Beware of Christmas-themed malware

Christmas tree, Marina Bay Sands.

"...On the twelfth day of Christmas

my true love sent to me:

Twelve malware programs

Eleven broken firewalls

Ten ransomware threats

Nine login breaches

Eight adware pages

Seven fraudulent emails

Six infected PDFs

Five red flags

Four spyware games

Three spam text messages

Two Trojan horses

And a phishing malware email to me!"

Festive greetings may come with malicious threats, even if they have come from friends and family. Yeo Siang Tiong, GM, South East Asia, at Kaspersky Lab said that the right protection should be in place for computers and mobile devices before users download gifs and e-cards, send emails or buy anything online for Christmas.

The cmopany notes that retailers and advertisers on both online and physical platforms are constantly asking for shoppers’ personal details through lucky draws and memberships in local malls and departmental stores. Such details could end up being a security risk if the brand suffers a security breach.

In fact, a survey of over 11,000 consumers commissioned by Kaspersky Lab found that over half (58%) of the respondents would avoid using a provider that had recently experienced a data security incident.

According to Yeo, “The lack of awareness around the actual value their data has, is a massive obstacle in making people understand why they should protect the data. It’s easy to forget about the vast amounts of data we share on a daily basis.”

“Consumers should consider using multifactor authentication to secure their transactions and be vigilant on whether it is necessary to share certain personal information for a purchase. They should not shy away from investing in protection solutions such as Kaspersky Internet Security - Multi Device for a highly tailored and easy to use scenario-based online and mobile protection solution,” said Yeo.

Kaspersky Lab shares security tips ahead of Chinese new year

Chinatown in Singapore features dogs in a focal display.

In the euphoria and adrenaline rush of shopping for Chinese new year, Kaspersky Lab warns that shoppers are more likely to make basic mistakes that can expose their personal data.

GM, Kaspersky Lab Southeast Asia Sylvia Ng explained that the brand understands festive season shopping is a priority for consumers but reminds that it is also a prime opportunity for cyber criminals. Public Wi-Fi is one security concern, for example. Cybercriminals can monitor all the information sent across public Wi-Fi networks, which can include bank accounts or credit card numbers.

“Get your shopping done safely. Sipping on an espresso at a local coffee house and doing your Internet shopping does seems convenient. However, you open yourself up to criminal activity by doing so. Public Wi-Fi networks are often less secure than private ones, and you risk the possibility of logging onto a phantom network instead of the real one, opening you up to potential identity theft,” she said.

Shop on any Wi-Fi network only after checking that it is secure and a trusted network, Kaspersky Lab said.

Other common mistakes include:

Being duped into using a fake website that looks like the user's bank or payment system. Kaspersky Lab suggests paying attention to the https prefix, which indicates an encrypted connection, and checking if the web address has been misspelled. Virtual keyboards - the keyboards displayed on the screen - may protect passwords from being intercepted by some types of key logger software.

Ransomware. Kaspersky Lab suggests not opening email attachments from unknown shopping sites, and backing up files.

Phishing. Do not click on unexpected links sent via email - including shipping confirmation emails - SMS, or message apps. Gifts might turn out to contain adware or worse. And these days, whole identities can be replicated and phishing links may come from what looks like friends.

Weak passwords. Kaspersky's password checker can give an indication whether a password is easily cracked.

Shopping at dodgy sites. Kaspersky's advice is to browse reviews before trusting online shopping sites with credit card information.

Using Bluetooth. A cellular connection makes a smartphone connection more secure.

“These tips that we share are culled from real-life experiences of people. So, before you click on any deal, make sure that you are going to trusted sites. If you find a deal that seems too good to be true, it probably is,” added Ng.

Over 400 million users are protected by Kaspersky Lab technologies. The company has 270,000 corporate clients.

Businesses in South China Sea area should beware of Spring Dragon APT

Kaspersky Lab is warning of activity from a threat actor targeting countries around the South China Sea. The cybersecurity firm has seen increased activity by an advanced persistent threat (APT) called Spring Dragon (or LotusBlossom) since 2017 that involve new and evolved tools and techniques.

Kaspersky Lab Global Research & Analysis Team (GReAT) Senior Security Researcher Noushin Shabab said, “We believe that Spring Dragon is going to continue resurfacing regularly in the Asian region and it's important to be familiar with its tools and techniques. We encourage individuals and businesses to have good YARA rules* and other detection mechanisms in place and strongly recommended they use – and regularly audit – a multilayered approach to security.”

Spring Dragon has been targeting high profile political, governmental and educational organisations in Asia since 2012. Kaspersky Lab has been tracking the APT for the last few years.

In early 2017, Kaspersky Lab identified renewed attacks in the threat actor’s target region. According to Kaspersky Lab telemetry, Taiwan had the largest number of attacks followed by Indonesia, Vietnam, the Philippines, Macau, Malaysia, Hong Kong and Thailand. To help organisations better understand and protect against the threat, Kaspersky Lab’s researchers have undertaken a detailed review of 600 Spring Dragon malware samples.

Kaspersky Lab’s overview of Spring Dragon’s tools shows that:

- The attackers’ toolset includes a unique customised set of links to command and control servers for each malware: the malware samples contained more than 200 unique IP addresses overall.

- This toolset was accompanied by customised installation data for each attack to make detection difficult.

- The arsenal includes various backdoor modules with different characteristics and functionalities – although they all have the capability to download additional files to the victim’s machine, upload files to its servers and execute any executable file or command on the victim’s machine. This allows the attackers to undertake a number of malicious activities on the victim’s machine – particularly cyberespionage.

- The malware compilation timestamps suggest a time zone of GMT +8 – although the experts warn that does not represent a reliable indicator of attribution. Countries which are in this time zone include Brunei, China including Hong Kong, Singapore, Taiwan, the Philippines, Western Australia as well as parts of Indonesia.

Kaspersky Lab GM ANZ Anastasia Para Rae says, “Organisations and businesses need to step up and manage risk on reputation and service guarantees. The average loss from a single targeted attack is close to US$1,000,000 excluding reputational impact. In the event of cyberattack, a considerable investment is made for urgent response to improve software and infrastructure. The reverse needs to take place. We must not wait for attacks to happen for us to take precaution.”

In order to protect your personal or business data from cyberattacks, Kaspersky Lab advises companies to:

- Implement an advanced, multilayered security solution that covers all networks, systems and endpoints.

- Educate and train your personnel on social engineering as this method is often used to make a victim open a malicious document or click on an infected link.

- Conduct regular security assessments of the organisation's IT infrastructure.

*YARA is a tool for pattern matching that helps cybersecurity researchers detect and identify malware.