Free Sucuri SiteCheck – Find Out If Your Site Has Been Hacked

I recently posted a piece – Webmasters Struggle With Hacked Sites – A Commtouch, StopBadware Report – which read in part: “Recent statistics indicate (surprise, surprise) – cybercriminals are increasing their targeting of websites for identity theft, virus distribution, and spamming.

And, according to a newly released survey (Compromised Websites: An Owner’s Perspective), from Commtouch and StopBadware – in which webmasters were queried on their fight against hacking – almost half of the survey participants (who had been hacked), had no idea until they received a warning from their own computer’s protection technology.”

Since I use WordPress as my blogging platform, I rely on the security apparatus WordPress has in place to protect me from the various cyber criminal attack schemes currently in play. Still, I would be more than a little naive if I didn’t  consider the possibility that WordPress’ site security is vulnerable to hacking.

If a security developer’s web site can be hacked – and, many have been in the last year – including Panda Security in just the past few days*, it lends credence to the suggestion that any site can be hacked.

*Late Tuesday night, at least 35 public facing websites belonging to Panda Security were hacked and defaced by the LulzSec and Anonymous hacking groups. The defacement also posted multiple usernames and passwords associated with Panda Security employees.

Frankly, it absolutely infuriates me when I consider that the 4 years plus that I’ve put into writing and maintaining this Blog could, in little more than a moment, be destroyed by a single act of a cyber criminal. In my weaker moments, I have visions of lining these creeps up against the wall and being done with them.

But, the reality is much different, of course. So, it’s incumbent upon me to ensure that visitors to this site are protected (imperfect as that might be), from the nasties which cybercriminals can load onto a site.

There’s no foolproof solution but, one measure which I employ frequently is taking advantage of a free service offered by Sucuri Security – which, quickly scans for the most common threats as illustrated in the following screen capture.

Additionally, all links within the site are scanned. The following screen shot shows a small representation of the hundreds of links which were scanned.

If you’re a blogger or a site owner, I suggest that you take advantage of this free service so that you can check if your site has been compromised. It’s one more tool in the fight against the increasing threats posed by cyber criminal gangs.

Scan your website free.

OPSWAT’s Metascan Online – A VirusTotal Alternative

I’m right and you’re wrong.

No, I’m right and you’re wrong!

You’re listening to a couple of sports fans arguing over who’s the best tennis player maybe? Could be – but, if you’re analyzing a downloaded file with more than one antimalware application (and you should), you could be witnessing a more serious difference of opinion.

You’ve primary anti-malware application is advising you that the application you just downloaded contains malware. But, since you’re an aware computer user, you’ve launched your secondary malware scanner and – surprise – there’s a difference of opinion – no malware.

So, you’re now dealing with the big question – are you dealing with a false positive thrown up by the primary malware scanner, or is it more likely that the secondary scanner is misbehaving?

You could just flip a coin, or go with your best guess – but, you didn’t become a super user by flipping coins, or guessing, when it comes to your system’s security. No, you’re better than that, so you upload the questionable file to VirusTotal, where it will be scanned for nasties by thirty five plus diverse online scanners.

VirusTotal result – a clean file. Elapsed time on this scan – under a minute.

As an alternative to VirusTotal, or in addition to (maybe not a bad idea), you can run the file through a new service now being offered by OPSWAT, the company behind the highly recommended AppRemover.

OPSWAT’s Metascan Online, is similar in many respects to VirusTotal – as the following screen shots indicate.

Browse your Hard Drive for the file to be uploaded (for this test I’ve selected a different executable – 15 MB as opposed to 3 MB).

Detailed results are shown in the  following screen capture. As you can see – the file has been processed through 19 AVs and has come up clean. Elapsed time on this scan – just over a minute.

This new service was launched just a few days ago, so you may experience a glitch or two. In testing, over several days (in both Windows and Ubuntu Linux), I must admit I bumped my head a time or two,  but after speaking with the company, the minor server issues I encountered were resolved quickly.

Responsiveness to customer issues is the hallmark of a client centered organization, and OPSWAT certainly meets that test.

Fast facts:

Use of multiple antivirus engines

Real-time automatic updates of virus signatures

Detailed results from each antivirus engine

Real time global statistics available

Keep in mind, an online scanning service is not a substitute for an appropriate local defense system, including a firewall (either software or hardware), and a sound and effective anti-malware application.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Take 10 Seconds And Have BitDefender QuickScan Add-on Audit Your System For Malware

BitDefender’s QuickScan (last updated April 7, 2011), is a Firefox, and Chrome add-on, built around cloud based technology (a continuously updated malware database and scanner, hosted on remote servers), making it FAST! FAST! FAST!

Following installation of the add-on, QuickScan sets a quick launch Icon in the Browser Toolbar for easy access. (Firefox 4 shown)

The following screen shots show QuickScan in the process of scanning critical files and modules, on my Win 7 machine.

Elapsed time 10 seconds!!!! That meets my definition of FAST! I run QuickScan daily, and a 10 second scan completion is fairly typical.

My Internet connection speed is – 16 Mbps (download), and 1.5 Mbps (upload). Your results may vary, depending on your connection speed.

Following the scan, you’ll have access to a full report. The following screen capture is only a partial representation of the report, (it’s just too big to insert in this article). Click on image to expand to original.

