iYogi Accused of Using Scam Tactics

Indian firm iYogi are well-known for their technical support, but recent claims could see their reputation quickly becoming something they wish to hide. A lawsuit could see iYogi paying out thousands if not millions in compensation for what is being described as scam and scare tactics.

Microsoft estimates that nearly 3.3 million Americans lose around $1.5 billion each year due to tech support scams. With these figures it’s no surprise that Brad Smith, Microsoft’s chief legal officer has applauded Washington state’s hard approach on the claims.

While iYogi, who operate over 5,000 employees in call centres based in India, deny the claims the Attorneys General Office has made several large allegations against iYogi. iYogi are said to claim association with Microsoft, Apple and HP, offering support for those companies while also gaining remote access to users systems before asking them to download diagnostic software and flagging up false reports about files, finally offering users the chance to buy everything from yearly support plans and anti-virus software. The claims even state that the company offer to update PC’s to Windows 10 for $80, a service that Microsoft is currently offering for free to Windows 7 and 8 users.

Seeking $2000 in civil penalties per violation of Consumer Protection act and a further $100,000 per violation of the Computer Spyware Act, the bill could quickly shoot up for iYogi.

While it is hard to go off so little information, the claims sound very similar to something I have suffered through many times. A phone call saying that your computer is sending error messages to Microsoft (or Apple) and saying they can walk you through the support process. If this sounds familiar, please read our advice below.

  1. Companies can not track down your personal details from your system, any company attempting to call you claiming to be from Microsoft or Apple is almost certainly not who they claim to me.
  2. Never download software someone tells you to unless you are certain that the person in question only means good for you and only if you know the person, not someone from an email or on the other side of the phone.
  3.  If you do suspect your system is compromised, either by a virus or someone asking you for access, seek help from someone with technical experience such as at a local PC store.
  4. If you feel like a laugh and want to confirm that the person on the other end of the phone is lying to you. When they state they are from Microsoft, tell them that you only own Apple products in that house. If they quickly say that’s what they are there to help fix, you know they are being deceitful.

Do you have any tips for dealing with fake support calls? Tell us your stories in the comments and let’s see if we can’t help someone avoid the pain of paying for “support”.

One Java With An Added PUP Please

Critical security updates to applications are essential to maintain a patched system from the many exploits which attempt to infiltrate ones PC. Certain software companies need patching more than others and this is no less evident with both Adobe Flash and Oracle Java, the aforementioned needs fixing every five minutes and the latter, well, is probably better uninstalled altogether. On the subject of Java, many websites are using a trick which promises an update but also bundles are PUP for good measure.

So, what are the tricks, well, when a user attempts to view content which requires a Java plugin on certain websites, a pop up appears stating that they should update their version of Java. By following the prompt the user lands on various pages unconnected with Java, for example one page is coined “Media Downloader”. The user is then asked to both downloaded and install a “setup.exe” file which turns out to be a PUP.  Quick tangent here, a novice computer user once asked me if it would download a dog, I replied PUP not Puppy, not joking either.

There are other techniques too, one masquerades on a webpage as a standard Java pop up update notification, further examination shows this is in fact a background image and not a pop up. If you click on this you might receive among others a bundler which offers Java but also others including Norton 360 (terrible program) PC Mechanic and for some reason Stormfall Age of War. This though can be avoided by checking the UAC prompt which lists this .exe file as from Verified Publisher “Super IS Fried Cookie Ltd”, sounds about as authentic as a fast food burger, mentioning no names.

As standard, make sure any software applications are downloaded from authentic sources, if you visit a page that promises an update, be cautious, check the URL and as an extra precaution, always scan downloaded files with a reputable Anti-Virus and if possible a Malware scanner as well. Quick side note, these days viruses are becoming harder to detect by AV companies, therefore, while it’s essential to have these suites available, always download from authentic sources and be sceptical.

Of course, if you don’t use Java then it might be better to uninstall it considering the amount of security issues it has faced over the last few years.

