• NO Processing Fee, No Diagnosis Fee, NO Data No Charge
20 Feb

Chinese Spyware Pre-Installed on All Samsung Phones (& Tablets)

Chinese Spyware Pre-Installed on All Samsung Phones (& Tablets)

The reddit user throws light on the Samsung’s involvement with Qihoo 360,

I know the title is rather sensational, however it couldn’t get any closer to the truth.

For those who are too busy to read the whole post, here’s the TL;DR version: The storage scanner in the Device Care section is made by a super shady Chinese data-mining/antivirus company called Qihoo 360. It comes pre-installed on your Samsung phone or tablet, communicates with Chinese servers, and you CANNOT REMOVE it (unless using ADB or other means).

This is by no means signaling hate toward Samsung. I have ordered the Galaxy S10+ once it’s available in my region and I’m very happy with it. I have been a long time lurker on r/samsung and r/galaxys10 reading tips and tricks about my phone. However, I want to detail my point of view on this situation.

For those who don’t know, there’s a Device Care function in Settings. For me, it’s very useful for optimizing my battery usage and I believe most users have a positive feedback about this addition that Samsung has put in our devices. With that being said, I want to go into details regarding the storage cleaner inside Device Care.

If you go inside the Storage section of Device Care, you’ll see a very tiny printed line “powered by 360”. Those in the west may not be familiar with this company, but it’s a very shady company from China that has utilized many dirty tricks to attempt getting a larger market share. Its antivirus (for PC) is so notorious that it has garnered a meme status in China, Hong Kong, Taiwan and other Chinese speaking countries’ Internet communities. For example, 360 Antivirus on PC would ACTIVELY search for and mark other competitors’ products as a threat and remove them. Others include force installation of 360’s browser bars, using misleading advertisements (e.g. those ‘YOUR DEVICE HAS 2 VIRUSES, DOWNLOAD OUR APP TO SCAN NOW’ ads). These tactics has even got the attention of the Chinese government, and several court cases has already been opened in China to address 360’s terrible business deeds. (On the Chinese version of Wikipedia you can read further about the long list of their terrible misconducts, but there’s already many on its English Wikipedia page: https://en.wikipedia.org/wiki/Qihoo_360).

If the company’s ethics are not troublesome enough, let me introduce you to the ‘Spyware’ allegation I made in the title. A news report from the Chinese government’s mouthpiece ChinaDaily back in 2017 reveals 360’s plan to partner up with the government to provide more big data insights. In another Taiwanese news report back in 2014, 360’s executive even admits that 360 would hand the data over to the Chinese government whenever he is asked to in an interview (https://www.ithome.com.tw/news/89998). The Storage scanner on your phone have full access to all your personal data (since it’s part of the system), and by Chinese laws and regulations, would send these data to the government when required.

With that in mind, for those who know intermediate computer networking, I setup a testing environment on my laptop with Wireshark trying to capture the packets and see what domains my phone are talking to. I head over to Device Care’s storage section and tapped update database (this manual update function seems to be missing from One UI 2.0), and voila, I immediately saw my phone communicating to many Chinese servers (including 360 [dot] cn, wshifen [dot] com). I have collected the packets and import them into NetworkMiner, here’s the screenshot of the domains: https://imgur.com/EtfInqv. Unfortunately I wasn’t able to parse what exactly was transferred to the servers, since it would require me to do a man in a middle attack on my phone which required root access (and rooting seemed to be impossible on my Snapdragon variant). If you have a deeper knowledge about how to parse the encrypted packets, please let me know.

Some may say that it’s paranoia, but please think about it. Being the digital dictatorship that is the Chinese government, it can force 360 to push an update to the storage scanner and scan for files that are against their sentiment, marking these users on their “Big Data platform”, and then swiftly remove all traces through another update. OnePlus has already done something similar by pushing a sketchy Clipboard Capturer to beta versions of Oxygen OS (which compared clipboard contents to a ‘badword’ list), and just call it a mistake later. Since it’s close source, we may really know what’s being transmitted to the said servers. Maybe it was simply contacting the servers for updates and sending none of our personal data, but this may change anytime (considering 360’s notorious history).

