Are your keystrokes being recorded?

It's always nice to set the scene for these subjects it helps my over active imagination to write better, so lets sit back and imagine the following: you are browsing the internet, firstly you look up a few weird and wonderful subjects, then you tip over to that dodgy website your wife doesn't know about to catch up on that online affair you have been having. You ask how did you know? well if you have been watching any tech related news in the past week you would have seen a headline or two stating things like "popular sites record your every keystrokes" and the rest.

So you ask what does that mean, websites are recording my keystrokes so they have a bulk file filled with code and text and links right?  Well technically yes but someone also though it would be a good idea to create a software that plays back all of this stuff in a film like format, sound scary? well it is and as you can see from the video below were your "keystrokes" to get leaked you might be in a whole pile of doo doo pretty quickly.

Researchers from Princeton University's Centre for Information Technology Policy (CITP) analyzed the Alexa top 50,000 websites in the world and found that 482 sites, many of which are high profile, are using a new web-tracking technique to track every move of their users.

Dubbed "Session Replay," the technique is used even by most popular websites, including The Guardian, Reuters, Samsung, Al-Jazeera, VK, Adobe, Microsoft, and WordPress, to record every single movement a visitor does while navigating a web page, and this incredibly extensive data is then sent off to a third party for analysis.

"Session replay scripts" are usually designed to gather data regarding user engagement that can be used by website developers to improve the end-user experience. However, what's particularly concerning is that these scripts record beyond the information you purposely give to a website—which also includes the text you type out while filing a form and then delete before hitting 'Submit.'

If your starting to get cold sweats after reading the above then here are a couple of sites where you can educate yourself a bit further on this topic.

https://thehackernews.com/2017/11/website-keylogging.html

https://thenextweb.com/security/2017/11/21/hundreds-of-websites-record-your-every-keystroke-without-you-knowing/

https://www.dailydot.com/debug/websites-record-keystroke/

Ransomware now targets Smart TV's

And the saga continues...... just when you thought it couldn't get any worse some ass just created a strain of ransomware that can infect Smart Tv's. Lets set the mood, you come home from a stressful day at the office get some dinner and sit down to watch your favorite channel to discover a message demanding bitcoin to gain access to your Tv, now I'm guessing that will put you in great form for the evening. Thanks to a new version of the Frantic Locker (better known as FLocker) Ransomware has now the ability to infect and lock down your Smart TVs until you pay up the ransom making the above scenario much more realistic.


Researchers at Trend Micro have discovered the updated version of FLocker that is capable of locking Android smartphones as well as Smart TVs. Originally launched in May 2015, the FLocker ransomware initially targeted Android smartphones with its developers constantly updating the ransomware and adding support for new Android system changes. So what exactly does Smart Tv locking ransomware do ? is it the same as the other nasty laptop/desktop strains ? Well the answer to those questions is yes and no. 

• FLocker locks the device's screen.
• Displays a fake notice from United States Cyber Police or other law enforcement agency, accusing potential victims of crimes they did not commit.
• Demands $200 worth of iTunes gift card as Ransom to unlock the infected TV.

Trend Micro says the malware is configured to deactivate itself in some regions including Russia, Bulgaria, Hungary, Ukraine, Georgia, Kazakhstan, Azerbaijan, Armenia, and Belarus.

However, if FLocker detects devices outside these countries, the malware will wait for 30 minutes before requesting admin privileges for the device. If the victim rejects the request, FLocker freezes the screen, faking a system update.


"The C&C [command and control] then delivers a new payload misspelled.apk and the ‘ransom’ HTML file with a JavaScript (JS) interface enabled," Trend Micro said. "This HTML page has the ability to initiate the APK installation, take photos of the affected user using the JS interface, and display the photos taken in the ransom page."

Although the new variant of FLocker does not encrypt files on the infected device, it has the capability of stealing data from the device, including contacts, the phone number, device information and location data. Trend Micro's report does not make it clear that how FLocker infects smart TVs, but it does note that typically ransomware infection arrives via SMSes or malicious links.
Therefore, like always you should be wary while browsing the Internet, and receiving text messages or emails from unknown sources. In the event that you do get hit with Flocker there are a number of steps that you can take to get your device back. 

