SignFlow broadens horizons, rebrands as SigniFlow

Featured

SignFlow rebrandWe have spread our wings and taken to international shores…introducing our new, fresh look.

As a South African technology team with a spirit of innovation at the heart of our being, change and growth are two things we at SignFlow prize very highly.

Which is why we are so excited to announce that SignFlow has spread its wings, recently journeying beyond the African continent, into Europe, the United Kingdom and the Americas.

As an embodiment of this globalisation, we have decided to consolidate our local and international branding, which goes hand in hand with a fresh new look – including an awesome new website and epic new logo…

Introducing SigniFlow

The international offering of SignFlow (.co.za) is called SigniFlow (.com), which – as of May 2018 – is officially the successor to SignFlow.

While all old and existing marketing and training material and other content will still be branded as SignFlow – along with the old logo and look – it all remains 100% relevant.

SignFlow has been around for a few years, having made indelible footprints in cyber space, so the transition to SigniFlow is going to take some time. Our focus right now is on all of our branding going forward, so all new material and content will be branded SigniFlow.

What does this mean for you?

Well, to cite Coca-Cola, “Brand new look. Same great taste.”

SigniFlow, like SignFlow, is still the same world-class, local solution it has always been – just with a facelift. Think of it as a better looking version of the same great product.

SigniFlow is still Proudly South African. Nothing in terms of ownership of SignFlow has changed. SigniFlow – the new, fresh-faced SignFlow – is a 100% South African-owned product.

SigniFlow is also proudly protective of what matters most our customers: sensitive data. In terms of the storage of and access to your valuable files and data, fear not – this, too, remains unchanged. Your files are exactly where they were before, and still just as safe and secure as they have always been, in our South African data centres.

Finally, putting the cherry on top of this exciting transformation, the South African SigniFlow system is currently being revamped, and will be updated with the release of SigniFlow v4.0 during the third quarter of 2018.

Exciting times ahead, indeed. Onward and upward!

Please don’t hesitate to contact us with questions or for more information on 010 300 4899 or support@signflow.co.za.

Data protection D-day is here – SA companies take heed

Featured

gdrpGDPR is here, and for organisations that deal with any personal information relating to EU member states, non-compliance will be ruinous.

The countdown has ended. D-day for enforcement of the European Union’s (EU) General Data Protection Regulation (GDPR) is here.

As of today, 25 May 2018, penalties will begin rolling in for organisations that have not yet taken the necessary steps to ensure they are compliant with this restructured – and considerably more stringent – set of data protection regulations.

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection for EU citizens.

But just because the GDPR is an EU regulation, South African organisations are by no means off the hook. On the contrary, experts warn, local companies need to take the GDPR – positioned as one of the most significant changes in data privacy regulation in 20 years – very seriously.

The inescapable fact is, any South African company that handles personal data connected to the EU has to comply with the GDPR, and failure to do so will be met with the same major consequences EU organisations face for non-compliance.

Far-reaching forces

Over recent decades, not only has personal data has become an increasingly important corporate asset that needs to be handled with extreme care, it has also become geographically agnostic. This means that, today more than ever, with the exponential growth of data propagated across borders, organisations globally need to take a staunch and unified approach to guarding it.

South African organisations, big or small, are no different – and the GDPR is not the only government-led product of this hugely digital age, nor will it be the last, it is merely the latest one to be enforced.

Leilani Smit, compliance professional at Smit Compliance (Pty) Ltd, notes that the GDPR applies to any local organisation that holds or processes data on EU citizens, regardless of the location of its head office. “This includes companies that have employees in the EU, sell or market products or services in the EU, or partner with EU organisations.”

Leon van der Merwe, head of digital at customer communication firm PBSA and director of local digital signature and workflow solution SignFlow, adds that any South African entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

World Wide Worx MD, Arthur Goldstuck, says the effects of the GDPR will be far-reaching due to the fact that the EU is SA’s biggest trade partner. “[On top of this], any company that does business with a company that has to comply with GDPR, will also have to comply, to ensure the client is in compliance.”

GDPR vs POPI

Fortunately for SA, details around the country’s own local version of data protection policy – the Protection of Personal Information (POPI) Act – have been highly publicised since 2013, and many companies will already be familiar – some even largely compliant – with what is expected of them in terms of data protection.

