For The First Time Copycat Malware Infected Android Core Process

Copycat Malware – What You Need To Know

 

remove-Copycat MalwareCopycat Malware is a well-known part of Android adware family that has infected more than 14,000,000 devices and routed more than 8,000,000 in the last year and a half. As per the estimate, it made around $ 1.5 for its developers. According to a security company named as “Checkpoint”, it used five different exploits to root Android devices. The rooting exploit are namely:
Continue reading

Know the Truth About Petya/NotPetya Ransomware Attack: Was it Really About Money?

Petya/NotPetya Ransomware: Much Bigger Attack Than WannaCry

The past few days have been quite stressful for the cyber security professional and the victims of the cyber attack. As most of us know about the massive malware attack that took place on Tuesday. It locked the computers of numerous organizations all around the world and paralyzed the entire system. It resulted in a monetary loss and reputational loss for the organizations who went through it. The attack was very intense and took most of the cyber security professionals by surprise. It just created a furor among them.

Many companies all around the world faced several problems. TNT Express which is a Dutch courier company witnessed slowing down of the delivery process. The share trading session of FedEx, It’s principal company, faced a temporary halt due to the attack.

Security researchers were deployed to find out the solution. It was soon discovered that the malware was based on Petya ransomware which overwrote Master Boot Records (MRBs) and Master File Tables (MFTs) of the infected systems besides encrypting the files. Petya is a conventional ransomware operation which demands operator money for restoring the files back to normal.

Security experts assumed that the crooks who were running NotPetya with the objective of making money.

After much research, security experts found that the file encrypting mechanism of both the malware is not same. Apart from that differences were obvious from the ransom notes. The operators of NotPetya borrowed some of the text from WannaCry Ransomware.

more detail about-Petya

Yesterday, Kaspersky’s research team tried to find out how NotPetya’s operator used the victim’s personal id to retrieve the information. The ID is generated by a function called CryptGenRandom. NotPetya’s personal id is a completely random string of symbols which contains no information. It is not all helpful in retrieving the lost information. It simply means that even if the crook’s email accounts are live, he still won’t be able to help the victims in restoring their systems back to normal.

Yesterday, a renowned security specialist and founder of Comae Technologies Mr. Matthieu Suiche analyzed the difference between Petya and NotPetya. The purpose of the analysis was to observe how both malware families attack Master Boot Record of the infected hosts. He found that if the correct key is provided, the computer’s MEB affected by Petya can be possible restored which is not possible with NotPetya.

According to Kaspersky and Suiche, NotPetya is not a ransomware at all and its sole purpose is to cause damage as much as possible. According to Suiche, the ransomware disguise is nothing more than a hot topic for media. This theory was supported by the fact that the authors still have $ 10,000in Bitcoin Wallet and nobody has even attempted to take out the money. Money is the ultimate goal of ransomware operators. Until the time concrete facts are established, research is still going on.

Is PC Enough Secured With Windows Built In AV – Windows Defender

Windows Defender VS Paid Antivirus:

Windows-Defender-vs-Paid-Antivirus

Windows Defender is a special solution that is available for Windows 10 users, and Microsoft announced, the Windows Defender is built-in antivirus that can automatically blocks the highest number of ransomware and malware files. Microsoft then points out that built-in antivirus can immediately block unknown threats. Moreover, Microsoft states they have used the technologies like machine learning process, deep neural network, cloud-base and other to make Windows Defender much more effective than other.

In the month of may 2017, around the world government firm to individual computer user was troubling with global ransomware attack. However, Microsoft says Windows 10 easily survived WannaCry fiasco, thanks to patches that Microsoft released in March. But according to News and cyber security researchers, most of the Windows PC were found to be infected with such WannaCry Ransomware. Now the big question is how cyber criminals successfully invading the Windows Defender? If security measures can be exploited then there is no use of having a Windows Defender.

Is Windows Defender Efficient And Smart Enough?

To be honest, Windows Defender solely provides baseline protection, which implies ok normal PC user or for basic internet user. For people who in the main use social networks and should transfer the occasional file here and there, Windows built-in antivirus ought to be simply fine.