I discovered that the Device Care could not even be disabled in Settings. I went ahead and bought an app called PD MDM (not available on Play Store) and it can disable builtin packages without root (by abusing Samsung’s Knox mechanism, I assume). However I suffered a great battery performance loss by disabling the package, since the battery optimizer is also disabled too.

After a bit of digging, the storage cleaning in Device Care seemed to be present for a long time, but I’m not sure since which version of Android. It previously seemed to be handled by another sketchy Chinese company called JinShan (but that’s another story), but got replaced by 360 recently.

Personally, I’m extremely disappointed in Samsung’s business decision. I didn’t know about 360 software’s presence on my phone until I bought it, and no information was ever mentioned about 360 in the initial Setup screen. I could have opted for a OnePlus or Xiaomi with the same specs and spending much less money, but I chose Samsung for its premium build quality, and of course, less involvement from the Chinese government. We, as consumers, paid a premium on our devices, but why are we exposed to the same privacy threats rampant on Chinese phone brands? I get it that Samsung somehow has to monetize their devices with partnerships, but please, partner with a much more reputable company. Even Chinese’s Internet users show a great distrust about the Qihoo 360 company, how can we trust this shady and sketchy company’s software running on our devices?

This is not about politics, and for those who say ‘USA is doing the same, why aren’t you triggered?’, I want to clarify that, no, if the same type of behavior is observed on USA companies, I will be equally upset. As for those who have the “nothing to hide” mentality, you can buy a Chinese phone brand anytime you like. That is your choice. We choose Samsung because we believe it stand by its values, but this is a clear violation of this kind of trust.

If you share the same concern, please, let our voices be heard by Samsung. I love Reddit and I believe it’s a great way to get the community’s attention about this issue. Our personal data is at great risk.
To Samsung, if you’re reading this, please 1.) Partner with an entirely different company or 2.) At least make the Storage scanner optional for us. We really like your devices, please give us a reason to continue buying them.

Temporary Solution and Concern to note also.

Just in case in all the apps you’ve downloaded you spot ads , please note  also the developers of those apps are sharing and selling your data as part of adverts, nothing personal so to speak but those terms and conditions we all ignore to read before installing or are made difficult to locate where the links are. This is what screws everyone for ignoring them. Please read and know what you are bound to or about to give conceit for them to access.

The authorized system tracks or monitor your browser history, apps, the  music you listen or even stuff you normally buy on Amazon, eBay or even in google and to make matters worse triangulate your location. Well this is the future of A.I for big data being sold shared and sold out by the giants.

Solution: As a temporary solution, change all your settings for your apps, clear your browser’s history, daily clean all your cache’s out, delete apps you don’t use or need. Please read the terms before installing. This will minimize your exposure.

Contact us now:

Call now 0711 051 000. We are the Data recovery Experts in Kenya and Africa.  We also do digital forensics.
Do not Suffer in Silence we can help.  We are located at Chiromo Court 3rd floor Nairobi Kenya.

 

This blog is Courtesy of Reddit.com

Share this
08 May

Surge of MegaCortex Ransomware attacks detected

Surge of MegaCortex Ransomware attacks detected

A new strain named MegaCortex.

A cyber-security firm in the UK has reported detecting a spike in ransomware attacks at the end of last week from a new strain named MegaCortex. The firm said the MegaCortex ransomware appears to have been designed to target large enterprise networks as part of carefully planned targeted intrusions – a tactic that is known as “big-game hunting.” The modus operandi is not new and has been the preferred method of delivering ransomware for almost half a year.

MegaCortex now joins an ever-growing list of ransomware strains that cyber-criminal groups are using only in targeted attacks, rather than with spam or other mass deployment techniques. The list includes some recognizable names, such as Ryuk, Bitpaymer, Dharma, SamSam, LockerGoga, and Matrix.

SUDDEN RISE OF ATTACKS THIS MONTH.

According to a report released late Friday night 3rd May 2019, MegaCortex was first spotted back in late January, when someone uploaded a sample on malware scanning service VirusTotal.