Summing up SA’s POPI Act, Michalson’s says: “Essentially, the purpose of [POPI] is to protect people from harm by protecting their personal information. To stop their money being stolen, to stop their identity being stolen, and generally to protect their privacy, which is a fundamental human right.”

Although – unlike the GDPR – it is still not known when POPI will come into effect, what is known is that companies will have a one-year transitional phase in which to comply once POPI’s implementation date is made public.

Smit says, should a local company already be compliant with international legislation such as GDPR, the implementation of policies to comply with POPI “should be a breeze and not require anything other than normal company practices and procedures”.

Van der Merwe says POPI and GDPR are similar in that both are intended to strengthen the protection of individuals’ personal information and privacy, and it is precisely this element – intention – that is key here, says Goldstuck.

The high price of non-compliance

Another area in which both sets of rules are similar, is in the hefty fines that come with non-compliance.

In a nutshell: breach rules laid out in the POPI Act, and face a R10 million fine and/or a jail sentence; fail to comply with the GDPR’s regulations, and be prepared to be slapped with a fine of up to €20 million (about R290 million) – or 4% of annual sales (whichever is greater).

Smit comments: “In South African terms, POPI already poses strict penalties for non-compliance, however as far as our Rand stretches, the GDPR’s penalties will definitely cause sleepless nights.”

Although possibly the biggest concern for companies, Smit notes that financial implications are not the only implications they should be worried about. “Not only can non-compliance result in fines and penalties set by the legislation itself, but [the] reputational damage of not processing information correctly, can often be more damaging that the initial penalty itself.”

It is this high price of non-compliance IT and legal experts hope will drive South African companies to do the right thing – not only for themselves, but ultimately for their customers – and fervently strive to meet GDPR compliance criteria.

Consumer-centric control

Van der Merwe says it is all about the consumer. “Both GDPR and POPI were ultimately created to protect the consumer’s privacy. We are all someone’s consumer, and even small businesses owners need to think carefully and logically about areas in their business where personal information is processed or stored, and what vulnerabilities may exist in their processes.

“For instance, we all receive CVs that contain heaps of personal and even sensitive information. Often, after a host of interviews, only the person’s CV that is employed, is securely transferred to a digital or physical vault in HR. What happens to the rest of the CVs that did not make it? It is the responsibility of any business to have policies and procedures to timeously and responsibly destroy such information. Simply identifying these vulnerabilities and implementing logical measures to manage them, is a good start for any size business.

“GDPR is a good thing that could be very bad news for companies, if they fail to provide evidentiary and auditable processes and adequate IT security to protect personal data.”

Goldstuck adds that it is not only important, but essential, that South African companies have a global view on data protection. “Something as simple as having a website hosted on an international platform can make a company liable to sanction under GDPR.”

Teaming up with tech

When it comes to local companies complying with the seemingly daunting and complicated GDPR in a relatively pain-free way, experts agree technology will be key. Software systems that offer automation, content management, enterprise resource planning and accounting, among others, will become a lifeline for many companies in their quest to comply.

Van der Merwe says existing paper-based processes and antiquated electronic systems that were created prior to factors such as the GDPR and POPI, pose major risks of contravening their laws and directives. “It is all about how businesses – and governments themselves – are going to align their physical and data processing practices with the new requirements and legislation. New regulations that enforce concepts such as the right to be forgotten pose major challenges if not considered in the process from the outset.”

Goldstuck says, while the data protection laws necessitate considerable changes in the ways businesses operate and interact with customers, good compliance systems will provide most of the safeguards they need.

“Businesses will have to get permission for almost every interaction with customers, they will have to become more discerning in what information they require from customers, and they will have to institute strict compliance systems to ensure they do not fall foul of these laws. As a result, compliance officers, CIOs and CTOs will have more direct roles to play in customer strategy.”

Don’t delay

Although not yet enforceable, the commencement date for POPI has been looming large on the horizon for some time now, with many expecting it by the end of 2018.

Despite this, say experts, many organisations are far from being ready. Goldstuck says: “Most large businesses have geared themselves up to comply with POPI, although many have not put this gearing up into effect. However, there is also an impression that many companies are simply not bothering until they are forced.”

Forrester’s 2018 predictions indicate that a whopping 80% of firms will not comply with GDPR regulations by May this year.