Image courtesy of limewheel

Possible Fix Found For Windows 10 Error With Taskbar and Cortana.

The release of Windows 10 has been rather odd in many respects, yes it’s an improvement over the much maligned previous OS in terms of user interface, but privacy concerns coupled with a monitoring tool that allows parents to effectively spy on their children’s browsing habits by default has led to a rather mixed reception. Among the many errors and glitches that have befallen consumers is the rather annoying bug that has led to the failure of both Cortana and the taskbar for many individuals, who have been subsequently privileged to a “Critical Error” when attempting to launch both applications. So much so that the official Microsoft answers board has seen consumers vent their frustrations concerning the problem.

Well, this error might have been in part clarified by a redditor that goes by the moniker “Xeasar”, who has seemingly found a fix when this individual attempted to uninstall Avast Anti-Virus. It was found that as soon as this software had been removed, both Cortana and the Taskbar returned to full functionality, leading to the conclusion of compatibility issues with this particular program. Whether this is the sole cause of the problem or down to a variety of incompatible applications remains to be seen.

According to “Xeasar”, Microsoft is aware of the problem and as a result is working on a patch for the issue. On occasions software developers view consumers with suspicion even though in many cases it’s those same people who find a way to fix issues with certain products. It will be interesting to note how and when Microsoft patches this issue and it also conveys the unstable nature of a new OS in its first year.

Thank you Reddit and answers.microsoft for providing us with this information.

Image courtesy of techworm

Russian Anti-Virus Company Firebombed by Angry VXers

Malware creators have firebombed the offices of an anti-virus company after it refused to delist its reverse engineered analysis of an ATM skimmer. A group calling itself “The Syndicate” sent threatening letters to Dr Web, demanding that it took down the ATM malware exposé, otherwise it would “destroy” the company’s offices.

“You have a week to delete all references about ATM skimmers … otherwise Syndicate will stop cash-out transactions and send criminals for your programmers’ heads,” read the first letter. A follow-up letter added, “If you don’t delete all references about ATM skimmer viruses from your products and all products for ATM (sic), the international carder syndicate will destroy Doctor Web’s offices throughout the world.”

Dr Web refused to bow to terrorism and kept its ATM skimmer article online. Soon after, its St. Petersburg laboratory was firebombed twice. The fire cause minimal damage, but the subsequent water used to quell the blaze was said to have harmed computer systems more.

Dr Web remains defiant. “Dr Web considers its duty to provide users with the ultimate protection against the encroachments of cybercriminals,” the company said in a statement. “Consequently, efforts aimed at identifying and studying ATM threats are in progress as is work to improve Dr Web ATM Shield.”

Thank you The Register for providing us with this information.

John McAfee Calls McAfee Antivirus “One of the Worst Products on the ****** Planet”

WARNING: This article references materials that contain explicit Language

We all have (or should be using) an antivirus program (or several for some people). For some people its Norton, a company which seems interested in putting a faraday cage in your trousers, or maybe even Avast, who recently revealed that the android “factory reset” fails to wipe all your saved personal information. Either way the creators of this software and their software ranges from “divine saviors of computers” to “the embodiment of a technological devil”. One of the more well-known programs is McAfee, however, it would seem its creator (who has not been involved with the software for many years) feels his program falls into the latter category.

Speaking on his official “I am John McAfee AMA” on Reddit, McAfee was talking about the video he released two years ago in which he helped guide people on how to uninstall the software, if you are interested in the video then please read our article about it here or check out the video below. Warning, NSFW language and themes throughout.

In his AMA (ask me anything), mcafee-ama posted stating:

“…. Also McAfee is one of the worst products on the ****** planet”
Original post can be found here: (Warning: explicit langauge)

John McAfee is not one to shy away from the spotlight, mostly for the wrong reasons, ranging from being arrested for charges of being drunk and in the possession of a firearm, to speaking out and asking Google users to “wise up” when it comes to their privacy and confidentiality.

McAfee certainly doesn’t live a calm life, so what will he do next?