Since then, the number of attacks has been growing, but they spiked mid last week when the firm says it detected 47 attacks – accounting for two-thirds of all the 76 MegaCortex attacks the company has seen all year.

The firm says it blocked the attacks it detected, which originated from enterprise networks located in the United States, Canada, the Netherlands, Ireland, Italy, and France. However, other megacortex attacks might have occurred in other places where the UK antivirus vendor had no coverage.

 

 

Share this
07 Jun

How to prevent Locky ransomware

How to prevent Locky ransomware

Remember that preventing Locky and extortion-ware like it is simply a matter of user discipline and an awareness of how malware can be contracted. The first consideration for stopping infections is to maintain an up-to-date system. This includes operating system security patches and ensuring that you’re using the latest version of your browser; place browser settings to their highest that still allow access required and warn of hazardous ‘site content. Disallow all add-ons, plugins and extensions. Install a good firewall that will cover ALL routes – including remote and networking connections; set this to disallow communication on Tor and I2P networks (so that if a trojan does gain entry, it cannot communicate and execute), block unauthorized port use. Get the best security software possible that will carry out in-depth scans. For good measure, make backups as regularly as possible to external storage.

lockyvirus

The next consideration is settings, or privilege. On a network of any size – family or business – do not use the Administrator log-in for general use, or stay logged-in for longer than necessary in this capacity. It’s safer to give the username/password to everyone who may need it with the instructions to log-off when a task is completed. Allow strictest Admin privileges that still enable the network to function (see the Microsoft website for more detail on this).

lockyvirus2

The easiest element of prevention is good working practice – though perhaps this is sometimes the most difficult to enforce or adhere to. Bear in mind the delivery routes mentioned above. In the case of the e-mail delivery threat, depending on a system, set ‘mail to highest security. Ensure that all users are aware of the risks of opening unsolicited ‘mail. Disallow ActiveX (macro) function for all Microsoft Office applications. Find a method to filter incoming containing attachments and preview if neccessary by left-clicking and viewing Source in Properties which will supply the body of the text and display any hidden attachments without actually opening the file (DO NOT preview in Print Preview, as this can execute some malware).
Stay organized and up-to-date – don’t let this current threat know your business!

macroslocky

Contact us now

If you’ve lost valuable, irreplaceable data   or need Data Recovery Plan for your Oraganisation or business— We can save it! Call us now at +254 711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands, Kenya. Best of it, we have distributed offices all over East Africa and can easily get your device brought to us from anywhere in East Africa.

Also  we have other services in data recovery for various  devices; Hard Drives, Laptops, Desktops, Raid SystemsRAID / NAS / SAN , Servers, Memory Cards, Flash Drives, Databases, SSD Drives etc

East African Data Handlers ltd  no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

Share this
17 Mar

Data Disaster Recovery Plan

Data Disaster Recovery Plan

Did you know that no organization looks forward to the day they implement their Data Disaster Recovery Plan. But like any good insurance policy, Data Disaster Recovery Plan is an essential component of business continuity and preservation.

Am sure most people understand that much or have an idea. Where organizations often fall short, however, is the details and preparation. The only thing worse than having no plan at all is not going through the proper research and review prior to the event that takes you offline.

Point of advice , don’t find yourself stuck like the character ” Kamau” as illustrated in the image. Get your facts right! and start the process now while keeping in mind these six, baseline items:

1 – Identify and plan for your most critical assets.

Because of the high resource requirements of a good Data Disaster Recovery Plan, focus only on the processes and applications that are most crucial to your business while you restore normal operations. For many companies, those may be customer-facing applications and systems like e-commerce sites or portals. Applications like email, while important, may take a secondary position, and systems for internal use only – like HR or accounting applications – may fill out a third tier.

2 – Determine RPO/RTO.

The Recovery Point Objective (RPO) is the maximum amount of time your business can tolerate between data backups. If your RPO is one day, that means you can survive losing one day’s worth of data, but no more. Your Recovery Time Objective (RTO), on the other hand, is the target for restoring regular service after the disaster strikes. Neither metric is arbitrary, and you’ll likely have to crunch a lot of numbers and coordinate with virtually every business unit to determine the most accurate objectives.

