Latest News and Threats

The latest threats and how to protect against them. Contact Helpdesk for assistance in removal if needed.

Current threats, vulnerabilities and information regarding data breaches are provided below. Users seeking additional information on these topics can visit the provided links. The following links go to non-OSU affiliated websites.

 

CCleaner Malware
Malware has spread through a popular Windows cleanup utility called CCleaner. A malicious version of CCleaner and CCleaner Cloud was uploaded to the download server by attackers. CCleaner v 5.33.6162 and Cleaner Cloud v.1.07.3191 were infected. If any user updated CCleaner /Cleaner Cloud or downloaded the program to install on their machine between August 15th - September 12th, will need to update the program to the newest version
For more information: Click Here and Click Here
 
Equifax Data Breach
Equifax has revealed a data breach that affects up to 143 million people. The investigation is ongoing, but appeared to have occurred near the end of July 2017.  The number and types of information that was accessed or stolen has yet to be determined. Equifax has set up a website to help determine if a user has been affected. Equifax is also offering credit monitoring and identity theft protection.
 
Credit bureaus have information on citizen’s loans, loan payments, credit card information including the credit card number, child support payments, birthdays, missed rent and utilities payments, addresses, employment history, and some driver’s license information.
 
Equifax’s website to help determine if a user has been affected. Click here for Equifax website
Equifax has set up a FAQ for users. Click here for the FAQ
For more information: Click Here
For information about freezing your credit: Click Here
 
FAFSA Data Breach
In April 2017 The IRS publicized a data breach where up to 100,000 users may have had their personal information stolen. Attackers used the IRS Data Retrieval Tool, which was designed for use when filing the FAFSA, to obtain personal information of users.
 
Facebook Messenger Virus
Attackers are using Facebook Messenger to spread a virus that affects Windows, MacOS and Linux machines. Users report receiving a video link that will install adware on the user’s machine. These video links come from both unknown contacts and friends. Facebook messenger users are urged to use caution when opening a link, even from a friend.

Ransomware
Ransomware is a type of malware that stops you from using your computer until you pay a certain amount of money (the ransom).
For more information: Click Here
 
WannaCry Ransomware
This ransomware targeted systems running Microsoft Windows Operating Systems, using an exploit in the Windows Server Message Block protocol. It then encrypts the system and demands money in bitcoin to unlock the files. This affects all versions of Windows desktop and Windows server. Microsoft has issued patches that fix this vulnerability for all Windows versions, including unsupported versions like Windows XP and Windows Server 2003. To help protect a system from this vulnerability, keep Windows OS systems up to date.
For more information: Click Here
 
Android Adware
Google continues the fight against malware loaded apps in the Google Play App Store for android smartphones. Recently some 500 apps, that together had over 100 million downloads, were pulled from the Google Play Store because they contained back doors which allowed malware/spyware to be installed on the device.
For more information: Click Here

Malicious Word, Excel and PowerPoint Documents
Attackers use Microsoft Office documents to infect computers with malware. Word and excel documents can use macros. Attackers will make a document with a macro that will execute malicious code once opened by the user. In addition, a zero-day exploit is now being used to infect user’s computers using a booby-trapped OLE2link object. Once clicked on, it downloads malicious code to the computer. This attack is seen is Word and PowerPoint. Always be cautious of uninvited documents or emails.

Chrome Browser Extensions
Recently it was discovered that several Chrome extensions were being used to install malware onto the user’s machines. Researchers believe the extensions were compromised through the use of social engineering and phishing attacks against the developers.