The 5 Most Devious Viruses and Hacks of 2014

A1 Assets’ retail marketplace Refresh Computers is not just known for selling quality refurbished computers, but also for its highly-skilled service department with affordably priced repair services and free diagnostics. One of the most common types of repairs that are performed by Refresh technicians are virus clean-ups. This article features the top five most common viruses and hacks that have been seen by our technicians, and the best ways to protect yourself from them.

 

5. The Fake Tune Up Utility

One of the most common types of malware that is seen on computers is fake utility software. In many cases, the program will pop onto the screen by itself, usually after the computer is first started up, and displays a fancy screen showing you hundreds of high-risk problems that the computer supposedly has, and that you need to purchase or “upgrade” their software to fix the problems. These programs tend to block you from closing it and cover over everything that you are trying to do, and eat up system resources to make your computer run slowly. Common examples include “PC Optimizer Pro,” “PC Boost Speed,” “PC Fix Speed,” “K9-PC Protector/K9-PCFixer,” “Slimware,” “Spyware Clear,” and “Uniblue.” There is also one called “MacKeeper” which affects Apple computers.

Another type of fake utility claims you need to upgrade drivers, such as “DriverUpdate” and “Driver Detective,” which can actually cause system corruption. The only legitimate source of drivers are from your computer or hardware manufacturer.

4. Browser Hijackers

Another very common type of malicious software is the browser hijacker. This type of malware changes your homepage to a fake search engine, and when you attempt to change the homepage back to what you had, it will block you under the guise that it’s trying to “protect” you. It may also make your web browser take you to websites that are different than the ones you tell it, often malicious ones.

In most cases, browser hijacker softwares are paired with adware, which causes advertisements or popups to appear on websites that are not legitimately there, or other viruses which set up proxy settings to route your network traffic through a third party computer (usually the bad guys’). In some instances, this malware will also corrupt the browser software, preventing you from getting online at all. Examples of browser hijackers include Conduit, Anyprotect, Babylon, Claro, DefaultTab, Delta Search, Inbox Toolbar, Search Protect, Vosetran, and Yontoo, but the names are constantly changing.

3. FBI/Department of Justice Moneypak Virus

One virus that has spooked many computer owners is the FBI Moneypak Virus. This virus will appear right after the computer turns on, and takes over the whole screen with a page that states that the computer has been locked for “illegal activities,” and threatens that you will permanently lose your data and be subject to arrest unless you wire them a “fine” of several hundred dollars within 48 hours, usually via a MoneyPak. The scare factor is that many variants of this virus use official or look-alike logos of government agencies, show your IP address, and even turn on your webcam to make it look like the government is coming after you. In reality though, agents aren’t really going to show up at your door, and your data has not been affected, however paying them does not unlock the computer.

2. Cryptolocker

The Cryptolocker virus has quickly risen out of cyberspace to become one of the world’s worst viruses. When a computer becomes infected, Cryptolocker locks the owner out of all documents, pictures, and other files on the computer by encrypting them, and then demands a ransom payment to be paid via the electronic currency BitCoin to get the unlock key to save the data. Worse still, if you connect a flash drive, external hard drive, or other backup device to an infected computer in an attempt to recover files from them, Cryptolocker will encrypt the files on those devices as well.

In some instances, people who have paid the ransom have gotten their files back, but in most cases, paying the cybercriminals does not restore the data. While data recovery technicians are unable to unlock the files due to the strong level of encryption that Cryptolocker uses, it is sometimes possible for them to recover files from the shadow copies that Windows makes over time.

1. The Fake Technician

Fake remote technicians top our list because of the direct action that they do to take advantage of users. In almost all cases, the fake computer technician will attempt to deceive you into allowing him to take remote control of your computer, where instead of actually fixing anything, he can gain access to your personal data, install malicious software on your machine, and attempt to trick you to giving him your credit card information for imaginary tech support services to fix problems that didn’t exist, or that he intentionally caused.

Malicious software or advertisements will often give you messages saying you’re infected and to resolve it, that you must call their number. Sometimes they will post fake directory listings with real company names, taking advantage of how hard it can be to reach a live person at the real number. But sometimes the fakers will call you, pretending to be Microsoft or your computer manufacturer, claiming they detected a problem and that you need to let them fix it right away.

Where Do Viruses Come From?

Many years ago, viruses and malicious software were primarily based off of brute-force hacking, where the bad guys would target people through exploiting vulnerabilities in the software. Today, they mainly aim to target users through deception, by tricking them into infecting themselves. They know that today’s antivirus software isn’t made to protect a user when something bad is clicked on voluntarily. Knowing where malware comes from and what to look out for is key to protecting yourself.

The most popular method is through paid advertising. On websites or search engines such as Google, Bing, and Yahoo, the producers of malware will place advertisements that say you can download the latest versions of popular software such as Chrome, Firefox, and Adobe Reader from their website, and users will click them because they are the first item on the list, appearing above the legitimate search results. Sometimes ad banners will even pretend to offer a “required” software update. Instead of installing the desired program or update they think they are getting, they are actually installing malware.

Bad emails come at a close second. These emails designed to invoke a reaction, such as a fictional package notification, invoice, or debt collection, to get you to click on a malicious link or attachment without thinking about it.

Sometimes, legitimate companies will bundle junk software in their installers, with a prechecked box that is easy to overlook. At the same time, users also commonly become infected from torrent and improper download sites.

Tips for Avoiding Malware

• Install the latest Windows updates from Microsoft (see Windows Update in the Control Panel) or OS X updates from Apple (in the App store).

• Only install software from the official publisher’s or manufacturer’s website. Do not click on an advertisement or “sponsored link” to install software.

• If optional add-ons are offered during a software installation, uncheck the box.

• Use a real-time up-to-date antivirus such as Avast or Microsoft Security Essentials which are available for free.

• When reading an email, hover over the sender’s email address to check if the message is coming from a legitimate source. If it looks suspicious, delete it.

• Make sure to have your important files backed up to a flash drive, external hard drive, or cloud storage solution such as Google Drive.

Free Helpful Tools

Web of Trust – a web reputation indicator which shows whether a website you are on is good or bad, and warns you if you are going onto a potentially dangerous website.

Adblock Plus – blocks advertisements while browsing, including those that typically go to viruses and malware.

Unchecky – automatically unchecks optional offers to reduce the likelihood of installing an unwanted program.

What should I do if I’m infected?

If you believe your computer may have malicious software installed, installing an antivirus software after the fact may not help. Sometimes the malicious programs can be removed from Programs and Features in the Control Panel, and there are free on-demand scanners such as Malwarebytes that can sometimes catch threats that other scanners miss, but often times the damage is already done. It is usually recommended to bring it to a certified computer technician, who has the specialized tools to remove the malicious code and repair the damage to system software. A virus removal service at Refresh Computers is $99.99.

If you have any computer-related questions, Refresh Computers always has a free tech hotline, where you can speak to a technician for free, seven days a week. The phone number is 407-478-8200.