Beware of this Ad Blocker, it's not what it seems
Beware of this Ad Blocker
According to Threatpost, Kaspersky researchers have identified a new potential threat in a fake Ad Blocker called "AdShield Pro", which looks and behaves like the Windows version of AdShield, as well as serving as an OpenDNS service.Its behavior is not unlike the ransominer Monero Miner, which, over the past month, has infected over 2,500 users a day, disguising itself as an antivirus installation file. In practice, once the program is started, AdShield Pro changes the DNS settings of the devices so that the search for all domains is redirected to a server controlled by those who created the malware and which, promptly, does not allow access to the sites of the most well-known antivirus and malware removal tools, such as Malwarebytes.com. Subsequently, the application is updated and, at the same time, a modified torrent client is installed, which sends the ID of the target computer and installs the miner.
To ensure its constant and correct functioning, the 'servicecheck_XX' task in the Windows scheduler, where XX are random numbers. At this point, the bad guys will be able to use your PC to mine cryptocurrencies, via their miner based on XMRig.
However, to get rid of this dangerous program, Kaspersky has published a series of steps to take to delete malicious files. If the flock.exe file is present on your device, you need to uninstall NetshieldKit, AdShield, OpenDNS and broadcast torrent. It is also recommended to delete these folders, if any:
-C: \ ProgramData \ Flock -% allusersprofile% \ Start Menu \ Programs \ startup \ flock -% allusersprofile% \ Start menu \ Programs \ startup \ flock2 If you are pretending to be the Malwarebytes application, reinstall it. However, if the program does not appear in the app list, delete the following folders:
-% program files% \ malwarebytes -program files (x86) \ malwarebytes -% windir% \. Old \ program files \ malwarebytes -% windir% \. old \ program files (x86) \ malwarebytes Finally, it is recommended to delete the “servicecheck_XX” task in the Windows scheduler.
You need a license Windows 10 Pro for your brand new gaming PC? On Amazon it is available for a few euros, do not miss it.
How to keep your data safe online
The modern-day internet is a minefield. You are never more than a step away from disaster; all it takes is an error of judgement. Your credentials, financials, emails and almost everything that you hold dear online are always at risk.
Luckily, there are some ways to mitigate the risks. Here are some tips that will serve you well in your online journeys.
Two-Factor Authentication
Two-factor authentication or 2FA as its commonly called is a security protocol that requires two separate forms of identification in order to access data. Commonly, the first of these is usually your password and the second method is either an OTP (One Time Password) sent via SMS or email.
The reason this is effective because it adds an extra step for someone who is trying to hack into your account to get though. So even if your password is compromised, there is a chance that the threat can't get through the second security check.
At the very least, it will at least buy some time to change your password in case there is a threat. There are multiple methods of 2FA but the most commonly used is a four or six number code that is sent to your registered mobile or email.
We highly recommend that you enable 2FA on all services that have support for it. You can also take a look at third-party authenticators like Google Authenticator, which has support for a lot of services other than its own and allows you to still login to your account in case you are stuck at some place where there is very little mobile coverage.
Make your passwords unique
This has been said time and time again but you really do need to make sure that your passwords are unique. When I say 'unique', I mean a combination of letters, numbers, symbols and most importantly, no birthdates or other important info in your password.
A good password should be a minimum of at letters 10 letters and numbers combined.
A handy tip is to base your password on something that only you would now like your favourite toy growing up, now take the initials from the name of that toy for letters then combine it with the date your purchased it on. Add some symbols in there for some extra complexity and you have a pretty decent password. Remember to mix and match the case of your letters with a nice split between upper case and lower case letters.
Block trackers and ads
Unless you really, really need to access some website that is forcing you to turn off ad-block, try and keep it enabled for as long as you can. Most browsers these days come with the option already enabled by default. We suggest you keep it that way.
While most trackers use your system data and browsing activity to display ads based on your preferences, remember that not all things are equal on the internet. For every honest company out there that makes money by selling your data for ads, there are also some real scumbags who have nothing better to do than to play doctor with your device by injecting it with a severe dose of malware.
The Antivirus is a must
Let's face it, that yearly antivirus subscription can be pain especially when you are short on cash but you no longer have the luxury of even stepping foot online without some sort of anti-virus running in the background. Let me put it this way, you should not even attempt to connect your device online without an antivirus installed.
As to which ones to actually subscribe to, there are numerous options available, just spend some time going through their list of features and choose one that makes the most sense to you and is best for your pocket.
Check if your password was leaked
While this may be a little extreme, it can be a good practice these days to get into a weekly routine of checking a few sites for your own safety.
If nothing else, make it a point to at the very least check haveibeenpwned.com. The helpful service will tell if your email address was present in any data breaches online. It will also tell you what apps or services that you used leaked the data.
If you find your email unfortunately on the list, don't hesitate to change your passwords and set up 2FA where supported.
Beware of scams
Yup, this is a thing! Never, ever and under any under circumstance share your passwords and OTP's with anyone. Also remember that no banking or government sites will ever ask you for an OTP. It's always the other way around. That's the standard. You login to a service, it generates a random OTP sent to your device and then you enter it.
If you ever get an SMS or an email that asks for an OTP, be highly suspicious and find out everything you can about it. Chances are high that it will be a scam.
Also, those weird emails with loan interest rates and money making schemes that you keep getting. Mark them all as 'Spam' and forget about them. Never allow any website to show you notifications unless your 100% trust them. Sites that pop-up banners and dialogs without your consent are most likely running trackers or trying to embed your device with unwanted malware, so stay away or make sure your ad-blocker is enabled.
These are the very basics of keeping yourself safe online. There is a lot more that you can do, like invest in software that specialises in detecting malware but all of that builds on the basic fundamentals listed here.