How to be safe from Ransomware?

Hello guys today I am going to tell you how to be safe from Ransomware malicious software which can block access to a computer system until ransom or in other words a sum of money is paid. WannaCry, also known as WanaCrypt0r 2.0, WannaCry and WCry, is a form of "ransomware".

Also read what Ransomeware is by clicking here.

Ways to keep yourself safe from Ransomware :-

1) Update your Windows - 

Several cyber security firms said WannaCry exploits a vulnerability in Microsoft and that Microsoft patched this in March. People don't always install updates and patches on their computers and so this means vulnerabilities can remain open a lot longer and make things easier for hackers to get in. Now you know why Microsoft keep sending "updates".

2) Back-up your data -

Users should regularly back up their data and ensure that security updates are installed on your computer as soon as they are released. Up-to-date backups make it possible to restore files without paying a ransom.

3) Malicious Emails -

Users should also look for malicious email messages that often masquerade as emails from companies or people you regularly interact with online. It's important to avoid clicking on links or opening attachments in those messages, since they could unleash malware. 

4) Software Downloads -

Users should only download Softwares from trusted websites only not from any website they see on Internet.

Stay Safe, Be Happy

Read More

What is Ransomware?

Ransomeware is a type of malacious software designed to block access to a computer system until ransom or in other words a sum of money is paid. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table (MFT) or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.

 WannaCry, also known as WanaCrypt0r 2.0, WannaCry and WCry, is a form of "ransomware".

Estimated Earnings?

While initially popular in Russia, the use of ransomware scams has grown internationally; in June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. Wide-ranging attacks involving encryption-based ransomware began to increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities, and CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.

Payement Method?

Payment is virtually always the goal, and the victim is coerced into paying for the ransomware to be removed—which may or may not actually occur—either by supplying a program that can decrypt the files, or by sending an unlock code that undoes the payload's changes. A key element in making ransomware work for the attacker is a convenient payment system that is hard to trace. A range of such payment methods have been used, including wire transfers, premium-rate text messages, pre-paid voucher services such as Paysafecard, and the digital currency Bitcoin. A 2016 census commissioned by Citrix revealed that larger business are holding bitcoin as contingency plans.

In May 2017 no. of attacks increased all over the world which caused a huge chaos.

Attacks attacked Govt. buildings and other companies. Many car companies in Russia had to stop their work due to inaccessibility to their computers .

Who is behind this?

It was among a large number of hacking tools and other files that a group known as the Shadow Brokers released on the Internet. Shadow Brokers said that they obtained it from a secret NSA server. The identity of Shadow Brokers is unknown though many security experts believe the group that surfaced in 2016 is linked to the Russian goverment.

Also see how to keep yourself safe from Ransomeware click here.

Read More

Windows user account architecture

• User account passwords are contained in the SAM in the Hexadecimal Format called Hashes.

• Once the Passwords converted in Hashes, you cannot convert back to the Clear Text.

Read More

What is Email Bombing?

Email Bombing is sending an Email message to a particular address at a specific victim site. In many instances, the
messages will be large and constructed from meaningless data in an effort to consume additional system and
network resources. Multiple accounts at the target site may be abused, increasing the denial of service impact.

Read More

How To Secure Your Email Account?

•          Always configure a Secondary Email Address for the recovery purpose.

•      Properly configure the Security Question and Answer in the Email Account.

•         Do Not Open Emails from strangers.

•        Do Not Use any other’s computer to check your Email.

•         Take Care of the Phishing Links.

•        Do not reveal your Passwords to your Friends or Mates

Read More

How To Trace A Email?

§  Tracing an Email means locating the Original Sender and Getting to know the IP address of the network from which the Email was actually generated.

§  To get the information about the sender of the Email we first must know the structure of the Email.

§  As we all know the travelling of the Email. Each message has exactly one header, which is structured into fields.

§  Each field has a name and a value. Header of the Email contains all the valuable information about the path and the original sender of the Email .

§  For tracing an email Address You need to go to your email account and log into the email which you want to trace after that you have to find the header file of the email which is received by you.

§  You will get Source code of the email.

§  For Rediff mail-

•   For Yahoo mail-

§  For Gmail-

§  Now see from bottom to top and the first IP address you find is the IP address of the sender.

§  Once you have the IP Address of the sender, go to the URL www.ip2location.com and Find the location of the IP Address.

§  And you are done we have traced the person.....

§  And from where he had sent the email.

Read More

Prevention against Phishing

1. Read all the Email Carefully and Check if the Sender is Original
2.  Watch the Link Carefully before Clicking
3.  Always check the URL in the Browser before Signing IN to your Account
4. Always Login to Your Accounts after opening the Trusted Websites, not by Clicking in any other Website or Email.  

Read More