Cybercrimes are constantly on the rise by using third party windows themes, especially in the wake of the global outbreak of the Novel Coronavirus. The pandemic has forced people to stay inside and refrain from social interaction. It means they have been doing their office work from home since the rise of the pandemic.
Cybercriminals found a great opportunity in this development since most of the home-based computers and networks were not equipped with the best security protocols. The threat has magnified the importance of DDoS protection, virtual patching, etc. People can easily check the health of their machine by conducting a free scan online. However, DDoS attacks are not the only threat to internet users worldwide anymore.
Windows 10 Themes Used for Stealing Passwords
Hackers and spammers continue to roll out the latest ploys to steal information and compromise systems as well as networks. One of their favorite ways to go about their job is by using third-party Windows 10 themes to hack computers and steal information.
So, if you are someone who likes to try out different third-party Windows 10 themes, you have to be very careful and cautious. Hackers use these third-party Windows 10 themes to steal your Microsoft password. Once you lose your password, you play in their hands.
The use of Windows 10 themes for stealing passwords was first brought to light by Twitter user “Bohops”. Jimmy Bayne, the handler of the Twitter account, reported that Windows 10.theme files can be set to automatically download images from the internet. It doesn’t pose a colossal threat until it asks for your Microsoft username and password. Once you key in the Microsoft credentials, the username (plaintext format) and password (NTLM hash) are dispatched to the server that hosts the image to be downloaded. The issue with NTML hash is that they are easy to crack. Anyone can use any of the dozen password-cracking solutions to decode the NTML hash in a matter of few seconds.
Your Credentials are no more Private
What it means is that once you download the third-party Windows 10 theme using your Microsoft credentials your credentials are not private any longer. And if you have set up remote-desktop access on your personal computer, the hacker who lets you download the third-party theme can easily use your Windows username and password to log into the remote desktop. However, there is something you would be glad to know here. The remote-desktop access is not a part of Windows 10 Home and is not enabled by default in any of Windows 10 Pro or Enterprise versions.
How Cybercriminals Exploit your Credentials?
If you don’t have remote-desktop access set up on your PC, it is not that a dangerous issue in general. But it is indeed a grave danger since Microsoft wants its users to key in their credentials to use the machine. If your Windows account credentials are stolen, the person can only access your machine with it. However, when you lose your Microsoft account credentials, the cybercriminals gain access to your Office 365, Xbox Live, Outlook.com, OneDrive, and other Microsoft products and service accounts. You can imagine how detrimental this situation can get. And it is you who can ensure your safety over the internet because the situation is not going to change anytime sooner. Microsoft has been using NTML hashes for over two decades now, and it is unlikely to change its course. So, if you are setting up your new PC, you will have to use your Microsoft credentials for that. Since it is a feature by design, users don’t stand a chance to guard against this threat.
Big Question: How to Protect?
After going through the above discussion, you must be wondering how to protect against this grave threat. Can we go for DDoS protection or virtual patching? Or can a free scan help identify such threats?
Well, the good news is that you can do a number of things to protect yourself from this threat. The following tips will guide you on how you can protect your machine from getting into the hands of cybercriminals.
- The first and the foremost thing you can do is to never download a third-party Windows 10 theme.
- If you really have to download a third-party theme, make sure that you don’t get it from any random website performance tools. Also, make sure to never download it from an email. Always make sure you get the themes only from the Microsoft Store.
- Always make sure to set up two-factor authentication for your Microsoft account.
How to Set Up Two-Factor Authentication?
If you only set up two-factor authentication, you would save yourself from getting solutions for DDoS protection or going for virtual patching. Once you set it up, it will make a hacker’s job a lot harder than you can think. Even if they have your Microsoft password, you will still have control over your account.
Here is how you can easily set up two-factor authentication for your Microsoft account.
First of all, create a second Windows account that has a local-only set of credentials.
- Now use this account for your daily computing needs. This way, the person with the password of your Microsoft account will not be able to gain access to your machine.
- If you want more security, you can give your second Windows account only limited privileges. This way you will stop it from installing, deleting, or even modifying most of the installed programs on the machine.
- Another way to ensure your safety is by turning off the remote desktop settings. You may do that by typing “Remote Settings” into the Cortana search box and find settings on the relevant page. If your version of Windows 10 doesn’t support a remote desktop, it is good for you. If it’s not, then find the Enable Remote Desktop button and switch it off.
Block Theme Files
This is another way to make sure that your machine is safe from cybercriminals. According to Bayne (Bohos), you can protect your computer by blocking or re-associating the .theme, .themepack, and .desktopthemepackfile extensions to a different program. When you change their extension files, you break the Windows 10 themes features. So, use it only if and when you don’t need to switch to another theme.
Restrict NTLM Hashes
Since Microsoft uses NTLM hashes for sending traffic to its remote servers, restricting them can be a good ploy against any hacking attempt. You can configure a group policy “Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers”. Now you can set it to “Deny All” which will block your NTLM credentials from traveling to remote servers. However, this setting may affect your overall experience if you use Windows 10 Enterprise version because it offers remote access.
The Concluding Remarks
Internet users have resorted to getting DDoS protection in recent times because of the sudden rise in hacking attempts. You might have also experienced such an attack or might experience it in the future, so it is better to know everything about these attacks and how you can prevent them by going for virtual patching or running a free scan on your computer.
The cybercriminals will leave no stone unturned to gain access to your machines, networks, and accounts, so it is your duty to stay proactive and put into place the right solutions. This will keep you from losing your precious data and also from getting your system or network compromised.
Post comments (0)