This has to change – and fast – says Smit. “Businesses can no longer just take a backseat and hope this will pass by or fly over.  Active steps will have to be taken in an organisation, for instance staff training, risk assessments and creating an ethical culture within an organisation, specifically with regards to processing personal information.”

 

 

[REFERENCES]

  1. EUR-Lex – Access to European Law
  2. org – Web learning resources for the EU General Data Protection Regulation
  3. Government Gazette (justice.gov.za) – Act No. 4 of 2013: Protection of Personal Information Act, 2013
  4. Michalson’s – POPI Act Summary in Plain Language
  5. Forrester – Predictions 2018: A Year of Reckoning

Data protection: SA companies need to take a global stance

Featured

how-to-comply-with-the-data-protection-act-457501399With the implementation of the EU’s data protection laws just around the corner, local entities need to study up on how it could affect them.

D-day for implementation of the European Union’s (EU) General Data Protection Regulation (GDPR) is just three months away – and South African organisations are by no means off the hook.

If you are a South African entity that handles individuals’ personal data, you will be acutely aware of our country’s data protection law – the Protection of Personal Information (POPI) Act – but have you considered how the looming GDPR affects the way you manage clients’ personal information?

The fact of the matter is, if you are a locally-based business that offers goods or services to EU customers, you also deal with personal information or data relating to EU citizens’ – and you are just as responsible for complying with the GDPR as any EU business.

Leon van der Merwe, head of digital at customer communication firm PBSA, points out that any entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

GDPR vs POPI

Van der Merwe says it is crucially important for local companies with dealings abroad to do their homework and familiarise themselves with the GDPR’s ground rules. “Companies could be fined heavily under GDPR regulations if they fail to provide evidentiary and auditable processes, as well as adequate IT security, to protect personal data.”

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection EU citizens.

Non-compliance with the GDPR comes with a hefty fine of up to €20 million (about R290 million) – or 4% of annual sales.

Similar to SA’s POPI Act, the GDPR is all about data protection. Data includes things like a person’s name, email address and phone number, as well as information collected by website cookies like internet browsing habits.

Breaching rules laid out in the POPI Act comes with a R10 million fine and/or a jail sentence.

Van der Merwe summarises the parallels between the two data-protection directives: “POPI and GDPR are similar, in that they both aim to strengthen the protection of personal information. They differ in their approach, in that the GDPR takes a wider, more global perspective that includes anyone, anywhere either controlling or processing – or both – data relating to EU citizens.”

Auditable business processes

A big part of compliance, when it comes to both the POPI Act and the GDPR, specifically involves audit trails – something PBSA’s digital signature and workflow product, SignFlow, is heavily centred on.

For evidentiary purposes and in order for any company to assert GDPR compliance, the automated management of an audit trail is imperative.

Van der Merwe says SignFlow is can assist customers in their strategy to automate and digitise processes in a responsible and compliant manner. “Business Process Automation is at the forefront of our technology development at SignFlow, including tools like DocFlow, CaseFlow and our digital customer on-boarding tools.”

At the core of SignFlow, he says, is Public Key Infrastructure (PKI). “PKI manages users’ private keys, and signs and secures documents using Public Key Cryptography. Not only does this make documents tamper-evident after they’ve been signed, but the entire operation is conducted in a secure network over encrypted secure socket layers between the public, personal devices and private servers.”

Unlike paper files and systems managing email attachments, this portal fully controls and audits the workflow and communication channels between interacting parties. “This greatly reduces the risk of data leaks,” says van der Merwe.

“The system enhances non-repudiation, creating a digital trail of undeniable events that prove intent and identity.”

With GDPR set to come into effect on 25 May 2018, and the high stakes attached to non-compliance, South African companies simply cannot afford not to take a global view on data protection. “The protection of personal information goes far beyond just the POPI Act for local companies dealing with international customers,” says van der Merwe.

 

[REFERENCES]

  1. Digiday – For the GDPR-curious: WTF is the Article 29 Working Party?
  2. The Digiday Guide to GDPR (PDF)
  3. The Sun – What is GDPR, what does it stand for, when is the deadline in 2018 and how can you check if a business is compliant?
  4. Michalsons – What does the GDPR mean for the POPI Act?
    POPI commencement date or POPI effective date starts the clock
  5. Wikipedia – General Data Protection Regulation
  6. IOL – Protection of Personal Information Act soon to become a reality
  7. ITWeb – Unpacking the POPI Act: The ins and outs of protecting personal information

The future of digital onboarding is here

Featured

An integration between two of pbDigital’s software platforms makes it possible for financial institutions to digitally onboard customers in record time.