Image courtesy of The Independent

Kaspersky Faked Malware to Harm Rivals

Moscow-based computer security company Kaspersky Labs has been faking malware for the past decade to harm its rivals, two former employees have revealed. According to the allegations, Kaspersky’s duplicitous campaign was designed to trick Microsoft, AVG, Avast, and other anti-virus providers into quarantining or deleting important system files on users’ PCs. The scheme, in operation for over a decade, was at its peak between 2009 and 2013.

The attacks were ordered by company co-founder Eugene Kaspersky to spite rivals he thought were ripping off Kaspersky’s software rather than develop their own, the insiders claim. “Eugene considered this stealing,” one said.

“It was decided to provide some problems” for its rivals, one ex-employee said. “It is not only damaging for a competing company but also damaging for users’ computers.”

Microsoft, AVG, and Avast all claim that they have been aware of a number of false positives induced by unknown parties, but that they had no evidence that Kaspersky were responsible for them.

Kaspersky, of course, denies the accusations, issuing a retaliatory statement. “Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” Kaspersky told Reuters. “Such actions are unethical, dishonest and their legality is at least questionable.”

Thank you Reuters for providing us with this information.

Government Looking for Exploits in Anti-Virus Software to Use Against You

Snowden’s latest leaked documents point to government agencies such as the NSA and GCHQ taking an interest in tracking user activity and spying on networks. However, to do that, they have to get one piece of software out-of-the-way; the anti-virus. This also seems to link with an earlier incident at Kaspersky Lab, where their headquarters was hacked by an unknown and well-equipped group.

The government agencies are said to be using a process named Software Reverse Engineering to gain access to vulnerabilities still present in current anti-virus products. One of the latest warrants GCHQ wants to approve, according to The Intercept, even states that Kaspersky poses a threat to its SRE program.

Other methods of intercepting and gaining access to anti-virus software databases consist of finding and exploiting employee emails that work in anti-virus companies. In addition, user PCs are targeted for HTTP requests sent to anti-virus headquarters, containing relevant security vulnerabilities found by their anti-virus suites.

To support the above claim, The Intercept also came across a GCHQ presentation where it shows that around 100 million malware events are flagged daily by the government agencies. The same approach might be found in every government agency, so at least we get another peek at what’s going on and how ’secure’ we are.

In the end, is targeting and ‘cracking open’ anti-virus software really a good solution? From my point of view, the GCHQ should hire Kaspersky Lab to design their network security if they are as good as they say they are. What do you think?

Thank you TechCrunch and The Intercept for providing us with this information

McAfee Anti-Virus for Your Watch? Intel Thinks So

Now I’m sure that everyone reading eTeknix is very familiar with the need to be protected. You’ve all got the right anti-virus software on your machines, all properly configured. Those of you who have Android phones too, I’m sure you take all the measures necessary to keep bad guys out. But with technology coming to even more places, including our wrists, it begs the question, do we need to protect those things too?

Intel certainly thinks so. At Mobile World Congress this week, the company just announced that they’ll be bundling McAfee Mobile Security (Intel owns McAfee) with LG’s new Watch Urbane LTE. Yes, just as you thought your wrists could be free of bloatware/crapware, Intel has gone and stuck McAfee on a smartwatch. Why you would need that is unknown – as of yet, there are no known pieces of malware that specifically target a smartwatch. Plus, the software you can download and install on such a device, even on a non-tethered watch like the one question, is highly limited, making it difficult to inadvertently download malware.

The biggest question from all of this though, is how do you get rid of it? Let’s hope it’s not as difficult as it is on a new PC.

Source: The Verge

GoZeuS Returns a Month after Authorities Take Measures Against the Malware

Though authorities had taken action against the GoZeuS and CryptoLocker malware which stole hundreds of thousands of banking logins from users and blackmail them for millions of pounds, it seems that the malwares are back. A month after the campaign, online criminals seem to have tried to rebuild the sophisticated software named GameOver ZeuS, having researchers warn that new threats using much of the same code are aimed at UK users.