Fast facts:

Very fast scanning

Runs online from any Internet connected Windows PC

Based on BitDefender anti-malware technologies

Detects running malware

Detects hidden threats (rootkits) and keyloggers

Scans:

Processes

Network activity

Autoruns and critical files

Browser plug-ins

Note:

This add-on is not a replacement for active antimalware protection.

No cleaning capabilities are included in QuickScan, so if you encounter a positive indication of a malware infection, use your onboard antimalware application to clear it.

Takeaway:

Today’s malware is quite capable of shutting down onboard antimalware applications, while allowing the user to believe the application/s are fully functional. A simply scan with QuickScan can provide an early warning of such activity.

Download: Firefox

Download: Chrome

 

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Can I Install And Use More Than One Antimalware Application?

If one is good, then two should be better, right? If your counting dollars, then the answer is pretty obvious. But, if your counting installed security applications – then the answer may not be that obvious.

We get a lot of questions here on Tech Thoughts, and the following question (in one form or another), is a regular – “If I have one antimalware can I download and use another as well.”

Answer:

If the question is, can you install and run two antimalware applications concurrently (both of which perform the same task), the answer is – not without the potential for conflict.

As a rule of thumb, it’s never really a good idea to run two antimalware applications concurrently. At the very least, system resources take an inappropriate, and wasteful hit. Beyond that, serious issues, including system crashes are common.

It’s always a good idea of course to scan your machine with a second antimalware application, say once a week or so, since there is no one application capable of identifying all malware. So yes, go ahead and install another AV solution; but use it as a secondary on demand scanner.

Don’t run both programs both programs concurrently. That is, don’t allow both programs to start on Windows startup. Instead, launch the “on demand” scanner from the program menu, or the desktop, when needed.

Two highly recommended antimalware applications that excel as “on demand” antimalware applications, follow. It’s important to note, that the real time protection module is disabled in the free versions of these applications. But, this is actually perfect for your purpose.

SUPERAntiSpyware Free:

I’ve been using SUPERAntiSpyware as a secondary scanner for years, and I have no hesitation in stating that this application deserves its reputation as a first class security application.

SUPERAntiSpyware is fast, efficient, and effective, and I highly recommend that you add it to your security toolbox, as a secondary line of defense.

Malwarebytes’ Anti-Malware:

Malwarebytes’ Anti-Malware has an excellent reputation (shared by me), as a first class security application, for its ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike.

Note: Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig.

We’re not quite finished yet.

If the question you’re really asking is – can you run an online antimalware scanner while your principal onboard AV application is running? The answer is – yes.

Here are some Online scanners that have developed a good reputation for accuracy; be sure to read the Terms of Use or Privacy Statements carefully, and be aware, that not all Online scanners will disinfect.

Panda NanoScan

McAfee FreeScan

Symantec Security Check

Trend Micro’s HouseCall

ESET Online Scanner

Kaspersky Online Scanner

Now that I’ve given you the “rule of thumb” – let me break it!

There is one class of antimalware application that can run currently with your principal AV, and that is – a cloud based security application. Specifically, those that are designed to be “companion”, security applications.

A terrific application in this class of security applications, and the one I use personally is – Immunet Protect.

Immunet provides cloud-based protection that is always up-to-date against viruses, spyware, bots, worms, Trojans, and keyloggers without slowing down your PC. No need to download any virus signature files.

Immunet Protect is compatible with existing antivirus products and adds an extra, lightweight layer of protection, for free

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

False Malware Positive? Or Not? How Do You Decide?

You’ve run your primary anti-malware application, and up pops a notice advising you that you have an infection. But since you’re an aware computer user, you launch both your secondary malware scanners in sequence and – surprise! According to your secondary scanners you are not infected.

But, you’re aware that anti-malware programs that rely on a definition database to identify malware files, can often be behind the curve in recognizing the newest threats.

So, decision time. Do you then trust your primary anti-malware application and attempt removal, or instead, do you trust the results produced by your secondary scanners, and leave well enough alone?

In reality, you’re not really limited to just these two choices. There is another option open to you.

If you’re worried about a specific file, here’s an interesting twist on free Online scanners– you can have any specific computer file (files are restricted to a maximum of 10 megabytes), scanned for nasties by thirty five plus diverse online scanners, all in one go, through VirusTotal.

To take advantage of this service, simply upload a file, that you’re uncertain of, to Virus Total, or as an alternative submit your suspicious file to Virus Total by email. What could be simpler?

The following graphics indicate just how efficient this free service is.

Received Files/Infected Files (Last 24 Hours) May 28, 2010:

This image shows the number of files that have been detected as infected (red) among the total number of files received within the last 24 hours (clean ones marked in blue).

Top 10 Infected Files (Last 24 Hours), May 28, 2010:

This image shows the list of the most-uploaded infected files received within the last 24 hours.

Quick facts:

Free, independent service

Use of multiple antivirus engines

Real-time automatic updates of virus signatures

Detailed results from each antivirus engine

Real time global statistics

Keep in mind, this service is not a substitute for an appropriate local defense system, including a firewall (either software or hardware), and a sound and effective anti-malware application.

Upload your suspicious file/s to: Virus Total

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.