A recent integration between SignFlow and pbVerify has created a platform for digitally onboarding customers that is about to change the way credit is granted –in terms of risk management, compliance and convenience.

Although pbVerify has offered digital onboarding – an advanced customer activation product designed for financial institutions – for some time, never has this tool been as powerful as it is now, with the incorporation of SignFlow digital signatures.

Digital onboarding was introduced specifically to A) improve the customer experience by making it easier for them to activate and use financial services products, and B) give financial institutions a more secure and scalable means of growing their business.

That said, it makes no sense for institutions and their customers to have to switch back to manual halfway through the digital process of onboarding, to finalise the process with signatures – the old way of doing things.

Since pbDigital is all about innovation, meet the new way of doing things…

Now, with pbVerify’s integration with SignFlow, you can say goodbye to the expensive and onerous manual methods associated with finalising the process of customer onboarding – printing of forms, signing by hand, scanning, uploading and emailing – and say hello to a new fast and fail-safe system that allows institutions to onboard customers entirely online, in a fraction of the time and at a fraction of the cost.

No longer do red tape and geographical circumstances play a part in how long it takes to finalise the onboarding process. With SignFlow, it is simply a case of sending the completed online form to the designated signatory or signatories for approval – all via a secure, legal online platform. No more physical records, no more running around, no more waiting – and, most importantly, no more jeopardising of customer data.

Compliance & security

In today’s legal milieu, with the Financial Intelligence Centre Act (FICA) of 2001 and the Protection of Personal Information (POPI) Act of 2013 binding businesses to stricter data protection criteria than ever before, there is no margin for mistake.

With pbVerify and SignFlow behind your onboarding process, FICA and POPI compliance concerns are a thing of the past.

These software platforms – now integrated into one seamless onboarding solution – offer financial institutions an efficient and guaranteed means of making sure business processes and IT systems comply with the law when dealing with customer data.

 

This is how our new onboarding solution works, in a nutshell:

Front-end: Customer Online App

  1. The customer fills out pbVerify’s intelligent digital onboarding form (complete with auto-population and including Home Affairs/CIPC verification, as applicable).
  2. Details of the designated signatory or signatories (approver/s) are entered.
  3. The signatory/signatories are notified pbVerify has received a customer activation form, of which they are the listed party/parties responsible for sign-off.
  4. The said party/parties follow the link provided, and sign the application form online using SignFlow.
  5. The application process is complete.

Back-end: Admin/Credit Control

  1. Once the customer has completed the application, admin/credit control will get notified of a pending application and can log in to the admin portal, in order to run the required credit and compliance checks.
  2. The digitally-signed agreement/contract can be downloaded online for review and compliance validity confirmation.
  3. If required, different checks can be generated such as CIPC, Bank Code Updates and Full Credit reports.
  4. Once checks are done, the system can notify the relevant department of the application status and pending credit facility.

NOTE: All internal checks are scoped according to customer-specific scope and requirements. This is all customisable, according to business’ specific needs.

Welcome to the future of digital onboarding – an error-free, fast, secure way of procuring new customers.

 

ABOUT OUR COMPANY

pbVerify and SignFlow are products of pbDigital, a division of customer communications firm PBSA.

About pbDigital

pbDigital is the software division of PBSA, which specialises in a range of software products designed to help clients communicate more efficiently with their customers.

pbDigital’s software offerings can be classified according to the following categories:

  • eSign document workflow, digital signature and PKI integration solutions (SignFlow https://www.signflow.co.za/)
  • Credit risk management, data & credit bureau API integration and customer on-boarding
  • Enterprise content and document management
  • Business process automation software with multi-channel output tools and workflow

 

About PBSA

With a rich history of innovation dating back over 90 years, PBSA (formerly Pitney Bowes SA) is a leading customer communications company, offering software, equipment and services to help companies improve operational efficiencies and connect with their customers in more meaningful ways.

Based in Midrand, Gauteng, PBSA understands both hardware and software solutions and is optimally positioned to provide a secure, committed support infrastructure to its Southern African customer base. The company’s solutions help companies engage customers, gain business insight, manage document workflow and ultimately optimise overall business performance.