Reports say that the ‘original strain’ of the malware targeted by authorities around the world, including the NSA and the FBI, has been in a decline since the campaign started. However, it appears that criminals are now re-establishing the GameOver botnets by taking the original code and reworking it to avoid detection, much like a biological virus modifies its genetic code in order to survive medicine administered against it.

A security company by the name of Malcovery has stated that the new trojan based on the GameOver Zeus binary is spreading through spam emails, claiming to be from the NatWest bank, coming with an attached statement in the content. Anyone who opens the ‘statement’ are said to risk infection, since traditional anti-virus software cannot detect the malicious software. Also, the CEO of Heimdal Security, Morten Kjærsgaard, states that the heads of the original GoZeuS will try to use lesser-known strains in order to avoid law enforcement agencies detecting it.

“Until we start to see a more clear movement pattern of these new Zeus variants, which are starting to surface, we can’t say anything definitive about their extent,” said Kjærsgaard. “There is no doubt though, that many small malware variants could pose the same financial problem for end users as one big nasty piece of malware.” he added.

While the GameOver Zeus botnet earned more than $100 million for its creators, more infections are likely to take place given the new strains. In June however, US authorities are said to have named Evgeniy Bogachev, a Russian national, as the main suspect behind the original malware.

Thank you The Guardian for providing us with this information
Image courtesy of The Guardian

Microsoft Says Windows XP’s Infection Rate Is 6X That Of Windows 8

Microsoft really wants to encourage users to make the shift to a newer operating system, mainly Windows 8.1. To do this Microsoft is pushing the security side of things, particularly as business users are the most prominent users of Windows XP who are essentially keeping the operating system alive and well. On its TechNet blog Microsoft published figures from its own internal data about the infection and encounter rates of all their operating system. The figures show that Windows XP is about six times more likely to become infected by malware than Windows 8.

“Windows XP was built more than 12 years ago and was architected to include security technologies that were innovative at the time. For example, Windows XP SP2 was released in 2004 and introduced Data Execution Prevention. However, the threat landscape has changed quite a bit since then and technologies that were built a decade ago, like DEP, are now commonly bypassed.” Stated Microsoft.

Of course Windows XP users will find that they can reduce their infection by simply using some third party anti-virus and anti-malware protections, but these will not be able to account for vulnerabilities within the operating system itself. If you value security as a high priority then Microsoft believes the case is convincing enough for you to make the move to Windows 8.

Images courtesy of Microsoft

Microsoft Is Leading PC Anti-Virus Vendor According To Report

New research figures by software and IT solutions company OPSWAT suggest that Microsoft dominates the desktop and laptop anti-virus markets with its free Microsoft Security Essentials offering. Microsoft has an impressive 25.4% of the market with all its products combined, though this is mainly comprised of MSE and Windows Defender. Microsoft is followed closely behind by Avast who manage to rack up an impressive 23.6% mainly through their free anti-virus offering. AVG, Symantec, ESET, Avira and Kaspersky also made the list with market shares between 6.5 and 8.3%.

In terms of the single most popular programs well Avast lead the way with their free antivirus followed closely behind by MSE. Windows Defender, Avira and AVG come in third, fourth and fifth respectively meaning the entire top 5 is comprised of free anti-virus solutions – which is hardly surprising. The leading paid anti-virus solutions are produced by ESET, Kaspersky, Norton, Avast and AVG respectively.

For more details and in depth graphs on the current state of the PC anti-virus market, see here.

Image courtesy of OPSWAT

Suspect Arrested For Creation Of Blackhole Malware Exploit Kit

The suspected creator of the advanced malware tool Blackhole has been arrested. The man taken into custody is suspected of being the owner of the online alias “Paunch”, the name used by the creator of the Blackhool and Cool exploit kids that were used to attack flaws in Java, Flash, Windows and PDF files.

A spokesman for the law enforcement agency Europol said “Europol and the European Cybercrime Centre has been informed that a high-level suspected cyber criminal has been arrested” when speaking with the BBC.

