90
NSA Warns iPhone And Android Users To Turn It Off And On Again
(www.forbes.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 31 May 2024
90 points (97.9% liked)
Cybersecurity
5537 readers
43 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 1 year ago
MODERATORS
You can't activate malware by restarting your system. There's no reason why an attacker would wait for a restart to do what they want to do.
What can happen is that restarting doesn't help fix anything related to malware if the malware has been written to gain persistence. It'll edit the registry so that it can run on startup, so restarting your system makes no difference.
They might be thinking of malware spread on floppy disk or a usb stick. A restarting computer with sus media inserted might have treated them as a boot device back in the day and run the executable code with higher privileges
It would entirely depend on the design of the malware. If a malware author wanted to chronologically separate infection from detection, doing persistance and then not activating until next reboot wouldnt be unreasonable.
For example, if a user visits a site, and 10 seconds later their PC gets cryptolockered, they can report the site. If they visit a site, and then a hundred others, and then 10 days later their PC reboots and gets cryptolockered, they will have no idea which site did it.