You’re a professional… shouldn’t your social media be professional, too? To help, we have a few tips to help keep your Facebook work-appropriate.
Continue readingTip of the Week: How to Keep Your Facebook Clean
Facebook Database Breach: Practical Information
On September 16, 2018, Facebook discovered unusual activity via their network analytics equipment — it appeared that computer hackers gained some type of access to a database of approximately 50 million users.
In July of 2017, Facebook introduced a new feature called “view as“, which allowed owners of Facebook accounts to view their profiles the way the public would see them — the data breach occurred through a vulnerability found in the recently added Facebook feature — computer hackers are said to have used Facebook developer software to exploit the vulnerability.
The bottom line is that although the Facebook administration discovered the hacking, the vulnerability in Facebook’s network existed for over a year before they actually discovered it — who knows how the stolen information has been exploited before anyone knew anything about it!
What type of information was stolen?
So far, it’s known that only relatively simple information has been stolen — nothing that will allow criminals to easily steal one’s identity. However, Facebook administration’s assessment is that it’s still very early on in the discovery process and it’s still too early to know exactly what types of data were accessed and how that data might be used in the future.
Until more information is known about the potentials of the data breach, there are a few practical pointers below that will help bring peace of mind while waiting for the experts to learn more.
For starters, the Facebook administration recommends that all its users change their passwords, ASAP.
Furthermore, since computers are now a critical and integral part of society, and since personal data of millions is spread out across several different government websites and other organizations, it’s probably a good idea to purchase some type of identity theft protection and insurance — it needs to be understood that Facebook is only one of many organizations with a potential to lose personal, private computer data to illegal hackers.
It’s recommended by security experts that a minimal type of identity theft protection be purchased regardless of the recent Facebook database breach. Keep in mind that identity theft protection and insurance are relatively inexpensive.
WheelHouse IT specializes in a wide array of security defense systems enabling a proactive approach to security as opposed to a reactive approach. Please contact us for assistance in determining a suitable course of action if there is concern regarding the Facebook database breach.
Facebook Database Breach: Practical Information
Facebook Database Breach: Practical Information
Continue readingThere’s Nothing “Smashing” About the Nigelthorn Malware
Once again, there is an example of why all users need to be careful about what they install. This time, however, users of the Google Chrome browser are the ones being specifically targeted by a particularly nasty attack known as “Nigelthorn.”
Nigelthorn’s Method of Attack
When scrolling on Facebook, a user may see what appears to be a link to a YouTube video, but is actually a fake. This fraudulent video will then inform the user that in order for it to be played, an extension from the Chrome Web Store, called “Nigelify,” has to be installed. In reality, installing the extension allows the malware into the user’s system.
In order to fool its way past the Chrome Web Store defenses, Nigelthorn’s code is implanted into an extension that has already passed the Web Store’s checks. The first extension to be infected was one called “Nigelify,” which would replace all the pictures on the page a user was viewing with images of Nigel Thornberry, a late 1990’s/early 2000’s cartoon character who has found new life as a meme.
Once Nigelthorn is installed, it can have various effects on the infected system. For instance, not only will this attack vector steal the data that is available through Facebook, it will also share itself via Facebook Messenger, or by tagging the original victim’s friends. This makes it very effective at spreading from victim to victim, as all it takes it to infect the next person in line is for them to install the infected extension as well.
Nigelthorn has also been found to use other common tools that are found in malware in order to accomplish the goal of its developer, including crypto-mining and YouTube manipulation for financial gain.
Getting Rid of Nigelthorn
(and Avoiding It in the First Place)
What’s worse is that once Nigelthorn has been installed, it is notoriously hard to get rid of.
If you have inadvertently installed Nigelthorn, it will automatically close the extensions panel, preventing you from uninstalling it. This means that removing it will likely require you to uninstall Chrome. If you are unlucky enough to be infected, you should change your Google and Facebook credentials in case they were stolen by the malware.
As for avoiding Nigelthorn, the surest is to not click on the link. As long as the user in question knows not to click on fishy links or install additional extensions willy-nilly, using Chrome is still workably safe.
For more information about potential threats to your business’ cyber security, and how to stop them, keep reading out blogs, and don’t hesitate to call us at (877) 771-2384 for more help.