How to Remove Zr89YEwgl7.exe "Zr89" Spyware/Malware [Trojan:Win32/Wacatac.B!ml]

We may receive a commission for purchases made through some ads/links on this page A new data-stealing malware is on the loose! First repor...

Showing posts with label cybersecurity. Show all posts
Showing posts with label cybersecurity. Show all posts

Friday, August 28, 2020

How to Verify File Integrity on Windows by Caclulating a Checksum

  August 28, 2020    Riserbo

Checksum Example
Are you worried about accidentally downloading malware from a hijacked website or from what you thought was a reliable source of clean software? Fortunately, there's an easy way to verify the integrity of any file and ensure it's not a threat to your computer. This method involves calculating the hash (checksum) of a suspicious file by using Windows PowerShell.

1. Begin by starting PowerShell. This can be done by pressing the Windows-key and R to open the run dialog and typing 'powershell'.

Run Powershell Screenshot
If this doesn't open PowerShell on your computer, you can also just search for the application and open it using Windows Search on the bottom left corner of your screen.

2. Once PowerShell has started, type the command 'Get-FileHash' and the path of a file you would like to verify. Then, press enter and save the output somewhere you can access again.

Powershell File Hash
3. Visit your software vendor's website or another trusted source and search for a checksum value. On our website, for instance, we provide hashes at the end of every software page.
Riserbo Software Page Checksum

4. Compare the provided checksum value with the hash you just calculated with PowerShell. Does it match? If so, the file is probably safe to use as long as you trust the vendor. That's it! Make sure to subscribe to the blog for more short guides like this one.

Note: Matching checksum values does not always guarantee that a suspicious file is clean or safe to use. Under rare circumstances, a vendor's site may have been breached and checksum values could have been changed. Generally, it is good practice to use this method along with Antivirus for any potentially dangerous files.

   /

  1 Comment

Monday, July 13, 2020

Joker Malware - The Google Playstore Virus (Prevention and Removal)

  July 13, 2020    Riserbo

Although Android malware is generally losing its grip on the Google Play store, as security is improved, there are still some prevalent strains which continue to cause chaos on infected devices. One example of this would be the "Joker" malware (also known simply as "Bread"), an infamous virus which first appeared on the Play store back in 2017. Recently, an improved version has made a comeback by hiding its payload in over 10 apps.

Android Joker Malware Graphic
 
How it Works: Joker managed to hide from Google Play's malware protection by disguising its malicious code in the form of 11 innocent-looking apps. Once installed, Joker activates through attacking URLs and signs the victim up to several seemingly random subscription services. It can do this in the background of its payload app while remaining completely invisible to the user. Joker takes advantage of certain non-accessible features on Android apps. The newest version of this virus obfuscates malware execution via several layers of URL payloads. This is why, despite numerous efforts to "secure" the Google Play Store, malware developers are able to push their code through antivirus into innocent looking apps.

Affected Apps: The following apps are currently known to be infected by the Joker malware (we will update this list accordingly - subscribe above to be notified)
  • All Good PDF Scanner
  • Mint Leaf Message - "Your Private Message"
  • Unique Keyboard - "Fancy Fonts & Free Emoticons"
  • Hummingbird PDF Converter - "Photo to PDF"
  • Tangram App Lock
  • Direct Messenger/Private SMS
  • Care Message/Part Message
  • Paper Doc Scanner/Blue Scanner/Meticulous Scanner
  • Desire Translate
  • Once Sentence Translator - "Multi-functional Translator"
  • Talent Photo Editor - Blur Focus
  • Style Photo Collage
  • com.contact.withme.texts
  • com.hmvoice.friendsms
  • com.imagecompress.android
  • com.relax.relaxation.androidsms
  • com.training.memorygame
  • com.remindme.alram
  • com.file.recovefiles
  • com.LPlocker.lockapps
  • com.peason.lovinglovemessage
  • com.cheery.message.sendsms
 
Prevention and Removal: If you have one of the apps listed above installed on your Android device, be sure to remove it immediately. Also, check your credit card charges for any suspicious subscription services or spammed orders. The Joker malware will likely adapt to stricter protections on the Google Play store in the future so be wary when installing brand new apps. Always check the reviews and research an app if your planning on getting it.
 
