Despite the alarming subject, Facebook’s website was not hacked (to our knowledge), just a few employees. Nonetheless, this is a perfect example of how an Advanced Persistent Threat could gain access to even one of the largest websites on the planet.

Recently, several of Facebook’s engineers had been hacked using a zero-day Java attack that installed a collection of previously unseen malware. Even their antivirus software was unable to catch the attack. “It was novel” said Facebook’ Chief Security Officer, Joe Sullivan. “The fact that the machines were patched didn’t slow down the attackers.”

Facebook understands that they are under the constant threat of attackers looking to expose the personal data of their 1 billion active users. They even undergo routine drills to help prevent and mitigate any issue that might attack them.

Most home users do not have a Chief Security Officer, or a dedicated team devoted to securing our PCs. If it could happen to Facebook, it could happen to you. Please be sure to use your XVU Drive whenever you access secure content such as online banking, social media, etc.

Surf Safe!

Spanish authorities shut down a crime ring this week that used “Ransomware” to collect over $1.3 million dollars from users around the globe. “Ransomware” is a technique that uses viruses to infect your PC, and then hold your computer hostage until you pay the attacker to (hopefully) allow you access back to your files. If you don’t pay the fee, you lose access to family photos, important documents, anything you have on your computer.

Although only 3 percent of the infected users fell for the scam, the scammers netted over $1.3 million dollars last year. With this kind of payoff, you can see why scammers continue to perpetrate these attacks year after year.

Protect yourself from these attacks by diligently using your XVUDrive if you access potentially threatening sites. If you do end up getting one of these viruses, even though you still will not be able to access your old files, you will be able to use your XVUDrive to continue to connect to eh internet in order to get help from technicians.

Surf Safe everybody.

ARSTechnica recently discussed the various types of malware. The article is well done, and a great basic primer on the various types of infections that can occur, but made me think of all the ways the XVUDrive can protect you from these threats, including ways to facilitate even stronger security in coming releases.

Here’s the rundown of how the XVUDrive will protect you against these threats:

Backdoors:

“As an example, a backdoor was used to hack into RSA’s systems in 2011. This was a targeted attack… sending innocent-looking phishing e-mails to workers… (that) contained an Excel file with an embedded Adobe Flash file that installed the backdoor”

First, the use of a separate OS from your day-to-day PC’s OS prevents attacks similar to this from occurring. The attack would likely have been against the primary OS, and the XVUDrive would have remained untouched.

In the event the email was launched against the XVUDrive, and the user loaded the application two things would occur. 1. The attack would likely not have included a payload that would be effective against the XVUDrive’s hardened Linux OS. While Windows OSes have tens of thousands of viruses written for them, the number of threats for even the most insecure Linux OS is in the dozens. 2. Even if the user clicked the link, and was infected by a payload, the XVUDrive’s hardened OS would eliminate the threat immediately upon rebooting the device. Threats cannot survive reboots unless the payload is re-run on each boot.

Remote Access Trojans

“The main difference between a RAT and a traditional backdoor is that… the attacker can… issue commands to… the compromised machine.”

This is another vital piece in a hacker’s arsenal. By being able to remotely run ANY piece of software, install ANY additional virus, and fully control the user’s PC, a RAT allows for a single infection to turn into a cat-and-mouse game of the attacker installing a virus, the user cleaning the virus, then the attacker installing another virus. This can go on for months or years until the attacker’s servers are shut down or they move on to another target.

The XVUDrive is not immune to RATs, but has a built in firewall to help prevent unauthorized access, and again, very few RATs exist on any form of Linux. Also, upon reboot, any RATs would be eliminated, limiting the far reaching scope of most RATs to a single session.

Information stealers

…”keyloggers, desktop recorders, and memory scrapers, which can steal passwords, financial credentials, proprietary data, ‘or anything that the attackers can use to their advantage or monetize.’

These are the main focus of the XVUDrive. We’ve previously posted about Red October, an information stealing virus that existed on the computers of some of the world’s most secure networks for five years without detection. The XVUDrive directly prevents data theft by booting into a completely separate environment than the infected OS and it’s operations are completely inaccessible by any virus on the primary OS. By using your XVUDrive diligently, you massively restrict access to your private information.

Ransomware

“This type of malicious program essentially holds a computer hostage unless the user pays a ransom. To have access restored, the user needs to pay a ransom …or the criminal can just take the money and not bother anymore”

While the XVUDrive cannot protect your primary OS from this type of infection, which is the focus of the attack, you can use the XVUDrive to continue to use your computer even when infected by ransomware. Also, if you’re browsing sites that are commonly considered “High risk” like small blogs or even pornographic material, use your XVUDrive and keep your Primary OS safe from losing all of your family photos, documents, and applications.

In summary, your XVUDrive can help keep you safe from most of the common infections. While nothing is 100% secure, using your XVUDrive both for highly secure websites and for “high risk” websites can help prevent infection by these four most common threats.

Surf Safe!