ATP28

[rspostrspost]

Does Malwarebytes protect against ATP28?

Thanks, Dick

[Aura]

Hi Dick

APT28 is a Russian hacking group, not a malware family or else.

http://resources.infosecinstitute.com/apt28-cybercrime-or-state-sponsored-hacking/

Is your question: does Malwarebytes protects against malware, hacks, etc. by APT28?

[rspostrspost]

Yes.  I understood from a WSJ article, that they are using on-line registration to put malware on hotel servers in Europe to capture passwords and again access guest computers.  I will be going to Europe next month and wanted to know if I should be concerned about using the hotel WiFi.  I am not sure if the malware resides on the hotel computer or uploads to the login computer.  In either case, will Malwarebyte help identify such intrusions?

Thanks, Dick

[Porthos]

48 minutes ago, rspostrspost said:

I should be concerned about using the hotel WiFi.

You should always be concerned and careful on wi fi that is not under your control. 

[Maurice Naggar]

The original question was nearly asking "will the program protect against a criminal group of cyber hackers".   Not about some specific known threat, but a huge generality.

You are best served by focusing on the security practices you follow on your pc, or matter of fact, your practices on any device you use.   Your pc use practices are your best protection.

Here are some basic starters (there are some others as well on our Malware Labs Blog.)

On this article https://blog.malwarebytes.com/101/2017/07/7-tips-to-stay-cyber-safe-this-summer/

See # 3 and # 4

Note the tips about Wi-Fi and the recommendation to use VPN software.

Especially, note the advice to be on guard at all times for spear phishing type attacks.

Study up about identifying spear phishing.

 

Spear phishing

https://blog.malwarebytes.com/glossary/spear_phishing/

 

 

Phishing 101: Part 2

https://blog.malwarebytes.com/101/2012/07/phishing-101-part-2/

 

Hacking your head: how cybercriminals use social engineering

https://blog.malwarebytes.com/101/2016/01/hacking-your-head-how-cybercriminals-use-social-engineering/

 

What follows are general rules for keeping your computer safe.

You should probably start with taking measures to insure you control who has access to your physical machine / device.

Next would be insuring your Windows operating system is fully up to date with Microsoft Windows security updates.  You might be surprised to learn how many exploits are stopped by just keeping up-to-date on a constant basis.

Insure that all your Windows systems have Malwarebytes 3 Premium and that they are all current with updates.

 

Next, insure all programs on your pc / device are all up to date with latest releases.

Check on update issues, by getting, installing and using Secunia Personal Software Inspector (PSI) on a regular basis.

See How to detect vulnerable and outdated programs using Secunia Personal Software Inspector ( by Flexera)

http://www.bleepingcomputer.com/tutorials/tutorial174.html

 

 

Safer practices & malware prevention:

Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.

First rule of internet safety: slow down & think before you "click".

You might be shocked to learn how many exploits & threats are prevented by "not clicking" on that alluring message, notice, popup, unexpected email, etc, etc.

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address   (one that does not fit or is odd looking or has typos).

Free games & free programs are like "candy".  We do not accept them from "strangers".

Never open attachments that come with unexpected (out of the blue) email no matter how enticing.

Never open attachments from the email itself.  Do not double click in the email.  Always Save first and then scan with antivirus program.

 

Use a Standard user account rather than an administrator-rights account when "surfing" the web.

See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html

Don’t remove your current login.  Just use the new Standard-user-level one for everyday use while on the internet.