malware Archives - Redtree IT

Beware this malware: It “annoys” you into handing over login details

November 4th 2024 By Matthew Phillips Beware this malware: It “annoys” you into handing over login details How cautious are you and your team with online security? You know about phishing scams, dodgy downloads, and not clicking suspicious links, right? But an even sneakier new malware (that’s malicious software) wants to frustrate you into giving up your Google login details. https://player.vimeo.com/video/1021770204? The malware doesn’t have a catchy name yet, but it’s part of a larger threat known as “Amadey”, and it’s been on the rise since August. It forces your PC into something called “kiosk mode” (a setting often used on public computers that only lets you access one window). This allows it to lock your browser in full screen mode, hiding all your usual navigation buttons like the address bar and menus. Then you get sent to a fake Google password reset page. Normally, you’d just hit the Esc or F11 keys to get out of full screen mode, right? Well, not this time. It won’t work if the malware has infected your PC. It wants to confuse you into thinking you must enter your password to solve the problem. The password reset page will look like a real Google page. But the second you type in your details, they’ll be stolen by a second piece of malware hiding in the background, falling right into the hands of cyber criminals. Pretty scary stuff. But here’s the good news: You can break free without giving up your details. If your browser gets stuck in full screen mode, try hitting ALT+TAB to switch tasks, or ALT+F4 to force the window to close. Otherwise, try closing it through your task manager (CTRL+ALT+DELETE). If all else fails, just restart your PC by holding down the power button or unplugging it, then get an expert (like us) to look at the malware. Prevention is always the best approach, though. Be wary if your computer starts behaving strangely, especially if your browser suddenly goes into full screen mode and won’t let you navigate away. Avoid clicking on suspicious links or downloading attachments you aren’t sure about. And as tempting as it might be to get past an annoying screen, never enter your password unless you’re 100% sure the website is legit. If you’d like us to teach your team how to avoid the latest scams, we can help. Get in touch. Published with permission from Your Tech Updates.

Uncategorised

Is that Chrome extension filled with malware?

Lindy / 22 July 2024

July 22nd 2024 By Matthew Phillips Is that Chrome extension filled with malware? If you use Google Chrome in your business, you’re probably familiar with extensions. These useful tools can enhance your browsing experience in countless ways, from blocking annoying ads to reducing distractions. Extensions are incredibly popular because they can add so much functionality to your browser. But just as you need to be careful when installing new apps on your phone, you must also be cautious when adding new extensions to your browser. That’s because they come with a risk of malware. It’s short for malicious software – that’s any software intentionally designed to cause damage to a computer, server, or network. Cyber criminals use malware to steal data, hijack systems, and even empty your bank accounts. Google Chrome holds about 65% of the browser market share worldwide, making it the most popular browser by far. This popularity makes Chrome a prime target for cyber criminals. While cyber-attacks sometimes exploit vulnerabilities in the browser itself, there’s an easier way to target Chrome users: Through malicious extensions containing malware. Although Google keeps a tight watch on its Chrome Web Store, the risk is still there. A recent report claims 280 million people installed a malware-infected Chrome extension between July 2020 and February 2023. That’s a huge number and highlights the importance of being vigilant. Surprisingly, many malicious extensions remained available for download on the Chrome Web Store for a long time. On average, malware-filled extensions stayed up for 380 days, while those with vulnerable code were available for about 1,248 days. One particularly notorious extension was downloadable for 8 and a half years before being removed. https://player.vimeo.com/video/982009526 So, how can you protect yourself and your business from these malicious extensions? Here are five steps we recommend. External reviews: Since checking ratings and reviews on the Chrome Web Store isn’t always reliable (many malicious extensions don’t have reviews), look for external reviews from trusted tech sites to judge whether an extension is safe. Permissions: Be cautious if an extension asks for more permissions than it should. If a new extension requests extensive access to your data or system, this could be a red flag. Security software: Use robust software to catch malware before it can do any harm. This is your last line of defence if you accidentally install a malicious extension. Necessity: Before installing any new software or browser extensions, consider whether you really need it. Often, you can achieve the same functionality visiting a website. Trusted sources: Only install extensions from trusted sources or well-known software providers. This significantly reduces the risk of downloading a harmful extension. Chrome is the most popular browser, which means it will always be a target for cyber criminals. Google’s security team works hard to review every Chrome extension to ensure they are safe, but it’s still crucial to be vigilant. If you’re unsure whether your extensions are safe or not, or you’d like more advice around keeping your business secure, our team can help. Get in touch. Published with permission from Your Tech Updates.