 

How to Remove FLocker from Your Smart TV?

If your Android smart TV gets infected, you should contact the device vendor (phone carrier or TV merchant), or if you are kind of technical, you can remove the ransomware after removing its device admin privileges.

"Users can connect their device with a PC and launch the ADB shell and execute the command 'PM clear %pkg%'," Trend Micro said. "This kills the ransomware process and unlocks the screen. Users can then deactivate the device admin privilege granted to the application and uninstall the app."

 I would advise however that you contact your vendor first before you go all tech wizard on your Tv. Just incase you get infected by some new strain that may not have been thought up yet as this may signal the start of a new targeting faze in the age of the iot.
   

 

Securing your android (the basics)

I have been asked a bit lately about securing android devices as I tend to focus on the apple side of things as I myself use the iPhone. There is a myth out there that android is inherently insecure and this really isn't true, android out of the box is pretty good its the user that make the device insecure. The real issue with android is anyone can make an app and upload it to their store they don't check first to see if you are a potential cyber criminal. I think from memory that at one stage in the past few years the top 5 apps in the android store were in fact trojan horses this might be wrong but I am pretty sure their is some truth their I need to go back and double check this. So to minimize the waffle you ask "what do I need to do to secure my android?" Well I have put together a number of steps that if followed will definitely help you get to a place where you can feel "secure".

1) Do not save all of your passwords in your device! I don't know why I need to say this but people naturally tend to save their passwords for easy access of whatever the reason on their devices. This is a very bad practice and you should avoid this, think of memorizing your passwords of a way to delaying Alzheimer's and not getting ripped off by cyber criminals.

2) Use your devices inbuilt security features, If you are running on Jelly Bean, you can have a screen lock and encryption enabled to further enhance your security. Use these features they will help you keep your device safe.

3) Androids allow you to lock your apps you should use this feature especially for apps that hold sensitive information. Their is a free app that you can download to enable this feature called App Lock.

4) If you are installing an app read what permissions the app want's!!! If you are downloading some recipe app it doesn't need access to your camera, microphone and contacts. This should be common sense but for some reason people download apps and click ok to everything.

5)  Download a mobile security app, androids are very much open to virus's and malware in comparison to their i0S counterparts. An app I think is pretty good is avast!mobile security.

6) One of the most important things you can do to secure your android is secure your network. I know you wont listen but try to avoid using public networks. You can protect your information by using apps like Hideninja VPN so that your outgoing connection is always encrypted, making it harder for anyone to sabotage your data. If you suspect that your device is being attacked, WiFi Protector can help fend off these attackers. To further enhance your network security you can apply settings from SecDroid but note that this app is only for rooted phones.

Protecting Windows 10 (The Basics)

Over the past few months Microsoft have been firing out their new operating system Windows 10 to the world for free. This blog is more aimed at anyone who is just after installing the operating system as chances are if you are a windows user you may have already upgraded or will be doing so in the near future. Like most things that come fresh out of the box to make them work to a level you might expect takes some tweaking. I am going to focus on a few basic steps you should take right away to make your new operating system secure.

1) Run the windows update straight away, I know you may have spend an hour or two installing the dam thing but running windows update will make sure your operating system has the latest patches. To find windows update just click the little search bar at the bottom of your screen and type "windows update" once opened just hit "check for updates" and your done.

2) System restore is turned off by default in Windows 10 so you might want to turn this on. Microsoft have renamed this function as "system protection" so to turn this on head back down to the little search bar and type "This PC" when the logo appears right click on it and select "Properties" click on "system protection" then click "Configure" and turn system protection on.

3) Check your Windows 10 privacy setting by default everything and I mean everything in here is turned on. To get here you go to START > Settings> Privacy spend a bit of time looking over this and make sure you are happy with it.

4) Make sure that all of your applications are updated in an earlier post I mentioned that Secunia PSI was a good application to check this.

5) Make sure you have your anti-virus turned on if you don't have an anti-virus Windows has a build in AV called Windows Defender. You can find Defender by going to the search bar and typing "Windows Defender".