Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Mike thinks that his AOL account got hacked. Leo says the first thing to do is change his password. But even with that, chances are the account may not have been hacked, but spoofed. Spammers can pick up his email address and can use that in the return box. They swap them out from time to time, and chances are Mike's account email is on a list that spammers buy. The only thing he can do is wait for the spammer to move on to another email address.
Jose wants to know about keystroke loggers. He's concerned that his passwords would get recorded if he pasted them in. Leo says they probably wouldn't. They tend to focus on keyboard strokes. Leo says that keystroke loggers are only put on computers of specific people that are being targeted. They are too much work to be a mass virus attack. Just practice safe computing with these tips:
Facebook recently introduced a location sharing feature in its mobile app where it tells your friends where you are at all times, and allows you to see your friend's location. It also will notify you if you're near one of your Facebook friends.
Facebook ‘Nearby Friends’ Will Track Your Location History To Target You With Ads (TechCrunch)…
Brian downloaded DropBox from Download.com and now he's stuck with Search Conduit. This is adware, and it's not technically malware. Leo believes that it is, though, because even though it asks the user to install, it isn't very clear. Leo says he wishes CNet/CBS Interactive would stop doing this with wrappers that install adware. Search Conduit even schedules itself in Windows to reinstall after it's removed. The fact that Brian has other symptoms in addition to this makes it sound like Brian has more malware as well.
Rich is wondering if there's a way to tell if a certain site is affected by Heartbleed. Leo says if the site isn't willing to warn you about it, then there really isn't a way, nor is there a way to test it. It's always a good idea to change your passwords anyway, though.
OpenSSL is a widely used protocol for providing secure internet traffic. The "Heartbleed" bug takes advantage of a hole in OpenSSL to peer into the memory of SSL servers. It can allow a hacker to ping 64K of random memory repeatedly, thereby allowing them to glean usernames and passwords, and even fake a server certificate.
Marie got the FBI Virus Scam popup that has locked up her computer. Leo says it's highly customizable by the hacker who sends it out and in Marie's case, it demands she call to address the issue. So Leo thinks that it may be an offshoot of the cyrpto locker virus. Or just a malicious website. Regardless, her system has been compromised. The only real way to handle it is to backup her data, wipe the drive and reinstall Windows from a known, good source. She can also run the system restore discs, then update the OS completely.
The OpenSSL Library, a security function used in most encrypted websites, has been discovered to have a bug which the NSA has been using to spy on users in 2/3rds of the websites on the internet. It is able to read the memory of the webserver and leaves no trace. It's been there for about two years. Bad guys can use it to co-opt a site's certificate for "man in the middle" attacks.
Sam is worried that his Windows computer is running as an administrator. Leo suggests creating a second administrator account that he won't use. Then downgrade his regular account to standard user. He could make them look completely different to tell them apart. Then if he needs to install something, it will ask him to log in as an administrator. Any software that needs him to run as an admin, he can just right click on it, select the "run as admin" option and type in his password. This will protect him from over 90% of all malware trying to get on his system.
Lloyd got a redirect virus. Leo says these days there really isn't an easy way to get rid of a virus because not only is he infected by this virus, but there's usually other viruses that get invited as well. Once it's on the computer, it can be so deeply embedded that any attempt to remove it can disable the operating system. So at the end of the day, the only thing he can really do is back up his data, format the hard drive, and reinstall Windows from a known, good source. Then he should run all the available updates.