If you transfer plenty of torrent connected files from the net, then it tends to doubtful for Windows Defender because this would supply enough protection. Of course, not everyone agrees with the claims, and brag that Microsoft words are correct for its Windows Defender. Although Kaspersky, a company for antivirus solutions states that Windows built-in antivirus not so good, and external antivirus tests plenty behind the competition when it comes to detection of threats, false positives, and performance.

Kaspersky has recently filed a complaint against Microsoft in Europe, claiming that the company used its dominant position to promote Windows Defender and forced Windows 10 users to use this type of protection.

How Malware Attacks If Windows Defender Or Any Antimalware Tool Is Able To Survive?

This is one of the biggest questions that occurs in the head, such as “ How malware sneaks in the computer?” According to experts, this threat also comes due to human weakness and unsafe browsing habits. Almost every computer user wants to download free stuff like background images, songs, videos, applications, add-ons at free of cost so that they download it from unreliable sources, which often contains malicious threats.

In addition, many users receive floods of spam e-mails, which claims “you are selected as the today’s happiest winners” or offers loans at very low-interest rates. Avoid accessing such emails because they contain an unwanted program that can immediately sneak into the computer when user click on the specified links.

No doubt Microsoft is the leading company and its OS or utility software is the world widely used. But when it comes to the system security, cyber treacherous have found their own tricks to defeat the Windows Defender. Well, defeating the antimalware tool is not all about the capacity of a tool sometimes user awareness and Internet surfing habit is also responsible for the system security. So, it is better to enhance our practice on browsing instead of relying on any AV tool.

Judy Virus Infecting Android Devices And Fraudulently Advertising Via Google Play Apps

Judy The Largest Virus Attack On Google Play Ever

judy virus

For years we have had to deal with viruses on all the platforms as we have a tendency to use and connect with the web. Windows is that the most malware OS in the world, though it’s not the foremost used, as recently Android exceeded the number of connected users. Even so, Android additionally has a lot of malicious applications, corrupt files and thousands of viruses like Judy that no one can imagine.

Unfortunately, these days we’ve not excellent news for a few Android mobile users since a virus nicknamed “Judy” on Android has infected quite thirty-six million devices. Apparently, It has a very suggestive name, but the truth is that it does not bring anything good. Researchers at security firm Check Point have just discovered a new virus called ‘Judy’. To date, it could have infected 36.5 million mobile phones with Android.

Google Play Apps that infected millions of Android smartphones

According to the blog of the multinational, the virus ‘Judy’ has been detected in 42 mobile applications available on Google Play, mostly developed by a South Korean company named as Kiniwini, a company registered in Google Play as Enistudio Corp., which develops apps for Android and iOS systems. The name of Google play Apps are given below that are responsible for the distribution of Judy virus. If you are using any one of then you are endangering the security of your Android smartphone. The most downloaded game from below list is “Fashion Judy: Snow Queen style”, and most other options have “Judy” in the title.

what is Judy Virus

The infection of Judy Virus causes continuous pop-ups of bogus ads

The strategy reveals that there is some vulnerability in systems that scan apps before uploading them to Google Play. The reason behind vulnerability is still unknown. However, It is also not clear, whether the virus takes a little time to act or a lot more time, as some of the infected applications have been in the Play Store for years.

Thus, when one of these apps is installed, the mobile or tablet begins to communicate with servers behind the user to generate displays of ads fraudulently, which would generate income for those responsible for the infection and what would reduce the battery and The overall performance of the device. Researchers at Check Point found a widespread virus on Android-based phones, the world’s most-used operating system, which infects devices with unwanted advertising. The virus affects devices by flooding them with advertisements and generating a fraudulent click, for which the authors earn money by advertising revenue.

Therefore, it is clear there is no safe operating system today. Therefore, at present days it is beneficial to install antimalware tool or antivirus on PC or mobile. But one thing that is the most considerable fact about Judy virus is that it is the second most dangerous virus after WannaCryptor Ransomware. That is the not the first case of Android but the new virus Judy has globally infected Android users the has already affected more than 36.5 million devices. The worse thing is the number of the infected device may increase in future.