3 – Scope out the technical mechanics.

The hybrid era of IT, for all its benefits, only makes Data Disaster Recovery Plan planning more difficult. Critical business processes and applications exist in a complex web of interdependencies. You’ll have to map relationships across server, storage and network infrastructure and develop accurate scripts to ensure apps function like they’re supposed to in the recovery environment.

4 – Select an appropriate failover site.

Traditional Data Disaster Recovery Plan requires redundant infrastructure in which to failover. Not only is this pricey, you have to choose a site that makes sense geographically (i.e. – low odds of being affected by same event) and offers an SLA that’s up to your current standards.

5 – Take advantage of the cloud.

For many organizations, designing a robust Data Disaster Recovery Plan is significantly impeded due to extremely high cost and resource requirements. Data Disaster Recovery Plan as a Service (DRaaS), however, is a cloud-based solution that eliminates the heavy capital expense, putting Disaster Recovery within reach of companies unable to acquire the redundant infrastructure needed to restore service. EADH offers a comprehensive DRaaS solution for hosted private cloud customers that includes seamless failover and failback, an RPO within seconds, and an RTO within minutes.

6 – Document, Test, Refine.

This is the hat trick of ensuring effective execution. Each of these components is critical. Your plan needs to be specific and detailed. Plans, procedures, responsibilities and check lists should be clearly documented. You want your team to have clear marching orders and leave little to interpretation in the middle of a crisis.

Call us now and dont be a victim of disaster like Kamau and you are hit when least expecting with a huge cost waiting for you only if he had a Data Disaster Recovery Plan.

Contact us now

If you’ve lost valuable, irreplaceable data   or need Data Recovery Plan for your Oraganisation or business— We can save it! Call us now at +254 711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands, Kenya. Best of it, we have distributed offices all over East Africa and can easily get your device brought to us from anywhere in East Africa.

Also  we have other services in data recovery for various  devices; Hard Drives, Laptops, Desktops, Raid SystemsRAID / NAS / SAN , Servers, Memory Cards, Flash Drives, Databases, SSD Drives etc

East African Data Handlers ltd  no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

Share this
07 Mar

Bad Hard Drive and PC Freezing

Bad Hard Drive and PC Freezing

Many people are unaware of the importance of the hard drives to their PCs. The hard drive stores their most important information and it would be good to make sure that it is in good condition. The question posed then would be: How does one know when they have a bad hard drive?

One sign of a bad hard drive is if your computer system keeps rebooting. When you startup your computer and during the boot process it restarts or reboots on its own then that is an indicator that you have a bad hard drive. This is mainly caused by the presence of viruses in the boot files i.e. the boot files have been corrupted in such a way that when they are executed by the system, they sequence of booting is repeated over and over again. The virus corrupts the boot files by causing them to form a loop and this is why the computer will keep rebooting.

Another indication of a bad hard drive is when you experience many error messages. Some of the error messages you will experience are: ‘Missing Hard Drive’, ‘Operating System Missing’, ‘Hard Drive Failure’ and any other error message related to the hard drive. These error messages come about as a result of corruption of files in the hard drive, again caused by the presence of viruses.

PC freezing is another indicator of bad hard drives. If your computer freezes often, then the hard drive could be having problems. Freezing mainly occurs when the system takes long or is unable to locate certain files that may be needed to carry out certain processing. As stated a number of times in this article, one of the causes of freezing is viruses. This is because once corruption of files occurs, when the system locates them, it will take long to interpret them. The other cause of freezing is lack of hard drive space. If your hard drive is overloaded with a lot of information, locating some files will take long and may lead the computer to freeze.

If you find you are in this situation and are in fear that your data will be lost do not despair.

Contact us now

If you’ve lost valuable, irreplaceable data  — We can save it! Call us now at +254 711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands, Kenya. Best of it, we have distributed offices all over East Africa and can easily get your device brought to us from anywhere in East Africa.

