it clear that how FLocker infects smart TVs, but it does note that typically ransomware infection arrives via SMSes or malicious links.
Therefore, like always you should be wary while browsing the Internet, and receiving text messages or emails from unknown sources. In the event that you do get hit with Flocker there are a number of steps that you can take to get your device back. 

 

How to Remove FLocker from Your Smart TV?

If your Android smart TV gets infected, you should contact the device vendor (phone carrier or TV merchant), or if you are kind of technical, you can remove the ransomware after removing its device admin privileges.

"Users can connect their device with a PC and launch the ADB shell and execute the command 'PM clear %pkg%'," Trend Micro said. "This kills the ransomware process and unlocks the screen. Users can then deactivate the device admin privilege granted to the application and uninstall the app."

 I would advise however that you contact your vendor first before you go all tech wizard on your Tv. Just incase you get infected by some new strain that may not have been thought up yet as this may signal the start of a new targeting faze in the age of the iot.
   

 

Disable that annoying Windows 10 Update Forever!

For the past few month's Microsoft have been on a mission to put there new Windows 10 operating system onto every machine in the world. Now this is great if you actually want the new Windows 10 OS but if you don't well then the constant pop up stating "Your FREE Windows 10 upgrade is ready!" may be driving you crazy. Lucky for anyone who doesn't want to update a one click solution has now come to light saving non Windows 10 inclined users all over the world.

A new free tool, dubbed Never10, provides the user a one-click solution to disable Windows 10 upgrade until the user explicitly gives permission to install Windows 10.

Never10 has been developed by Steve Gibson, the well-known software developer and founder of Gibson Research, which is why the tool is also known as "Gibson's Never10."

So lets do this, if your ready to disable that update do the following:

1. Go to Gibson's Never10 official site and click on the Download.
2. Once downloaded, the program detects if the upgrade to Windows 10 is enabled or disabled on your system and then shows a pop-up. If enabled, Click 'Disable Win10 Upgrade' button.
3. You’ll again see a pop-up that now shows Windows 10 upgrade is disabled on your system, with two buttons to 'Enable Win10 Upgrade' and 'Exit.' Click on Exit button.

The best part of this tool is that you don't have to install an application on your PC to do this. Gibson’s Never 10 is an executable. So you just need to run it, and it doesn’t install anything on your computer. You can delete it when you're done.

For more technical details on how this tool works, you can head on to this link.

Protecting against phishing

Phishing (pronounced fishing) scams are among the most prevalent forms of cybercrime, targeting unsuspecting victims. Although phishing is widespread, it is possible to identify and prevent. Apart from ensuring you install security software, the best way to combat scams is to educate yourself to what these scams are and how to identify them. I found the below video from Meridian Banking that explains phishing very well, and even though its aimed at Meridian customers you should get the idea.

Now that you have an idea of what phishing is and what forms it can take lets go through some addition steps you can take to protect yourself. 

1) Be wary of emails asking for confidential information - especially information of a financial nature. Legitimate organisations never look for this information over email or the phone, if you get such a call or an email you should contact that organisation independently using know contact information from previous correspondence such as a statement or contract.

2) Make sure you when signing up to a new website's that you read there privacy policy. The majority of commercial websites have a privacy policy, which is usually accessible at the foot of the page. In this policy look for the website's policy on whether it will or will not sell its mailing list. If the site in question does sell its mailing list see do they have a policy that allows you to sign up and opt out of this feature if not you might want to consider do you really need to join the site in question. The majority of spam and potentially dangerous phishing emails you receive come from sites you have signed up to that have sold your mailing information to another company or companies.

3) Make sure you maintain effective software to combat phishing. Most Internet Security suites automatically detect and block fake websites. Some will also authenticate major banking and shopping sites. I have also stated in another blog how you can add security plugins to your browser that will help identify dodgy sites and links.

4) Never use links in an email to connect to a website unless you are absolutely sure they are authentic. It is very easy to add a fake link or hyperlink text that will bring you to a fake site or similar looking website. To avoid this open a new browsers and type in the url subtle differences could bring you to a fake site (eg) ww.aib.ie is the AIB banking site what if the link you received was www.aibbank.ie would you know the difference?

