Friday, October 7, 2016

Security From RAT's: Communications Security

I am not a computer genius. I often brag to my children that I was there when the internet was born. I used to call other bulletin boards. I worked on an Air Force base at the time and I would call other bases bulletin boards and download games and other shareware. There were no passwords, ICC cards, or virus protection. I kind of miss that time. Anyway, I know enough about computers to get myself in trouble. My son is a developer and my other son would like to be a developer. But that is the extent of my computer expertise, being related to someone who knows about programming. So hacking is not something I have ever been into.
A RAT is a remote administration tool that can control your computer from another computer. I’ve had someone I trusted use this type of software to fix my computer. It worked great. The problem is, what if that software was put onto your computer without your knowledge? Most Trojan viruses have some type of RAT capabilities. In the name of privacy and security, here are some things RAT can do.
• Find out all system information, including hardware being used and the exact version of your operating system, including security patches
• Control all the processes currently running on your system
• View and modify your registry
• Modify your Hosts file
• Control your computer from a remote shell
• Modify your startup processes and services, including adding a few of its own
• Execute various types of scripts on your system
• Modify/View/Steal your files
• Put files of its own on your system
• Steal your stored password
• Listen to your microphone
• Log your keystrokes (duh)
• Scan your network
• View your network shares
• Mess with your MSN Messenger / Steal your contacts / Add new contacts!
• Steal from your clipboard (things you’ve copied)
• Control your printer
• Lock/Restart/Shutdown your computer
• Update the implant with a new address to beacon to or new functionality
• Watch your webcam
• Use your computer in a denial of service (DOS) attack
And that's not all. DarkComet includes a "Fun Manager" that can perform all sorts of tricks on the target system, including:
• Hiding the Desktop—Hiding all the icons and making it impossible to right click on the desktop.
• Hide the Clock—Self Explanatory
• Hide Task Icons—In the little box on the right side of your start bar
• Hide Sys Tray Icons—Hide icons and open application buttons on the taskbar
• Hide Taskbar—Self Explanatory
• Hide the Start Button—Only works in Win XP
• Disable the Start Button (XP Only)—Gray out the start button, disabling it.
• Disable TaskMgr—Disables the Windows Task Manager (When you hit Ctrl+Alt+Del)
• Open/Close CD Tray—Self Explanatory
And more. So how can you keep yourself and your family safe in this RAT infested internet? Here are a few ideas.
Make your password harder to hack
Hard passwords include upper and lower case letters, numbers and special characters. They should be at least eight characters in length. They should also not spell out words easy for hackers to find, like your pet’s name or the name of a family member.
Change your password regularly
A very common mistake made by users is to create one hard password, but then never change it. Remembering a long list of complicated passwords can be difficult. But no password is unbreakable. Hackers are better able hack multiple accounts if those accounts all have the same password. A password management service, like Dashlane or PasswordBox, can help you keep track of hard passwords. These services permit users to easily store and secure their passwords.
Clear your browser history
This goes for all the devices you use in a day – your home computer, your work computer, or your friend’s iPad. Internet browsers like Firefox or Chrome keep track of where you’ve been and what you’ve done online. They keep records of every site you visited. Information about what you sent from or saved on your computer can be kept for days or weeks. It is very easy for anyone who sees that information to steal a detailed record of your online activities.
Do not use free Wi-Fi
An increasing number of public places now offer free wireless access to the Internet. Often, a user does not need a password to connect to these wireless networks. These services might be useful, but they’re also an easy way for hackers to access everything on your device. Unless you really need it, it is best not to use it.
HTTPS is officially known as “hyper-text transfer protocol secure.” It is similar to HTTP, which is used to enter Internet addresses. HTTPS adds an extra layer of security and encryption while online. Communications between users and sites that support HTTPS are encrypted. The information is also authenticated. That means that HTTPS can determine whether or not a website is real.
Watch what you click
One of the most popular and successful ways hackers infect your computer is through a technique called phishing. Phishing occurs when someone opens an email attachment that looks real. But the attachment is actually a virus that immediately infects the user’s computer. If someone sends you a file or a website you did not ask for, it is best to not click on it.
Try not to use public computers
For many people, not using a public computer can be difficult. Those without a computer or Internet access at home often use Internet cafes to get online. However, the more different people use a computer, the more likely a virus has infected it.
Use anti-virus protection
There are many anti-virus services available for users. They can offer many different types of computer protection. Some anti-virus services are even free. They are a great way to have a professional help keep users one step ahead of hackers.
Be careful while using thumb drive
Thumb drives, also known as flash drives, are small and easy storage devices to use across different computers. They are a popular device that people use to exchange files and documents. They can also spread viruses easily across computers and networks.
Unplug the webcam

For desktop users with external webcams (which is 99%+ of the desktop machines with webcams) the easiest solution is to simply unplug the external USB web cam. No amount of hacking is going to magically plug an unplugged device back in.

This is the solution I use. Leave the webcams in their usual position atop their monitor and then when you need to use it you plug the USB cable into an easily accessible front or top USB port on the computer.

It’s the most foolproof way to approach the problem if you have an external webcam and works regardless of the hardware or operating system.

This can be a serious security problem for your family. If you suspect your computer is infected with this type of virus consult a professional computer doctor. In the meantime, unhook from the internet.

Keeping your computer and devices protected is a constant task we need to be vigilant about.

Semper Paratus
Check 6