HOW TO IDENTIFY ANY COMPUTER IS COMPROMISED OR NOT!!!
Hello everyone!!!
Today we are going to talk about "How to check our computer whether it is compromised or not?" Because it is also important to keep our systems secure. And this post is an awareness for all. So, before we start, we must know that what is compromised computer or system?
Compromised System can be defined as a system whose security is broken by someone with the help of some malicious tool or way in order to gain full access off that system. In other words, we can say that the system is being hacked by someone. There are different kind of methods used to compromise and gain access to the system without the owner's permission. It can be accessed through root access by root kit or making a user install some malicious software or phishing or installing back doors in that system and much more.
When our computer or system has been compromised, we could find out by checking the following points;
Here are the methods by which you can identify it.
1) Installing a new program:
When you install new programs or existing programs receives new updates that includes new programs or files in its back-end. When you install a new program, other programs may have been installed with it. For e.g. it is common for plugins and other free programs to have a check box asking and if it is feasible to install a new Internet browser toolbar or antivirus program on your computer. If you don't uncheck these boxes or don't read instructions properly then the additional new programs are installed. Such as Backdoor, Trojan, Spyware, Malware etc. Most common programs can allow to gain access and steal large amount of information stored on your computer.
2) Through email Spam:
Email spam is also used for hacking. When you receive any mail you must check in its header that it is came from the correct domain or not. If not then it is spam. Also when your friends or family are receiving an advertising email from your email. Check it same way and if it is a spam then tell them not to take any action by clicking any links given in those spam mail box.
3) The process of your computer gets slower:
If an attacker may gain access, he/she must be connected remotely. When an attacker is remotely connected to your computer, your system will become slow. It is fact that many times after the computer is hacked, it becomes a zombie to attack other computers. As there are multiple reasons behind your system getting slow. If such situation arises then go to the CPU utilization window and check that the process which there are really the programs which you are using right now or any other programs are there in that list.
4) Computer working itself:
If your computer has been exploited, it is possible that a malicious hacker is controlling it remotely without your knowledge, executing any programs that you have privilege to run. They can even control the computer as if they were sitting at your desk with using your keyboard and mouse. They can access your camera and also able to capture pictures and videos. Like mouse cursor could be moved automatically or something typed on your monitor etc. Your system can be locked several times and asks your password to unlock it.
5) Uninstall Security Programs:
We know that firewalls, IDS, IPS and various other security related tools which helps us to protect our computer. If your computer prompts any dialogue box asking any permissions and your are clicking on "OK" without reading it carefully then you are giving full control of your system to an attacker.
Also, when you saw any unauthorized entries or unusual log entries or when you saw unusual login attempts in your system, it means the system has been hacked or compromised. Multiple login attempts, system crash, system getting slow, last time usage of the account is not correspond to the actual last time of account usage, your computer password changed without knowing, these all are the symptoms of a compromised system. You can identify through these different notices.
WHAT TO DO WHEN YOUR SYSTEM IS BEING COMPROMISED
If you find any suspicious activity on your computer contact security person. Try to copy your important data somewhere else. If you are connected to any network than remove your system from that network in order to stop spreading of the virus or malware.
Thank you and stay safe !!!
Today we are going to talk about "How to check our computer whether it is compromised or not?" Because it is also important to keep our systems secure. And this post is an awareness for all. So, before we start, we must know that what is compromised computer or system?
Compromised System can be defined as a system whose security is broken by someone with the help of some malicious tool or way in order to gain full access off that system. In other words, we can say that the system is being hacked by someone. There are different kind of methods used to compromise and gain access to the system without the owner's permission. It can be accessed through root access by root kit or making a user install some malicious software or phishing or installing back doors in that system and much more.
When our computer or system has been compromised, we could find out by checking the following points;
Here are the methods by which you can identify it.
1) Installing a new program:
When you install new programs or existing programs receives new updates that includes new programs or files in its back-end. When you install a new program, other programs may have been installed with it. For e.g. it is common for plugins and other free programs to have a check box asking and if it is feasible to install a new Internet browser toolbar or antivirus program on your computer. If you don't uncheck these boxes or don't read instructions properly then the additional new programs are installed. Such as Backdoor, Trojan, Spyware, Malware etc. Most common programs can allow to gain access and steal large amount of information stored on your computer.
2) Through email Spam:
Email spam is also used for hacking. When you receive any mail you must check in its header that it is came from the correct domain or not. If not then it is spam. Also when your friends or family are receiving an advertising email from your email. Check it same way and if it is a spam then tell them not to take any action by clicking any links given in those spam mail box.
3) The process of your computer gets slower:
If an attacker may gain access, he/she must be connected remotely. When an attacker is remotely connected to your computer, your system will become slow. It is fact that many times after the computer is hacked, it becomes a zombie to attack other computers. As there are multiple reasons behind your system getting slow. If such situation arises then go to the CPU utilization window and check that the process which there are really the programs which you are using right now or any other programs are there in that list.
4) Computer working itself:
If your computer has been exploited, it is possible that a malicious hacker is controlling it remotely without your knowledge, executing any programs that you have privilege to run. They can even control the computer as if they were sitting at your desk with using your keyboard and mouse. They can access your camera and also able to capture pictures and videos. Like mouse cursor could be moved automatically or something typed on your monitor etc. Your system can be locked several times and asks your password to unlock it.
5) Uninstall Security Programs:
We know that firewalls, IDS, IPS and various other security related tools which helps us to protect our computer. If your computer prompts any dialogue box asking any permissions and your are clicking on "OK" without reading it carefully then you are giving full control of your system to an attacker.
Also, when you saw any unauthorized entries or unusual log entries or when you saw unusual login attempts in your system, it means the system has been hacked or compromised. Multiple login attempts, system crash, system getting slow, last time usage of the account is not correspond to the actual last time of account usage, your computer password changed without knowing, these all are the symptoms of a compromised system. You can identify through these different notices.
WHAT TO DO WHEN YOUR SYSTEM IS BEING COMPROMISED
If you find any suspicious activity on your computer contact security person. Try to copy your important data somewhere else. If you are connected to any network than remove your system from that network in order to stop spreading of the virus or malware.
Thank you and stay safe !!!
0 Comments