(This newsletter contains links to external websites. Please review their terms of use and privacy policies before using those websites.)
December 2023 - The Holiday Edition
EXECUTIVE SUMMARY: Our very first holiday edition is packed with information about where hackers go holiday shopping. Maureen The Clean is back, decked in festive spirit, to share her know-how with fellow moms around the threat to kids from those fancy new gadgets and apps. It is time for good cheer, but not for Jake The Pedantic. Jake channels his inner Grinch by talking about the nastiest of malware types - rootkits! Spare a thought for Samuel The Harangued as he tries to convince Aunt Mabry that she is NOT about to get a free TV from Walmart.
Those nifty gadgets, new devices and apps that kids may be getting this holiday season may have a dark side to them. Risks to children include:
Being exposed to online predators through social media apps or chat messages in video games. The FBI reports that there are 500,000 predators online every day.
Device and app makers collecting sensitive information.
Information being exposed or sold to third parties.
The prevalence of these threats has led to the FBI releasing a public service announcement about online predators. ParentsTogether, a nonprofit, also released 'The Naughty List', their annual report of potentially harmful toys, gadgets and apps. It is crucial to understand what information companies are collecting about you and your kids as well as to understand how kids are using these technologies. It is never too early to have a conversation with your kids about online safety.
Rootkits are the worst! Rootkits are a kind of malware that give an attacker full control over your computer or device. Rootkits can be used by the bad guys in various ways including: taking over your device and using it as a tool in another cyber attack, controlling your devices to spy on you or steal your data, creating a backdoor entry point into your device for future malware or data exfiltration. Some types of rootkits are not visible to tools like anti-virus or can even render tools like anti-virus ineffective because of the way they work.
5 types of rootkits to be aware of: While there are several types of rootkits and new ones emerging, there are 5 to learn about and be aware of.
Bootloader rootkit: These rootkits attach themselves to files that are essential for your computer to boot up and get activated by the boot up process. As a result, they can be difficult for anti-virus to detect.
Firmware rootkit: These attack and run on your computer's firmware and are activated by the software that needs to be run even before the operating system is started up! That being said, their scope may be related to the hardware on which the infected firmware runs.
Kernel Mode rootkit: These can modify, delete or even replace your computer or device's operating system itself! The good news is that these are extremely complicated to create and even well crafted ones can leave trails that anti-virus programs could detect.
Memory rootkits: These rootkits hide in the RAM of your computer and can extract data in the RAM as well as slow down the performance of your computer. Rebooting the computer can often clear the RAM of these rootkits and hence are some of the simplest to remove. But they can be hard to detect.
Application or user-mode rootkits: These affect and operate within applications used on the device. These are the easiest to detect for anti-virus.
How can you protect yourself?
Prevention is often the best defense. Do not click on attachments sent through email or social media channels or messaging apps. Do not download software or patches from untrusted sources.
A good trustworthy anti-virus software can help detect some kinds of rootkits on laptops, desktops, etc. But remember, anti-virus cannot be used on smart devices like lightbulbs, smart TVs, smart watches, etc.
In many cases, rootkits will try to establish communications to the their mothership command and control servers to extract your information or to receive additional instructions. Using a whole home cybersecurity protection solution like Kavalan can help block communications with known malicious command and control domains. This kind of solution can give you protection for all kinds of devices including your smart devices such as smart TVs, smart speakers, laptops, desktops, gaming systems and more.
Aaargghh!
by
Samuel The Harangued
Holiday Scams
The Walmart Gift Scam, Fake Shipping Texts, USAA security alert - these are all currently active scams targeting all of us but specifically the elderly this holiday season. In many cases, they trick the user into entering their credit card information citing 'shipping fees' or 'processing fees' as an excuse. The holidays are prime for scams given everyone is looking for deals or buying gifts online. Scammers know there is a very high probability that some percentage of the population is shopping at Walmart, Amazon or other large online retailers. Some tips to protect yourself:
Before you click on any link or enter any information, check the source of the email or text. If you get a text message from a number that claims to be a well known vendor, check the website of the vendor to see if it is a listed number or ask them to confirm.
The FBI, The Global Scam Alliance post alerts about recent active scams. Companies like Amazon also list on their website active scams that are being perpetrated under their name
Wyoming shell companies are being used as an anonymity shield for global hacks. A Russian IT entrepreneur uses these shell companies to make his client's internet traffic look like it emanated from America.
Hackers go holiday shopping too! A new online underground marketplace, called OLVX, for hacker tools just went online. The marketplace has all the latest goodies ... er ... 'baddies' like phish kits, spam senders and more.
High interest rate loans, built in scam to empty out accounts and a dose of malware on top! A multi-layer cake of an attack is ongoing targeted at Android users in India, Pakistan and other countries with the SpyLoan app.