Released back in 2010, the Blackhole kit has proved popular on the crimeware market, especially throughout 2012 and the start of this year. The code was licensed out for around $1,500 and could even be rented from the kits creator for around $200 a week.

The kits in question were fairly advanced and had a broad range of attacks that involved infecting hundreds of websites, downloading root kits, fake software and more to users computers that allowed access to the users computer or their data.

“If it’s true that the brains behind the Blackhole has been apprehended it’s a very big deal – a real coup for the cybercrime-fighting authorities, and hopefully cause disruption to the development of one of the most notorious exploit kits the web has ever seen,” said Graham Cluley. “However, it’s worth remembering that nature abhors a vacuum, and there would surely be other online criminals waiting to take their place, promoting their alternative exploit kits and malicious code.” he continued, when speaking with the BBC.

It appears the arrest may even be working already, as use of the software has dropped by 2% in recent days.

Thank you BBC for providing us with this information.

Image courtesy of BBC.

People Are Spying On You And Hacking Your Computer

How safe are you while you are on the computer? Using your anti-virus, and your firewall, perhaps other methods of keeping you safe, like keeping all of your software up to date will keep you fairly secure. Not everyone does this though, not keeping software up to date, or even your operating system. If you don’t update some vital software that you run on your computer when there is an update it can compromise all security on your machine, giving a hacker full access to your system, even giving them the ability to hack your webcam and see you while you are sitting at your computer.

https://www.youtube.com/watch?v=Yb9b_LzM1U8

Mark Ward of the BBC wrote an article showing us one vulnerability that some people have when they don’t keep Java up to date. You can view his article Licensed to hack: Cracking open the corporate world HERE. He shows us how he was able to inject coding into a website which notified him when someone had viewed the page and then gave him full access to their computer. This isn’t just for some kid sitting in their moms basement writing code, or anything, this is also for big corporations which have loads of hits each day. Corporations are able to easily gain control of users computers, accessing files, spying on them, and giving them an inside edge to their customer base.

The only suggestion I can give you to prevent this from happening is to make sure that your computer, and everything running on your computer is 100% up to date, though it doesn’t seem like that will prevent someone from gaining access to your computer, it is just one preventative measure that you are able to take.

Image courtesy of  Security Blog

Source

99.9% Of New Mobile Malware Is For Android

It is funny yet worrying that if you talk to your “average Joe” about malware/viruses on Android, most of them believe that Android devices can’t get malware/viruses. This is one of those common misconceptions on the same level as the “Macs don’t get viruses” myth. Yet it is totally incorrect and if anything the situation is the total opposite.

A new report published by Kaspersy Labs suggested that “99.9%” of all new mobile malware is for the Android OS.  The vast majority of these malware(s) are Trojan Viruses which can be used to target Android devices in a number of ways. The most common of which is to use the “SMS Trojan” which hacks your phone and forces it to send texts to premium rate numbers. This makes up 63% of total infections, suggesting that most hackers are just after your money.

Kaspersky notes that in 25% of the duration of 2013 they saw the same amount of malware as in 50% of the duration of 2012, suggesting that we are seeing an exponential growth in malware production for Android.

Other interesting facts about mobile malware suggest that 91% is delivered through clicking malicious links (a simple link scanning anti-virus would solve this). In addition the top three host countries for Android malware are the USA (25%), Russia (19%) and the Netherlands (14%).

With all that said, have you ever had malware on your Android device? Do you run internet security on your Android device?

Source, Via

Home Of Anti-Virus Pioneer John McAfee Burns Down

There seems to be a lot of news about John McAfee these days and while he is no longer at the helm of the Anti Virus software, he’s certainly still making more than a few headlines.

McAfee fled Belize last November after the murder of American expatriate Gregory Faull, to which police were trying to contact McAfee as a suspect but that still remains to make and progress and the murder is as yet unsolved, with McAfee still effectively trying to prove his innocence, albeit not very well.