Also  we have other services in data recovery for various  devices; Hard Drives, Laptops, Desktops, Raid SystemsRAID / NAS / SAN , Servers, Memory Cards, Flash Drives, Databases, SSD Drives etc

East African Data Handlers ltd  no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

Share this
02 Feb

How to Recover a Corrupted Hard Drive

Having a Corrupt Hard Drive

Corrupted hard drives can be recovered’ is statement many people don’t believe. Most computer users know that once the hard drive fails that is the end of their information. But I have come to give you good news. Your information in that corrupted hard drive can be recovered. Here is how:

One way you can do this is by using recovery software. There are some certain software that can be used to recover data and files that have been lost. This software can also be downloaded for free from the internet. But extreme care should be taken when using this software. My view is that you don’t use this software at all. This is because your hard drive could be having physical problems that may be causing it to be corrupted. Using this software can actually have disastrous effects where you can lose your data permanently. You may think it is a cheap way but it may cost you more. The next method is the one I would recommend.

You can opt for data recovery services. These kinds of services are done by professional data recovery experts. These are people who are well trained in the data recovery process. They have acquired the necessary skill, technology and tools for performing data recovery. All you have to do is to send your hard drive to them. When they receive it, a thorough diagnosis of the problem will be done. A report detailing the results of the diagnosis will be forwarded to you so that you can have a scope of the problem the experts are dealing with. Once you agree on whether the process should proceed, they will begin the recovery process. Depending on the amount of data to be recovered, it will take an average of 3-4 days to perform the recovery. After the data has been retrieved it will be given to you in the storage device of your choice.

Contact us now

If you’ve lost valuable, irreplaceable data  — We can save it! Call us now at +254 711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands, Kenya. Best of it, we have distributed offices all over East Africa and can easily get your device brought to us from anywhere in East Africa.

Also  we have other services in data recovery for various  devices; Hard Drives, Laptops, Desktops, Raid SystemsRAID / NAS / SAN , Servers, Memory Cards, Flash Drives, Databases, SSD Drives etc

East African Data Handlers ltd  no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

Share this
28 Jan

Methods of Database Recovery

Have you dropped your laptop? Is it overheating? Is your Database having issues? Do you Suspect the hard drive has Crashed?

Any information belonging to an organization is usually stored in form of a database. In case information is lost in the database, it would have major negative effects on the organization. Data recovery analysts have found out that it can cost you upto $8000 per MB to recreate client information. This is because of various costs that may be incurred such as overtime pay of re-entry, transportation costs for the client and also communication costs.

To help reduce on these costs, it would be good to employ database recovery services. It would cost a few thousand dollars but is way cheaper than the cost of recreating data. In case of data loss, some steps have to be taken in order to assure safe backup and full recovery of all lost information is done.

The first important step is to choose the most appropriate database recovery. At the moment, there are three methods of database recovery.

The first one is the simple database recovery. This method is used when a database administrator decides that the transactions are not as important as the main data of the database. In this case, one only needs to save the main data and ignore the transactions that had occurred. The data can be recreated in a short time and may not necessarily need experts to do it. But it is good not to take a chance because if one is not careful, you may end up losing all the information in the database.

The second and the third method include full recovery and bulk-logged recovery. In these two methods, one has to protect both the data in the database and all the necessary transactions relating to the database. These 2 methods are more technical and sophisticated. The have to be done with experienced technicians such as data recovery specialists. In addition, the above methods need more system requirements and disk drive space. The data recovery experts will come with the necessary software to carry out recovery. This will all depend on the scope of failure experienced. If the failure is major, then they will have to take your server and perform the recovery in their labs. Otherwise, they will just run the recovery software and will be able to recover your data.

Contact us now

If you’ve lost valuable, irreplaceable data  — We can save it! Call us now at +254 711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands, Kenya. Best of it, we have distributed offices all over East Africa and can easily get your device brought to us from anywhere in East Africa.

Also  we have other services in data recovery for various  devices; Hard Drives, Laptops, Desktops, Raid SystemsRAID / NAS / SAN , Servers, Memory Cards, Flash Drives, Databases, SSD Drives etc

East African Data Handlers ltd  no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

Share this
27 Jan

What causes your computer to lose files?

What causes your computer to lose files?

