Heartbleed and Java vulnerability

Posted on Posted in Blog

The other day I received a distress call from a customer who had taken a call from her bank informing her of unauthorized withdrawals from their bank account.
after some hesitation, she was able to confirm that it wasn’t a hoax call and that indeed, withdrawals had been made.
While the bank was able to intercept the payments, I was called to investigate the PC.
upon further discussion, it was established that during the week there was some strange behavior on the Pc where it automatically reboot.
upon logging into the PC I found that the entire taskbar had been replaced with some software looking very similar to the Windows 7 taskbar.

I was able to run the anti-virus which picked up 2 exploits, which we were able to remove.

Looking further, I researched that there is a security hole in some older versions of Java combined with the well publicized issues with the SSL protocol leading to a worldwide exploit called HeartBleed.

I managed to remove all traces of malware, update Java and get the PC back to a normal state without too much difficulty.

The lesson is that no matter what security practices you have in place, we always need to be vigilant of unusual happenings on the device.

HeartBleed is serious and should be treated with the utmost care.

This Mashable article indicated the passwords that need to be changed.

A quick email to trusted advisor can save more than real HeartBleed. ip address . web headers .