5) Never submit confidential information via forms embedded within email messages. This is not a secure practice and all reputable companies know this. If the form is part of a phishing attack the senders are often able to track all information entered.

6) Think twice about opening attachments from senders you are not familiar with eg. getting an email off an unknown address with an attachment labelled as "invoice". If you are not expecting an invoice and you don't recognize the sender chances are the attachment is carrying a malicious payload delete it!

7) I will end with my pet hate, clicking articles on social media that are clearly made up just so you will click on them. eg  BREAKING NEWS: Pamela Anderson shoots president Obama over views on healthcare! This is clearly a bullshit article don't click on it, you can be guaranteed you are entering a world of spam and malware.

I recently came across a bluebird care campaign surrounding cybercrime and the elderly. As part of that campaign they had an infograph that I think is a super informative and can be viewed by clicking here.

Stay safe online for Black Friday

In light of the popularity of the Black Friday phenomenon having made a full transition online shoppers need to be more aware that ever of how they shop online. This is a day that cyber criminals will be in full flight waiting to grab shoppers credit card and login information using eCommerce sites that are vulnerable. This is a day that shoppers need to be extra vigilante when shopping online. Silcon Republic have posted a number of tips to help customers keep safe and the article can be found here.

The main points from that article can be found below.

1) Consumers should be careful not to expose their computer or mobile screen to the eyes of strangers, especially when a credit card number is visible.

2) Online shoppers need to keep their computer updated with the latest malware protection. Even if a consumer conducts all transactions on a secure site, it is possible for the computer to be hacked or to be running malware, which means all data entered can still be stolen.

3) Be aware of internet connections. Using a public Wi-Fi service without encryption gives anyone the ability to hack into the connection and collect a user’s information.

4) Pay close attention to shopping websites. Many websites do not properly protect the data they collect. Shoppers can know the site is safe if it has a green lock in the address bar, which signifies the company has met strict standards with respect to protecting data they collect from customers.

5) Finally, shoppers should frequently monitor bank statements for suspicious transactions. Many times, cyber theft is done in small amounts in order not to draw suspicion.

If you need help in making your devices even more secure you should have a read of some of my posts on securing your laptop and iphone. All of my posts can be found on my blog.

Securing your iPhone 5 +

As the title suggests for this post I am just focusing on the iPhone 5 and up. For the most part Apple are pretty slick when it comes to patching their devices and keeping things secure, however a lot of the features of the iPhone that may make your life a bit easier may also create an area of insecurity around your device. Lets take siri for example, shes great to have a chat with on cold nights when there is no one else around. The issue with siri is she's a bit of a gossip and will talk to anyone. Let's take the following scenario your phone is stolen, you have a lock code on it so even though your pissed your not going to panic just yet. Lets say who ever stole your device has been watching you and they want to find out where you live, they cant do that right? WRONG if you have spent a bit of time setting siri up chances are she can be accessed from the lock screen of your phone, so all our thief/stalker needs to do is ask siri a few simple questions.


Who am I?

Where do I live?

What are my upcoming appointments?


Try this yourself see what information you get back....


Am I starting to paint a picture of how this can all go wrong so fast..... Hold on just before we start to panic I have created a list of 10 things you can do to help protect yourself and your family. Of course you can completely ignore my list and keep living life on the edge if that's your thing :).

1) Disable Siri on a lock screen

Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Allow access when locked” section –> “Siri: off” and “Settings” –> “General” –> “Siri” –> “Allow “Hey Siri”: off”.

2) Use a strong password instead of a 4 digit code

This is important I cant stress enough, how simple it has become to smash out your 4 digit passcode in a few hours. You might think who the hell would bother doing that I'm not some Government spy no your not but you do have lots of juicy personal data in their that can be used to steal your identity or exploits your friends and family. As an extra option, you can also turn the “erase data” feature on, so the device will wipe everything from its memory after 10 failed passcode attempts. But keep in mind that all the data will be erased forever and you won’t be able to recover it i.e DON'T FORGOT YOUR PASSWORD!!!!!