As you use your computer, beware that you can lose your files at any time. Here are some situations and things that may cause you to lose your file:

Human error:

As a human being, you are bound to make a few mistakes here and there. One way this can occur is through accidental erasure. For example, let’s say you are working on a certain document and you accidentally hit the delete button. When a dialog box appears, you just click ‘OK’ and continue. You may have not noticed but probably you might have deleted a certain folder. It was done mistakenly and you probably did not know what was going on. Such situations happen and in this way you may end up losing your files.
Another way human beings can cause loss of files on your computer is by allowing other people to use your machine without access. They may come and delete some of your files, either deliberately or accidentally.

Viruses:

Viruses are programs written to bring about corruption of files, especially files stored in storage devices like hard disks and USB flash disks. Viruses can be gotten from the internet i.e. by accessing certain sites (especially porn sites), downloading certain free software, email attachments and also from external storage devices that are introduced to your computer . The virus will infect your computer files and thus will become corrupted. This is why in most cases when you look for certain files, they cannot be accessed. They are in a corruptible form. The worst part about computer viruses is that, like their medical counterparts, they replicate to infect many files.

This is one of the reasons why when purchasing a new computer , it is recommended to install anti-virus software to protect your computer against viruses.

Contact us now

If you’ve lost valuable, irreplaceable data  — We can save it! Call us now at +254 711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands, Kenya. Best of it, we have distributed offices all over East Africa and can easily get your device brought to us from anywhere in East Africa.

Also  we have other services in data recovery for various  devices; Hard Drives, Laptops, Desktops, Raid SystemsRAID / NAS / SAN , Servers, Memory Cards, Flash Drives, Databases, SSD Drives etc

East African Data Handlers ltd  no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

Share this
19 Jan

Wonder Why Hard Drives and Memory Cards Have Less Space Than Advertised?

Wonder Why Hard Drives and Memory Cards Have Less Space Than Advertised?

Today we are going to learn something that not everyone has taken keen about but somehow have always wanted to know why this is happening. ” Less Space in Memory Cards and Hard Drives

Have you ever wondered why computers always indicate that your hard drive or memory card has a smaller storage capacity than what’s advertised on the box (and the card itself)? No, it’s not because you got a defective card, it’s not because your

14 Jan

7 Common IT Problems

Some of the 7 Common IT Problems

Each month ,  at East African Data Handlers we resolve numerous technical data recovery problems that are on either support calls and emails ranging from simple to advanced problems that some result to data recovery . We have compiled the below list  of what we consider to be the top 7 most common computer problems.

List of  7 Common IT Problems are:

1 Installation of Malicious Software (popularly known as Malware):

This problem includes viruses, spyware, adware, trojan horses, worms, rootkits and any other piece of software designed to harm you or your computer without your consent.

2  Experiencing Slow Computer:

Computers are like new homes or apartments; if you don’t make good use of your space and resources they get filled with clutter as time goes by.

3 Internet or Network Connectivity Issues:

One day you are connected but the next day you can’t connect. Nothing has changed and you can’t figure out what to do. Find out why.

4 Dust and Cigarette Smoke:

Computers generate static electrical charges that attract dust and cigarette smoke when present in the environment.

5 Hard Drive Failure:

If you start hearing loud sounds that you were not hearing before, be scared because those sounds could be coming from your hard drive.

6 Dead Power Supply:

When you press the power button and your computer gives no sign of life, and all the lights are absent, then the most likely cause is a power supply failure.

7 Missing CD / DVD Drive:

If your CD/DVD drive disappeared, is not recognized by other applications, or just won’t play or access your CDs or DVDs, you are not alone.

We  recommend to very carefully with all your electronic devices to avoid data loss. But in case your loose your data check below our contacts and our other services we offer.

Contact us now

If you’ve lost valuable, irreplaceable data  — We can save it! Call us now at +254 711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands, Kenya but have distributed offices all over East Africa.

Also  we have other services in data recovery for various  devices; Hard Drives, Laptops, Desktops, Raid SystemsRAID / NAS / SAN , Servers, Memory Cards, Flash Drives, Databases, SSD Drives etc

East African Data Handlers ltd no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

 

Share this

© 2015  East African Data Handlers. All rights reserved.