Skip to main content

Here's what a VPN can't protect you from (but you need to use it)

The abbreviation " VPN " has slowly become established among average Internet users, which is certainly good, but the problem is that people have started to see VPN as the ultimate solution to all problems.

Russian hackers use malware that can survive a system reinstall

Russian hackers use malware that can survive a system reinstall

According to ESET, Russian hackers use malware that can survive on a Windows computer even after a complete reinstallation of the system.

The company discovered malware called "Lojax" that comes from a hacker group known as "Fancy Bear". Malware crawls security shields (such as antivirus software) by mimicking the behavior of the LoJack tool. This tool protects your computer from theft, which means that it is definitely difficult to remove from your computer.

Since this software is intended to protect the system from thieves, it is important that it be resistant to removal when reinstalling the system or replacing the hard drive. That is why it is implemented in the UEFI / BIOS chip itself

- states ESET.

Fancy Bears "armed" LoJack and created malware that can go through protection in the computer. ESET states that many manufacturers of computer security tools let LoJack work because it is designed to protect against theft and requires all possible system permissions.

When Lojax infects a UEFI module, it can remain there after replacing the HDD. The only way to remove it is to flash UEFI firmware, which many users do not know how to do.

ESET said Lojax was the first UEFI Rootkit to be seen in real use. So far, security experts have only talked about possible UEFI Rootkits, although no one has ever used them.

Russian hackers use malware that can survive a system reinstall

The company did not want to reveal the owner of the computer on which they discovered the malware. However, they warned that the Fancy Bear group used various components of Lojax to infect the systems of government organizations in the Balkans and some other Central and Eastern European countries.

However, the good news for all users is that the computer can be protected from Lojax by simply turning on the "Secure Boot" option. This option verifies that all computer components, including firmware, are authentic with a digital certificate issued by the manufacturer. Lojax just doesn’t pass this test. The Secure Boot option is enabled by default for Windows 10 systems, and if someone does not, it can be manually enabled in the BIOS options.

Comments

Popular this month

YouTube Vanced is down! These are alternatives

The popular replacement for the YouTube app - Vanced - will no longer be available for download. Namely, the authors (due to "legal reasons") had to stop the development of their application and announce that the download links will be unavailable soon.

How to copy text from an image (in 2 clicks, free)

Copying text online is certainly an action we do many times during the day, but the problem is that the text from the image cannot be copied - we have to retype it. However, today there are intelligent OCR tools for image text recognition.

To click on the post or not?

Recently, Facebook has been flooded with " click bait " posts, and sometimes you don't know if there is something really useful behind that post or if it's just collecting clicks. There is a plugin that can partially reveal this to you. Nothing special, it's a Chrome extension called " Photo Zoom ". What does he actually do? Enlarges the image you hover over by loading the source address of the image . How can it help? Clickbait posts often "trick" users into clicking with an image (in addition to terrible headlines). They place those pictures so that only a part of them is visible on the Facebook wall and just enough to interest your potential. If you want to see the whole thing, you have to click on the link, which is their goal.

Make an easy professional banner

To attract visitors to some sites to visit yours, you need advertising . Ads on well-visited sites are paid, but you can find sites that offer banner exchanges .

Here's what a VPN can't protect you from (but you need to use it)

The abbreviation " VPN " has slowly become established among average Internet users, which is certainly good, but the problem is that people have started to see VPN as the ultimate solution to all problems.