fbpx

Cybersecurity Warning:  Online News Readers are the next target.

Must Read

Destiny Young
Destiny Younghttp://linktr.ee/youngdestinya
Destiny Young is a highly credentialed information technology professional with over 13 years of industry experience. An HND/BSc (Hons) Computer Science graduate. He holds a Master of Technology degree in Information Technology from the prestigious University of South Africa (UNISA). He is a Distinction-grade MBA alumnus of Nexford University, Washington, DC, where he also obtained a First-class MSc degree in Digital Transformation. He is currently pursuing MSc in Cybersecurity. His professional development direction is in Cybersecurity, Digital Transformation, and Business Intelligence. He is a member of the British Computer Society (BCS), the Chartered Institute of Administration of Nigeria (CIA), the Nigeria Computer Society (NCS), etc.


I got an invitation on my LinkedIn Page from a reputable corporate leader to connect with me. As I usual, when I get an invite, I always like to profile the person to know more about the personality.

As I went through the Corporate Leader’s bio information; I saw an update regarding his company’s latest product addition, and I decided to Google search the feature of that additional product just informational purpose.

The moment I right clicked the subject and chose Search on Google from the Context Menu, Anti-threat protection system installed on computer quickly prompted me with a Notification of a potential threat which it has blocked from execution. That propelled my curiosity to investigate the threat.

MY INVESTIGATION:

I picked the details of the threat. Below is the threat analysis information from my Anti-threat protection system:

+++START OF THE DESCRIPTION+++

Event: Download denied

User: YOUNGDESTINYA24\youngd

User type: Initiator

Application name: chrome.exe

Application path: C:\Program Files\Google\Chrome\Application

Component: Safe Browsing

Result description: Blocked

Type: Trojan

Name: HEUR:Trojan.Script.Generic

Precision: Heuristic Analysis

Threat level: High

Object type: File

Object path: https://businessday.ng/companies/article/upperlink-expands-international-market-options-for-local-merchants

MD5 of an object: 4EBCDAD15EC7566028F48D7B7034F60A

Reason: Expert analysis

+++END OF THE DESCRIPTION+++

EXPLANATION:

So, when I clicked the SUBJECT in the context menu and search on Google, it picked up an article about the subject which was published on a reputable online Business Magazine, the Business Day online. The link to the article is given as:

Interestingly, if I were to read more about the subject without paying critical attention to my anti-threat protection system alert, I would simply click the link and open the article.

If I had done so, without the Realtime check of my Anti-Threat Protection system that automatically blocked the transfer a malicious trojan into my device, I would have downloaded a MALICIOUS TROJAN named: HEUR:Trojan.Script.Generic into my device.

My threat protection system defines the Trojan Script as having very high level threat potential as described under its Threat Level Ranking. It has the ability to self-install itself on any computer it has been successfully downloaded into because is an executable Brower script: chrome.exe

I PROPEB HEUR:Trojan.Script.Generic FURTHER:

I visited: https://malwarefixes.com/threats/heurtrojan-script-generic/

Below is how malwarefixes.com described it:

HEUR:Trojan.Script.Generic is a malicious executable file that can be run on the computer via remotely or locally. Once operational, the hackers can be able to perform various malicious actions that could further harm the computer. Because of this consequence, immediate removal of HEUR:Trojan.Script.Generic is highly recommended.

In summary:

Trojan horses are malicious scripts authored by hackers and threat actors targeting internet users with the sole aim of taking over the control of their computers. It has the ability to escalate system user privileges to Admin and assume full control of your computer system. With Admin Right, the hacker can do anything on your system, including installing keyloggers which can exfiltrate logs of credentials you have used to log into several platforms such as Banks online website, Social Media accounts, online payment systems, etc.

Given the above abilities, you can imagine the enormity of the breaches that could have taken place in your computer should the trojan script had successfully been executed on my system.

MY RECOMMENDATION:

  1. Install a premium anti-threat protection system on your computing devices and ensure its detection signature databases are regularly updated.
  2. Ensure Realtime threat detection is set to on via the setting of the Threat Protection System.
  3. Before you click open an internet source, be sure you are visiting the right source.
  4. Website Administrators of the websites should ensure malware detection systems are installed and enabled at the backend of their website. This is an even more important responsibility of website owners to ensure safe internet and protection of site visitors.

I am your regular Cybersecurity Analyst.

YOUNG. D.

Destiny Young
Destiny Young is a highly credentialed information technology professional with over 13 years of industry experience. An HND/BSc (Hons) Computer Science graduate. He holds a Master of Technology degree in Information Technology from the prestigious University of South Africa (UNISA). He is a Distinction-grade MBA alumnus of Nexford University, Washington, DC, where he also obtained a First-class MSc degree in Digital Transformation. He is currently pursuing MSc in Cybersecurity. His professional development direction is in Cybersecurity, Digital Transformation, and Business Intelligence. He is a member of the British Computer Society (BCS), the Chartered Institute of Administration of Nigeria (CIA), the Nigeria Computer Society (NCS), etc.
- Advertisement -spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

How Digital Forensics Aide Fraud Investigation

Digital forensics is a branch of forensic science that involves identifying, preserving, analyzing, and reporting on electronic data. The goal is to preserve evidence in its original form and reconstruct past events to support or refute hypotheses.
- Advertisement -

More Articles Like This

- Advertisement -