Malware and Phishing attacks on the rise as Holidays approach

Phishing attacks and Malware attacks are ubiquitous.  Almost everyday I see some myself or receive emails from users wanting to know if this is real.  One I want to warn about is the "efax notification", eFax Notification Delivers Hancitor Malware.  If you received an email reference an efax, beware of attachments and/or links within these emails.

Fake Ransomware just overwrites MBR but demands payment

There is a fake ransomware trojan circulating that overwrites the MBR (Master Boot Record) and then restarts your machine.  The MBR is the code stored in the first sectors of a hard disk drive that contains information about the disk’s partitions and launches the operating system’s boot loader. If the MBR is corrupt or altered, the computer doesn’t know which partitions contain an OS and how to start it.

Upon reboot, the following ransom text is displayed and the machine is unable to boot as normal:



The message says;

Oooops!  Your OS is locked.  The harddisks of your computer have been encrypted with an military grade encryption algorithm.  There is way to restore your data without a special instrucrion for unlocking your computer.  You can buy the instruction.  To do this, you need to send $200 to Monero wallet: "a monero address" (This is a Monero address)

The claim that it has encrypted your files is fake.  According to SonicWall;

The only modification to the filesystem is the overwritten MBR.  No files have actually been encrypted and there is no encryption functionality present in the malware.  Although files can easily be restored by mounting the filesystem using a live OS booted via a memory stick, most users will likely consider their files gone and perform a full reinstall.  There is no contact information provided to “restore” files and no way of verifying if paying the $200 in Monero will suffice.

https://securitynews.sonicwall.com/xmlpost/fake-ransomware-just-overwrites-mbr-but-demands-payment/

https://www.pcworld.com/article/3133181/security/free-tool-protects-pcs-from-master-boot-record-attacks.html


Tips to Prevent virus and malware from Infecting Your System:

1. Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
   So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for Chrome, Mozilla, and IE
2. Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.  According to the survey, outdated/older versions of Windows operating system are an easy target.
3. Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
4. Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
5. Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Malware Crusher.