His home has been destroyed in what is being described as a suspicious fire, damaging both of the main structures of the property and leaving a damage bill of around $250,000.

McAfee claims that there are corrupt politicians in Belize that are trying to pin the murder on him and that the fire could be consequence of people in Belize going to great lengths to harm him. Regardless of the reasons it’s all a little sensational and surprising, The McAfee name is well established in the tech industry but that hasn’t done him much good after a murder case, his home being torched and no doubt many other complications.

Who knows what the out comes of all this will be, but this is the internet of course and I encourage you to sound off in the comments section below.

Source / Source

Thousands Of Computers Attacked By MalwareBytes Monday

Do you use Malwarebytes? If so you are among millions of customers of the Anti-Malware software distributor. Many of us monitor and repair our own computers, and we use largely known companies to keep our computers safe and secure. Unfortunately, every once in awhile there is a glitch which causes major issues for our computers, such as how Malwarebytes released an update which made our computers think that Windows was attacking Windows! Even though you might think that the Windows operating system is a virus, or acts like a virus from time to time, we don’t want Malwarebytes or any other software for that matter to delete our windows. The update did just that.

On April 15 at approximately 3 P.M. (PDT) Malwarebytes was updated, this update disabled thousands of computers within just a few minutes. Though the issue was caught in the initial few minutes of the release the damage had already been done. A simple definitions update for Malwarebytes turned into a fatal application for your computer, attacking .exe and .dll files alike thinking that nearly all of the files in your computer were viruses. Malwarebytes acted swiftly in working to disable the update and removing it from their servers. Unfortunately the damage had already been done. And they have apologised for their mistake, taking the blame.

“I want to offer my sincere apology to our millions of customers and free users. I started this company because I thought everyone was entitled to malware-free computing. We acted overzealously in that mission and realize far superior procedures around updating are needed. More was expected of us, and we failed.”  CEO Marcin Kleczynski posted on the official Malwarebytes forum

Thousands of computers being affected by this simple release is really devastating, we can only hope that Malwarebytes will test out the updates more thoroughly in the future. Of course we understand that they may have missed this issue, by trying to be the best anti-malware software out there, having the most current and up to date definitions available.

If you have been affected by the update, and you have not been able to fix your computer just yet, you can find repair information, and a tool HERE.

How do you keep your computer safe and secure, do you use a combination of Malwarebytes and an anti-virus software? Let us know in the comments below.

Source

Bitdefender Is Best Windows 8 Internet Security, AVG is Best Free Security

According to the well respected, comprehensive and independent test of internet security packages, done by AV Test, Bitdefender has come out on top as the best overall internet security package. Bitdefender received 17 out of 18 points, followed closely by BullGuard with 16.5 points and Kaspersky with 16.

The test applies to the Windows 8 operating system only and is the most comprehensive and up-to-date internet security test currently available. The results are probably quite similar to what you’d expect to find on Windows 7 too. So as a general rule if you are looking to invest in Internet Security for your Windows 7 or 8 computer you will get the best protection from Bitdefender.

If we take a look at the freely available internet securities, which a lot of people use because they offer nearly as good protection, we can see AVG Free Edition 2013 does the best scoring 15.5 points. AVG Free is followed closely by Avast Free Antivirus 7.0 with 15 points and Panda Security Cloud Antivirus Free 2.1 with 14.5 points. Microsoft’s free included Windows Defender 4.0 does badly scoring 11.5 with the joint lowest protection score.

Funnily enough some paid Internet Security packages like McAfee, with 12.5 points, Comodo Premium, with 10 points, AhnLab V3, with 10 points and Norman Security Suite Pro 10, with 12 points, all did worse than the three best free Internet Security packages.

So we can pull some conclusions from these tests, which are that if you pick the right paid-internet security (Bitdefender, BullGuard or Kaspersky) packages you can get the best security.However, you can get nearly as good free internet security from Avast or AVG and this is very often better than a lot of paid internet security packages on the market today.

To see the full details of the AV Test Internet Security testing then please visit here.