Hackers Are Constantly Creating New Malicious Attacks
An Especially Scary Exploit, Known as the Stegano Exploit is a Recent Threat You Don’t Want To Encounter…
But just in case you do, I’ve written this guide about how to handle it.
That’s why it’s so important to stay one step ahead of them. I recently read an article about a new kind of exploit that occurs silently, behind the scenes, and it takes the form of some malicious code that’s hidden inside the pixels of an image. I’ve known about the possibility to hide code inside pictures for many years…although I never really understood how it works.
This new exploit uses that concept and it’s explained very well in this article by WeLive Security. The important information to be gleaned from this article I highlighted in the pictorial guide I made below. Please look at the pictorial guide closely, as I’ve included the most important elements for protecting yourself from this exploit within it.
If you double click or tap on this image it should open to full size.
Here are a few more pointers about the important aspects of this article.
- Make sure Window’s is up-to-date. It’s best to have ‘automatic updates’ turned on so you don’t have to remember to run this. Here’s a video that shows how to turn it on.
- It’s a good idea to use a browser extension like Ad Block Plus or NoScript which adds one more layer of security to keep the malicious stuff away from you.
- My last suggestion is to use 3 different programs to protect your computer and keep all of them up-to-date. I like to think of it as the trifecta of security programs for Window’s computers.
The Window’s Security Program Trifecta
- Anti-Virus program (we use ESET NOD32)
- Anti-Malware program (we use Malwarebytes Premium but there’s also a free version you can learn more about)
- Anti-Exploit program (we use Malwarebytes Anti-Exploits which is now included in their version 3 of Malwarebytes Premium. But when we first began using it, it was a separate program which is still available as a standalone beta here. The beta is free to use, but it’s important that you remember to,update it frequently.
Why Use All 3 Types…Isn’t That OverKill & Don’t They Interfere With Each Other?
The answer to that question is a resounding NO! That was a concern many years ago, (and by many I mean roughly 4 years ago,) but that is no longer the case. There are so many more threats out there today that the companies developing these programs had to come up with ways that they could work together.
In today’s world they do work well together…especially if you get them from the same company…although very few make all three. Each type is highly specialized and constantly updated, so you’re doing yourself a disservice if you run Windows and you don’t arm yourself to the hilt with protection! You can read a little more about this here…then at the end of this post I have some more links too.
What to Do if A Malicious Program or Pop Up Threatens You
Before I knew any better, my instant response to an imminent threat was to unplug my computer! While this isn’t a bad thing to do…(the chance of it hurting your OS is minimal, but you could lose some data if you haven’t saved some current work)…I now know there are better ways to handle the situation.
First I’ll tell you what you shouldn’t do.
You shouldn’t close the browser window the normal way…using either the big X or Close that may be displayed. The reason is because by doing so you will have set in motion the exact sequence of events you were trying to avoid. This article does a good job explaining this and provides 4 alternative methods for leaving the imminent danger. But for me that’s TMI (too much information) so I think you should just pick one to remember.
Next is What You Should Do
Then run scans using your anti-virus and anti-malware programs. Additionally you could run a 3rd scan of CCleaner too. CCleaner is a free program that does a really excellent job of cleaning up your computer. It oftentimes finds some things missed by other programs.
After you’re certain everything is fine maybe log your event somewhere…I use Evernote (it’s a free Note app I’ve written about here) for things like this…just in case future problems appear. It’s nice to,have a record of what happened since weeks later I’ve usually forgotten most of the details.
Why I Haven’t Been Writing A Lot of Post About Computer Security Recently
I haven’t written a post about computer security in a very long time because I almost never use a computer anymore. I love the mobility and freedom I experience using iPads! Now I realize that there’s one more thing I love about using iPads instead of my Windows computer…which is the lack of constant worry brought about by hackers and malicious attacks.
That’s not to say that ios users are completely safe from danger…but they are much less prone to those kinds of problems than Windows and Android users are. So too are Mac users. I wish I could say my choice to downplay my use of Windows was planned, but in fact it came about because I need some help with relocating the C: drive contents…after one failed attempt. Life is busy and I havent yet dealt with that. In the meantime I did get a Mac mini computer. I don’t actually use it very much either because it’s basically for managing our massive iCloud database. But when I do, I don’t maintain my typical Windows ‘on constant guard’ mindset!
Granted, I’m the exception when it comes to excessive worry about online security. If you’re interested in knowing why that is you can read my recent, very personal account of when our home network was infiltrated by hackers and we became unwilling participants in a massive Botnet.
Recommended Reading, Resources and Links:
Learn more about Adblock types of programs with Tom’s Guide to the Best Adblockers & Privacy Extensions
I love to get feedback from my readers! I try to make that as easy as possible by not requiring you to add an email address, or even your real name for that matter. You do need a name of some kind…but that can be whatever you want it to. Because it’s your feedback that’s important to me. I’m not interested in collecting readers email addresses and or creating a subscription mailing list because I just don’t think that the kind of things I write about warrant that kind of treatment.