Question

An advisory practice was the target of an attack, whereby the malware allowed the fraudster to gain access to an adviser’s login details for all systems he had used recently. The fraudster now had access to every website or account that required a login. This included personal banking, platform desktop software, Xplan software and Facebook. The next time the adviser tried to log in to his platform desktop software, he was locked out. He rang our account executive team to report his access was locked. He couldn’t login, even though he was using his correct user name and password. The platform reset his password. The next day when the adviser tried again to login, he was locked out of the system again. It became obvious that the adviser’s user ID had been compromised. At this point, the user ID was deleted.

1. Identify and explain the malware attack experienced in the above scenario [5 Marks]

2. What recommendations would you provide for preventing such type of attacks? The recommendations should be discussed individually for the scenario and should not be a general list of recommendations [5 Marks]

Answer 1

1.

Keylogger malware is the malware attack technique that can be used to steal login passwords and other confidential or personal data from system.

This malware technical specially used for stealing user's id and password as this method works by tracking the user's keyboard stroke.So,this malware monitors your keystroke and store it ,then hacker or sender can retrieve the keystroke data and do various things with your data.

A keylogger monitors each keystroke of the user. The malware keeps track of the keystroke and saves the user's information locally – later the hacker requires physical access to retriever the stored user information

2. PREVENTIONS:-

• When the attack is suspected by the user. In that case, the user should immediately cutoff from internet (because by disconnecting from internet you can stop transfer of your data like keystroke data) and must use  security software for running a scan to check for malware or any threats.
• Network and system should be kept updated,because by updates we can get updated security patches which can save us from various malware or threats.
• When the attacker is stealing money,or using your logins to use social media etc. Immediately disconnect from the network, call banks, insurance, social media support and others as such to instruct them for blocking individual's account temporarily.
• Using 2-Step verification helps prevent keylogging attacks,because by 2-step verification or authentication it requires an otp or any verification process used to detect your identity. It prevents hackers from accessing your account even if your logins are compromised by hacker.
• Also,by contacting security firms or solutions firm we can get rid of malware because they do security scans and other scans which can detect and delete malware,virus and other threats.This can help you to get rid of hackers and slow system.
• Network and system should not have any glitches and it must be updated whenever update is available,because by updates we get new patches and improved security .
• Filing a complaint about the incident in cyber cell or cyber crime can help you and various people,because by it other people came to know about these type of threat or scams.Also,hacker can be caught.
• Key encryption software encrypt the keys you press on the keyboard to prevent keyloggers from capturing the exact keys. So keylogger will only be able to log the characters used to encrypt the sensitive information. If you want to add another layer of security against keyloggers, use key encryption software.
• Using Paid Anti Malware software because freeware or cracked software doesnt help you much and sometimes cracked software can also have a malware in it's files.so,paid antimalware software protects you from varieties of malware such as keyloggers, ransomware, rootkit, and trojan. It scans the files that enter the computer, thus detects and prevents fake software. software do scheduled or time-to-time scan so that it can detect virus,malware at the earliest.