Beware of Ransomware disguised as Windows 10 Update

If you dare to update your system to Windows 10 based on fake emails from Microsoft, then you could be a victim of Cryptolocker Ransomware.  eScan research team has found that cyber-criminals are using various social engineering techniques to take advantage of  millions of people looking for a free system upgrade to Windows 10 which was officially launched on July 29 worldwide .

According to US-CERT, Ransomware is a type of malware that infects a computer and restricts a user’s access to the infected computer. This type of malware, which has now been observed for several years, attempts to extort money from victims by displaying an on-screen alert. These alerts often state that their computer has been locked or that all of their files have been encrypted, and demand that a ransom is paid to restore access. This ransom is typically in the range of $100–$300 dollars and sometimes demands in virtual currency, such as Bitcoin.

What is Cryptolocker?

It is a kind of Ransomware which can prohibit Windows users accessing their photos, personal documents, zip files and host of other files. It makes use of asymmetric encryption i.e. Victims cannot access their files unless they have a private key, which is owned by the malware author and in order to obtain the key, the victim has to pay ransom amount to the cyber-criminal in virtual currency.

How does it work?

The malware enters into the user’s system through a fake email from Microsoft even though cyber-criminal makes use of well-crafted email address update@microsoft.com making it appear as a valid one along with a subject line ‘Windows 10 Free Update’ and an attachment. The attachment was downloaded and executed by our research team and found a warning message along with instruction to pay $600 for the private key within 96 hours. The malicious email was traced to spam servers located in countries such as India, Russia, Thailand, USA and France.

What to do?

  • Users can update their current system to Windows 10 in two stages i.e. Reserve and Upgrade. In the first stage, users need to check whether they have got a notification in their taskbar from Windows which will reserve a free copy of Windows 10. On clicking the menu present on top left, it will check your system and run Windows Advisor to make sure that your hardware and software is compatible with Windows 10. Windows 10 will be downloaded once it is available. And the last stage is Installation where users will get a notification that Windows 10 is downloaded which needs to be installed.
  • Update your antivirus software (eScan) on regular basis, which will protect your system from all kinds of Malware attacks.
  • Configure your antivirus settings to automatic system updates.
  • Regularly backup your important files.
  • Make sure you either implement Mailscan at gateway level or enable Mail Anti-virus on endpoint in order to block extensions such as *.EXE, *.SCR,*.JS, *.VBE etc. These attachments would infect your system.
  • Open emails only if you are positive about the source.
Posted in eScan 11, eScan 14, Security | Tagged , , , , , | Leave a comment

eScan Supports Windows 10

At last the wait is over. Windows 10 is on the threshold of being practical and eScan is all geared up! All eScan range of SOHO products are compatible with Windows 10 with an absolutely hassle-free automatic update mechanism. The users of these products need not even worry of the versions and upgradations process.

Following is the list of products that are compatible with Windows 10:

SOHO Segment

  • eScan Internet Security Suite with Cloud Security.
  • eScan Antivirus with Cloud Security.
  • eScan Total Security Suite.
  • eScan Universal Security Suite (Antivirus for Windows).

SMB Segment

  • eScan Anti-Virus with Cloud Security for SMB.
  • eScan internet Security Suite with Cloud Security for SMB.

Enterprise Segment

  • eScan Corporate Edition (with Hybrid Network Support).
  • eScan Corporate 360 (with MDM & Hybrid Network Support).
  • eScan Endpoint Security (with MDM & Hybrid Network Support).
  • eScan Enterprise Edition (with Hybrid Network Support).
  • eScan Enterprise 360 (with MDM & Hybrid Network Support).

Following things are to be done before upgrading to Windows 10 with eScan older and newer versions:

  • If you have eScan older version, please make sure you download the latest updates, and cross check if eScan version is changed to 1x.0.xxxx.1780 and above.
  • Start the installation for Windows 10 and follow the instructions on screen.
  • Select “Download and install updates (recommended)” option, as shown below:

Rao

  • Once upgrade is complete, eScan will be migrated to Windows 10 to secure your digital life.

Please note that reactivating the existing license of eScan is not required. Also the current builds (1789 and above) are compatible with Windows 10 both fresh and upgrades. As far as Microsoft Edge browser is concerned, at present eScan supports virus scanning and Parental Control. In future eScan plans to add other features like Identity Theft. Stay tuned to www.wiki.escanav.com or www.escanav.com.

 

Posted in eScan 11, eScan 14 | Tagged , , | Leave a comment

Indians Beware: Trojan Targeting your Banking Personal Information

A new variant of Malware which targets Indian Internet users using Windows have been discovered by eScan Security research team called Gen: Heur.MSIL.Krypt. In addition to it more than two aliases or pseudo-identities of the Malware have been found.

How does the Malware enter system?

It propagates as a Trojan that enters the system through spam emails having zipped archives or Microsoft Office document. This could be in form of a receipt for a payment or a delivery. It also enters when infected removable drives such as USB Pen Drives, External Hard Drives are plugged in to the system or by browsing a Compromised or Untrustworthy Website.

How does the Trojan Work?