Where can you set these requirements? Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Require passcode: immediately”; “Simple passcode: off”.

3) Turn off lock screen notifications

This is similar to the stalker/possible killer type scenario or just the nosy work colleague keep your shit private! The more information you allow to your screen the more exposed you are, you may not think that matters until you are sitting in the pub and your friend sends you a message to ask: "is that asshole Dave there?", and you can then respond saying "yup hes here and by the way he read the message cause I let my phone display everything to the screen.... sorry plus Dave said he wants the €50 he lent you back!".... Maybe that's exaggerated but don't take any chances.

Where can you set these requirements? Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Allow access when locked” section.

4) Turn on two-step verification for Apple ID and iCloud

This is a big one, in my opinion it will only be a matter of time before every device that requires a log in will force people to use two-step verification, but just in case I'm wrong you should set it up anyway. Apple makes you wait a few days before you can actually set this up so if you start the process don't forget to log back in and finish it off after.. 3 days I think.

Where can you set these requirements? Go to https://appleid.apple.com –> “Manage your Apple ID” –> “Password and Security” –> “Two-Step Verification”.

5) Turn off automatic sync to iCloud

This is one of those things that could really come back and bite you in the ass literally! If you have iCloud set up you have 3G/4G or wifi and you take a picture boom its in the cloud... FOREVER!!! So I don't know but I'm guessing after a crazy night out you may want to review what picture leave your phone and head off to god knows where.

Where can you set these requirements? Go to “Settings” –> “iCloud”.

6) Turn off cookies in your browsers

Your now thinking "cookies" what the hell is this guy on about there is no "cookies" in my phone, I can't dip this thing in tea! No you cant and please don't try your phone won't taste great it will just stop working. Cookies are small files which almost any website generates and leaves on your device. They may contain some information about you, your computer or smartphone, and your preferences. It helps websites keep you logged in, or to show you some relevant content including ads, but in some cases they may be very helpful to cybercriminals as they can contain credentials and other sensitive data. The only issue here is some site just wont work when you disable this so its one of those catch 22 situations.

Where can you set these requirements? For Safari: Go to “Settings” –> “Safari” –> “Privacy & Security” section –> “Do Not Track: on”, “Block Cookies: Always Block”; For third party browsers: see similar browser settings.

7) Don’t let apps access your contacts, photos, messages and other private data

This is one of my pet hates, when I download an app for getting dinner recipes why the hell does it want access to my contacts, my camera and my microphone???? And secondly why would anyone allow it access to any of these things? This really is one that you should spend a bit of time looking into.

Where can you set these requirements? Go to “Settings” –> “Privacy”.

8) Turn off the AutoFill option in your browsers

This is another of those be less lazy common sense type things, if this feature is turned on and someone gets your phone chances are they will be able to log into a number of sites..As you!

Where can you set these requirements? For Safari: Go to “Settings” –> “Safari” –> “General” section –> “Passwords & AutoFill”; For third party browsers: see similar browser settings.

9)Discard automatic WiFi connections to known networks

I don't like this feature at all, and I'm going to tell you why. By having this enabled your phone will not only automatically connected to any wifi network that you logged onto before, but it will also log onto any network with the same SSID (name) of a network that you logged on before. This is dangerous, think of shopping areas that offer public wifi (which of course you wouldn't use because your smarter than that) most of these networks have the same name a common one in Ireland is "eircom". Therefore your phone will automatically connect to these networking if you ever connected to one of that name before, so I really shouldn't have to explain why this can be a fruitful play ground for a cybercriminal.

Where can you set these requirements? Go to “Settings” –> “Wi-Fi” –> “Ask to join networks: on”.

10) Get used to VPN

A VPN or virtual private network is the best way to go to really ensure some safety when browsing the web especially on those public wireless networks that you would never use. There is also no point going for a free VPN as the speeds and reliability and all that other stuff that you don't really understand wont be great. You can make up your own mind on who to go with for this I use AirVPN they charge around €30 for 6 months with unlimited bandwidth.






So guys, that's it for today if anyone has any questions post them below and I guarantee to get back to you within one working year.