Windows 10 Remote Access - RemoteLance 
 

   / /

  No Comments

Wednesday, July 8, 2020

A Guide to IP Hopping on Windows 10 - The Cybersecurity Tactic That Never Fails

  July 08, 2020    Riserbo

When it comes to maintaining cyber security on public networks, most Windows users tend to forget the fact that they are usually vulnerable. There are almost always new exploits hackers can use to force their way into your system. Although this doesn't always happen often, it's better to be safe than sorry. Unfortunately, when it comes to staying safe, antivirus programs can have flaws, and there is not a single app that is 100% secure. That being said, there are ways you can take advantage of network topology to ensure a safer public network experience. One of these ways is by switching across different local IP locations in a practice we call "IP hopping."
IP Hopping Graphic
IP hopping uses the structure of a network to prevent hackers and malicious programs from infiltrating your computer. By constantly switching to a new IP address, you become a very annoying target and much more difficult to track. On top of that, if a script is being installed onto your computer through a backdoor and you switch to a new address, it will have to follow you to your new network location in order to complete its operation. All in all, IP hopping is a very effective anti-hacking method that won't expire because it's based on an unchanging network topology.

Windows 10 Netstat View

So how can you perform this method on your own? Doing random IP jumps on your own is quite difficult without the use of third-party software, since you will have to rely on either Microsoft's automatic IP assigning algorithm or your own network scans to account for static locations that are taken or won't connect to the internet. Neither of these strategies are random and they won't be perfect when tested in the field. Fortunately, we have designed our own solution and implemented it in our cybersecurity toolkit Opticole. This software will allow you to make completely random hops on almost any network with a high success rate. Using its IP hopping feature is as easy as clicking a few buttons. Here is a video on making local IP jumps using Opticole:


Whether you decide to use this method or not, it will always be a much cheaper option than running antivirus which is also far more intrusive. Although antivirus is very important on its own, in the networking world, there are some rules every computer must follow. IP hopping takes advantage of these rules and allows you to avoid malicious encounters at a very low cost.

   / /

  No Comments

Friday, July 3, 2020

Opticole - The Ultimate Privacy/Cybersecurity Toolkit for Windows - Overview

  July 03, 2020    Riserbo

Opticole LogoOpticole is our brand new privacy/cybersecurity toolkit for Windows. Originally designed to protect users against Microsoft's privacy issues, it now includes a wide array of general-use cybersecurity features. Opticole can help defend against malicious payloads, remote access tools, and public network hackers. On top of that, it's lightweight and runs entirely off a single executable file.
Riserbo Opticole Screenshot

How it Works:
Opticole's privacy-protecting aspect can be demonstrated through its "Stealth-Mode" function. Stealth-Mode can be activated with the click of a single button. While enabled, Stealth-Mode allows Opticole to search through Windows privacy preferences and automatically set registry keys to increase your privacy. It also temporarily disables Cortana and other privacy-encroaching applications. Extra privacy can be attained with our file encryption tool which will encrypt any file or directory (Note: this feature shouldn't be used for critical files).

The port scanner available through Opticole is another great feature which will help you stay protected against malicious payloads or remote access tools. When clicked it will cross-reference active ports on your computer with ports known to forward dangerous processes. This "danger" port list is regularly updated. As soon as anything suspicious is found, Opticole will notify you by opening an HTML file displaying what it has discovered. Kill processes using suspicious ports by entering their port number in a textbox and pressing "Close Port".

Need a faster computer? Don't buy a new one, try Opticole's simple performance booster first. It's quick and edits graphics settings to enhance performance in the long-term. Along with all of these powerful tools, Opticole also implements a new exploit-evading technology known as IP hopping. This tactic allows a user to "hop" between local IP locations on most networks. In short, any hacker or threat on the network will have difficulty tracking your computer while it switches its IP address.

Download
Opticole was released in May, and there are certainly more updates on the way. There is both a free version and a pro version currently available on our website here: Opticole

   / /

  No Comments

Subscribe to: Posts (Atom)