Firstly after entering the system it gathers information about the victim such as system information which includes computer name, Local date and time, Internet Protocol Address (IP Address) and installed anti-virus solution. Secondly it kills the following processes Task Manager (taskmgr.exe), Command Prompt (cmd.exe), System Configuration (msconfig.exe) and Registry Editor (regedit.exe), which makes it difficult for the user to inspect and fix the problem. Thirdly the Trojan performs the following actions i.e. Log key strokes, capture screenshots, scrap web browsers for saved passwords, browsing history and more. Afterwards the Malware steals banking and financial transactions such as Credit Card Number belonging to the victim. In addition to it, Social networking credentials, Email accounts are also stolen.

What could a computer user do?

  • Update your antivirus software (eScan) on regular basis, which will protect your system from all kinds of Malware attacks.
  • Configure your firewall to default configuration, i.e. deny all incoming connections and only allow services which you explicitly want to offer to outside world.
  • Make use of strong passwords.
  • Turn off file sharing if not needed.
  • Implement a three dimensional security policy in your organization, i.e. firstly understand your requirement based on which IT Security policy would be prepared accordingly. Secondly, educate your staff about the policy and finally enforce the policy.
  • Make sure you either implement Mailscan at gateway level or enable Mail Anti-virus on endpoint in order to block extensions such as *.EXE, *.SCR, *.JS, *.VBE etc. These attachments would infect your system.
  • Open emails only if you are positive about the source.
  • Disable Auto-play to stop automatic launching of files from the network and removable drives.
Posted in Security | Tagged , , , | Leave a comment

Digital India – Challenges and Opportunities

The digital economy is the new productivity platform that some experts regard as the third industrial revolution. This is also known as ‘The Internet Economy’ or Internet of Everything (IoE) and expected to generate new market growth opportunities, jobs and become the biggest business opportunity of mankind in the next 30 to 40 years. The momentum that ‘Digital India’ has given to our technological progress is noteworthy indeed.

There are several pillars of opportunities that are going to be built to escalate public behavior and expectation in digital way:

1. Broadband Highways
2. Digital Locker
3. Mobile connectivity
4. e-Kranti
5. Jobs
6. Manufacturing
7. MyGov
8. Information for all
9. Scope with Foreign Universities

Challenges:

There are several questions that hit our thoughts regarding “Digital India” week. Firstly, why are we using the term ‘week’? If we are in a mission to accustom every single Indian to digitally literate, then it might take years or rather decades. In order to keep the momentum at par and mission fruitful, we could have termed it as “Digital India” year.
A Digital India Year would make sure that each and every aspect of the programme is pushed to show results on the ground and not go into hibernation after one week of enthusiasm. Considering that most of the nine pillars of the Digital India programme face serious challenges in implementation since the question of continuity is always at stake, thus it is crucial that focused and persistent attention would be given to each of its pillars so that it does not embarrass at the end of the day.

We would like to highlight few challenges of the ‘Digital India’ programme:

Implementation: The entire programme is designed as a top level model on the technological front. There is hardly any guidance on how to implement the same on the ground level to make it successful. To be precise, most of the nine pillars of the programme are directly related to high-end consumers and not for 70% (almost, according to 2013 – 2014 survey) of the rural population in India.
Deploy W-Fi Centers & Hotspot: BSNL’s (Bharat Sanchar Nigam Ltd) mass deployment of Wi-Fi hotspots across the country. If the government pushes BSNL to ensure at least one hotspot per village, it can do wonders and experience the positive outcome. However, if the selection of the hotspot locations were those populated by mostly tribals, backward castes, minorities and geographically difficult areas, then the impact can bring a new era in our country.
Improve IT Literacy: Improving IT literacy is very important because the entire mass who is using internet should know how to secure his/her online data. Providing proper usability guidance of Anti-Virus software and its role in securing the records should happen simultaneously.
Data Vulnerability: Each and every citizen of India would have all the personal details online including bank details, Income tax details, PAN details which might be vulnerable if not secured properly. In case this is breached, then any individual would lose the privacy of the data and would be compromised.
Excessive server Hits: If majority of the population start using online, then definitely the Government portal sever will start getting more number of hits day by day. This is limitless and the IT team needs to be prepared enough to tackle the situation where the possibility of crash would minimize.
Man-In-The-Middle Attack: It is a type of cyber-attack where a malicious actor intrudes him/ herself into a conversation between two parties, imitates both parties and gains access to information that the two parties were trying to send to each other. A man-in-the-middle attack allows such intercepts of the data meant for someone else, without knowledge of either of the party until it is too late.

Security:

It is necessary to overcome all the challenges mentioned above with the help of a proper IT security solution like eScan. With so many people connected to such numerous networks, data security will definitely become one of the priorities of the Government. Since all the departments like Income Tax, LIC, Election Commission, Passport Dept – will have ample sensitive data of citizens, thus there is a high possibility of data breaches once majority of the population become digitally literate. The herculean task of securing all the W-Fi hotspots and data centers should be taken into consideration seriously. eScan Anti-Virus products for home users, small and medium business and even corporates can offer complete protection to the networks and successfully materialize the dream of an ideal “Digital India”!

Posted in eScan 14 | Tagged , , , | Leave a comment