The use of home IoT environments is the fastest growing industry in the Technology industry. New apartments, offices, and home have security systems which lock doors monitor windows and motion detect rooms. This was defined by Trend Micro https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/threats-and-risks-to-complex-iot-environments This runs on DIY tech bootstrapping software that can be used for smart homes and buildings, and this can run the small home devices like toasters and large items like refrigerators. The home intelligent lock doors, home stereo, and security cameras will run using artificial intelligence. There are 2 primary types and classes the “bolt type” and the “purpose-built model. The bolt type is a box that runs the system by making connecting via wi-fi extenders or a mesh router that runs on the Blue tooth. The cost of this model is less expensive and as a DIY is easy to install. The Purpose built type (Yami, Sonos, and Hue Hobs ) and the connection are done by Ethernet connections that run from a server that communicates with also wi-fi and Zwave blue tooth.
The primary cloud application connection uses the FHEM and MQTT to establish the network connection by wireless and ethernet. How do the bad guys get in? The cybercriminals have learned to attack the Purpose-built types differently than the Box type, but in both cases, they first establish access to the wireless network. The automation rules in the CIE admin settings and alter the security setting used by the smart cameras, door locks, and motion detectors.
Those using Alexa, the Google assistant, and Phillps Hue can have the voice command altered by changing the setting that controls the management. The other method allows an attacker to create a new sound from his own voice.
3 WAYS TO STOP THIS ATTACK.
1. Make monthly checks on the automation rules on the system and backup this data to a cloud server. check out http://noderedguide.com/ 2. Good password hygiene also involves using strong passwords or enabling two-factor authentication if applicable. 3. Make sure that device and server settings are secure by turning off unnecessary services and minimizing the amount of information being gathered by a device if possible.
DID YOU GET HIT BY A STEGANOGRAPHY ?
What is Steganography? The art or practice of concealing a message, image, or file within another word, copy, or data. (https://www.merriam-webster.com/dictionary/steganography)
Click on the text or document run the video or audio file and download an image.
The malware will launch when you :
One of the most common methods of cybercriminals to infect a system and gain access to your computer is by Steganography. The Steganography is added to images, text or documents, videos, and audio files.
The malware installed is the Trojan: W32 VANTRAK type which can do the following on your system :
Steal the login credentials on the pc, mac, or smartphone.
Search for internet browser history.
Banking and credit card information
What are the signs of an infected computer?
The computers web browser (firefox, chrome, and M.S.edge ) will have the home page redirected to infected or unknown sites which will allow the cybercriminals to inject additional malware.
What to do to remove the malware on the system?
For Windows 10 to remove malware using the windows defender antivirus.
Use the Microsoft safety scanner.
Update current antivirus or reinstall the application.
The internet browsers must have the extensions must be examined for any rogue installs of detected malware.
The best way to remove malware from a MAC infected by malware.
Close all apps on the system.
2. Open the activity monitor type in the name
Locate the problematic apps in the process
3 Move the apps to the trash and clear the garbage.
4Check the DMG. File in the download and move it to the dumpster.
5 The MAC users can download from https://macpaw.com/download/cleanmymac and scan the system for malware.