Tag Archives: Symantec

Kovter Strikes Computers Everywhere

Anti-virus, Security, , , , , , , ,
Removing Trojan Kovter Malware

Are you prepared for when disaster strikes

Every year, there are high-impact viruses that plague individuals and businesses alike. One of the newest that has wreaked havoc on the world of IT is known as Kovter. It’s affecting a number of computers and there are a lot of people that have been impacted by its destruction.

What is Kovter?

Kovter works as a Trojan. It has acted as a ransomware downloader as well as click-fraud malware. It is disseminated using malspam email attachments that contain malicious office macros. One of the ways that this fileless malware has been able to evade detection is by hiding inside of registry keys.

There has been a number of reports that indicate the Trojan infections receive updated instructions from a command and control infrastructure that serves as a remote access back door. When this happens, the hackers will have an access point into your computer or server.

Kovter showed up several years ago and continues to be the biggest threat throughout 2018. Part of this is because it has evolved significantly. It may use code injection as a way of infecting the target and will steal information so that it goes back to the command and control servers.

How to Look for Kovter

Kovter is really good at hiding itself. It generally infects a computer using an attachment that comes over as a micro-based spam. Once the attachment is opened, it will install on the computer and hide within the registry entries. Most of the attachments are compromised Microsoft office files.

Since it is fileless, it can be difficult to detect. However, you want to make sure that your organization is aware of how to protect against email threats. Use various anti-spam filters so that malicious emails can be blocked before reaching the endpoint user. You also want to make sure that security updates are applied as soon as possible.

Who Has Been Affected?

A number of people throughout the UK, US, Canada, and Australia have been affected by the Trojan. Many people found the virus through a malvertising campaign or Traffic Junky. People were sent to a pop-up that told them they needed to install an update to their browser. By doing so, they unknowingly downloaded Kovter to their computer.

It’s unclear as to how many computers have actually been affected – though the number is easily into the tens of thousands since one version or another has been around since as early as 2011.

What You Can Do

You need to be sure that you have a high level of security within your business. You want to make sure that you are protecting your servers and workstations so that they stay free of viruses and Trojans. Otherwise, malware can render your computer absolutely useless or result in important data being lost or stolen.

Webroot Antivirus is a 20-time winner from PCMag. It provides you with the antivirus protection on all of your devices so that you can enjoy a greater level of peace of mind. You get advanced threat protection and the security is always on. You can stop ransomware and enjoy real-time blocks on harmful sites. This way, no matter how much you teach your employees not to go to specific sites, you can ensure that dangerous sites are blocked to avoid various problems. Additionally, based on the antivirus protection that you choose, you will also be able to monitor your firewall and network connection and secure various smartphones and tablets that are used by your employees.

Learn more about Webroot Antivirus and how it can protect your servers and workstations by contacting SystemsNet today. Our various packages will monitor your systems and help you with all of the various components of your IT infrastructure. As geeks, we work hard to help you protect your systems

Six Ways Backups and Data Recovery Can Save Your Business (Part 2)

Data Backup, , , , , ,
Data recovery on keyboard

Your business deserves a life line

Welcome back to the second half of our two-part article on backups and data recovery as an incredibly versatile set of solutions. The beauty of building a layered and comprehensive set of backups with smooth recovery procedures is the ability to recover from almost any setback that even remotely relates to your files. Last time we talked about a few of the often unconsidered risks to your files like failed software updates, failed services, and employee mistakes. These less flashy but far more common risks can put any file system at risk if there’s no way to restore mistakes and failed processes. Backups allow you to restore files back to a previous whole and working state. Automated backups can also help you track down exactly when and why a file corrupted or was changed. Let’s pick up where we left off at how backups can be used to quickly recover from and completely shrug off ransomware attacks.

4. Ransomware Attacks
The current generation of hackers have a personal favorite form of attack that not only ruins your day but also has a chance of getting them paid. You’ve probably heard of ransomware in the recent news because it has been used to terrorize a large section of the computer-using population world-wide. While the exact programs evolve like the yearly flu, the method involves infecting your network, maliciously encrypting every file, then demanding ransom payment in crypto-currency. Rather than paying them or losing your files, you can simply wipe the network and implement your data recovery procedures from a recent complete backup. This method also works for almost any other kind of malicious virus, spyware, Trojan, or malware attack.

5. Programming Errors
When programmers and the IT department make mistakes, the consequences often have a much greater effect than the mistakes of a single employee on their personal system. In many cases, a change to the way the company network or proprietary programs work can cause an error left undetected for days or weeks at a time. Here is where having a collection of regular backups is incredibly helpful. No matter how far back the error was made, a good data recovery system can restore the system to its pristine state before the oversight, allowing your team to fix the problem without a massive loss of data.

6. Device Failure
No matter how convenient remote servers and huge hard drives are, there is one final fact about computing that many people forget. Computers are physical objects and data is stored on disks that can break, fry, melt, warp, scratch, or otherwise become unreadable and unusable. While there are extensive recovery procedures that can sometimes extract data from dead equipment, you can be back to work almost instantly by loading a recent backup onto a new machine and reinstalling it into the company network in the old computer’s place.
The data used, processed, and stored by your company is important for continued functioning and any loss of data can set you back by days, months, or even permanently depending on the value and replicability of the data. Fortunately, there’s no need to risk losing your valuable digital assets, because even software installations and settings configurations can be saved. With a complete data recovery plan, you can restore a single document from backup or reinstall an entire computer after a malware attack, and clone a computer with all its data for new team members. Cloud-hosted backups are an important part of a comprehensive business continuity plan as they can be used both for asynchronous disaster recovery and for hot-loading a second environment while the first is repaired.

For more information on backups and cybersecurity, contact us today!