btw whats happening to rootkits lately because i haven't seeing any new ones lately
Also you have to know that "advanced" rootkits that Nvt talked about are mostly first made by agencies or corporations for spying purposes, and ask yourself:
If a government create such powerful rootkits , will they try to bypass common home users security solutions? Of course not ! They will ask to the local security vendors to whitelist them until they dont need it anymore then the code goes into the wild
Also you have to know that "advanced" rootkits that Nvt talked about are mostly first made by agencies or corporations for spying purposes, and ask yourself:
If a government create such powerful rootkits , will they try to bypass common home users security solutions? Of course not ! They will ask to the local security vendors to whitelist them until they dont need it anymore then the code goes into the wild
Actually to add to the quote i forgot to mention that often industrial networks are very well protected so directly hacking it might not always be a option.
Like i mentioned before home users can play a vital role here to wear down the security of a company, imagine yourself a nations KEY ISP provider, they have better security as their commercial counterparts and they are charged with critical network components of a nation.
Hacking those directly equals a phone call to a nations secret service and tell them what you are up to.
So hackers go from the top down and hack weaker links, and a home user can provide a really good tool.
if you infect their routers or their PC with a bot based rootkit, then you can remote attack the ISP network and wear it down.
I have seen attacks coming in from over 25k slave computers and hundreds of slave servers and these computers where virtually all home users from different nations, the only few things they did have in common:
1: They have NO security or virtually none.
2: They have FAST internet and weak ISP provider.
3: They are online virtually 24/7 and are infected.
So even tho i do agree with Umbra it is not entirely correct that real hackers pass by a home user.
And given the increase of security across the globe you will see more home users being targeted, just because they are so easy to hack and if you slave them into a bot network they can be potentially the biggest danger to a targeted company next to the initial attack itself.
One of the things that do happen is that a company receives such amount of Data (DDOS) that they switch off vital key services to avoid data loss or reroute them to a dummy server (DDOS Protection), however during shutting down or switching the security levels of that vital system is at its lowest and will last from 20 second up to 2 minutes.
While a hacker only needs 10 seconds to apply his rootkit during such a event.
They can pinpoint this event in realtime.
That said GOV sponsored attacks usually do not reach the public masses, but for all other hacking clubs and individuals the average home user is just another tool to use.
So the odds that a person is being targeted for infection with the aim to actually participate into a much larger attack is so much higher then you are surfing and accidental stumble upon rootkit X.
I do not have any statistics but i venture to say that 3 out of 10 users have been infected for exactly this reason at least ones in the past 5 years.
Obviously this is just a guess but taking into account other internet capable devices i think this problem will grow to proportions we have not seen yet.
Anyway to get back to the topic: What happened with all the rootkits? Do a scan of ur pc...who knows what turns up.lol
+1000 well saidYes mostly home users infected computers are destined to be "zombies" in botnets attacks and if the hacker can get some sensitive infos (banking credentials, Card numbers, etc...) at same time, it is a bonus for him.
Did backup affect if i encrypt my files & harddisk?Thanks Nvt , your previous post remind me about an infection found on cisco routers , the malware monitored the traffic passing by the router and collected the datas. In that case, there is no way you can get protected by any AVs since the malware is not on your machine nor on the server you try to reach, only by using encryption softwares, your datas may be secured.
Did backup affect if i encrypt my files & harddisk?
No i just asking, if i encrypt my files in window 8.1 pro with some 3rd party softwares, will backup affect them? Plus i don't put ant sensitive data or information in my pc thnxBecause the infection Umbra mentioned is not physically on your PC you can backup all you want you can install 1000 AV programs and 300 comodo firewalls and use the highest encryption of your hard drives possible. it will do you no good. Such infection will capture your packets from the router from point A to B and intercept, read and if possible modify it.
And as umbra mentioned you can encrypt and tunnel your data but often these infections are capable of intercepting the key packages as well.
So encryption will usually fail.
resetting your router does not work in most of the times, usually you will have to get the firmware off and totally replace it as the backup factory default are 9 out of 10 times infected as well.
No i just asking, if i encrypt my files in window 8.1 pro with some 3rd party softwares, will backup affect them? Plus i don't put ant sensitive data or information in my pc thnx
well i don't believe in online banking & if i use online banking, i will use my other bank account with less then 20 dollars on it & when i need to feel online shopping, i'll add amount on it & do shopping.Well assuming that the Rootkit/Trojan does ONLY monitor your data stream from point A to B and captures login, credit and such data your local data will be pretty save.
But if such malware is monitoring your data streams with the aim to download, install and inject code in for example your windows update stream (As it can capture and modify/inject code into a secure legit data stream) you can be infected with other malware.
And due to the fact such malware uses Windows update, or even your anti virus update data link, it can penetrate your system beyond the reach of your conventional security options.
So i assume that the reply to your question would be: You might be secure and your data night be clean under the right conditions.
But i honestly cannot judge about that as i do not know what particular infection Umbra is talking about. Because there are huge numbers of router injectors and tapping malwares out there each on with their own abilities and payload / toolset.
That said, generally if its just a packet sniffing malware you should be fine.