PBSA believes innovation and growth go hand-in-hand with long-held ideals such as collaboration, integrity and accountability.

PBSA embraces the fast-changing world of technology, which today sets the tone for the business going forward. The company has transformed – and continues to transform – from a purely paper-based to an integrated digital business that serves the market through its own time-honoured patented technology and an extensive network of channel partners.

Everything the company does has one goal – to help its clients communicate more effectively with their customers.

SignFlow engineers terminate menacing Bitcoin virus

Featured

pic for SignFlow bitcoin blogA dangerous Bitcoin-mining virus has been detected and disabled by two of our IT experts.

A potentially devastating Bitcoin-mining virus has been stopped in its tracks, thanks to the vigilance and quick actions of SignFlow (a PBSA brand) engineers William Vermaak and Morne Wilken.

Vermaak and Wilken detected malicious activity on one of their customer’s servers last week, immediately analysed the source of the virus and un-infected the server.

According to Vermaak, the virus had gone undetected by all available virus packages. “We submitted samples to ESET the next day and [the company] immediately responded from its virus lab in Denmark, confirming the virus was wild and that detection for the threat had been added to its latest definition updates.”

Founded in 1992, ESET is a Slovakia-based IT security company that offers anti-virus and firewall products such as ESET NOD32. The security company named the virus winlog.VBS – VBS/TrojanDownloader.Agent.QE trojan winlog.bat – BAT/CoinMiner.UG Trojan.

By the time of detection, the virus had already infected 0.04% of Windows computers in South Africa, while Russia was hardest hit, with 0.5% of all Windows computers infected. Windows is currently the most popular end-user operating system in the world.

Essentially a Bitcoin-mining virus, the Winlog Virus downloads a Bitcoin CPU miner on the victim’s computer, and then mines Bitcoins for the virus originator. Vermaak says this type of virus is particularly evasive. “It tries to make itself resilient and configures various system schedules to start it again if it’s stopped. The virus will also install itself on the system as a system service.

“The virus infiltrates the System Registry and changes some keys to make itself run again if it’s shut down. Shortcuts on the victims’s Desktop are modified to run the virus and these then run the original program, in an attempt to mask it’s presence. The virus also copies itself into various other files on the system – including Microsoft.exe – to try ensure resilience.”

Prevalent pest

According to Manuel Corregedor, chief operations officer at information security company Telspace Systems, Bitcoin-mining viruses have become rampant. “There has definitely, in recent times, been an increase in Bitcoin-mining viruses – in particular the diversification of the type of currencies they mine.”

Almost three months ago, Russian president Vladimir Putin’s Internet advisor, Herman Klimenko, issued a dire public warning that 20 to 30 percent of all computers in Russia were infected with computer malware designed to turn devices into Bitcoin-mining machines.

At the time Klimenko told Moscow-based news broadcaster RBC that viruses that install bitcoin-mining software are the “most common and most dangerous” type of computer malware in existence.

Corregedor says the main issue Bitcoin-mining malware creates, is that it negatively impacts the performance of the victim’s computer. “[The malware] does this by stealing/utilising the infected computer’s resources (CPU, GPU, RAM, etc). This may result, over time, in increased wear and tear, which may cause the computer to fail or cease.” On top of this destructive consequence, he adds, there are other costs associated with increased power consumption.

But this destructive malware goes even further. Apart from the said performance impact, Corregedor notes that – apart from mining Bitcoins – it  has also been seen launching web- and network-based attacks, such denial of service attacks, login brute force attacks and web application attacks.

“It should also be noted that the danger [with Bitcoin-mining malware] is further increased due to the fact that [it] has been found to be infecting Internet of Things devices i.e. web cameras, routers, Network Attached Storage devices, etc.  The infections have mainly occurred due to these devices having default credentials configured on them – for example user name admin and password admin on a router.”

Protection pointers

Corregedor says users can protect themselves against these kinds of malicious virtual attacks by ensuring their operating systems (Windows, Linux etc) are up to date with the latest security updates (patches).

He gives the following pointers:

  • Ensure you have anti-virus software installed and that it is up to date
  • Ensure your devices are not using any default login credentials and/or weak login credentials, in particular devices such as routers
  • Enable/install a Firewall
  • Install a HIPS (Host Intrusion Prevention System)
  • Be cautious/aware when it comes to receiving unexpected emails with attachments and/or installing potentially unwanted software

“Attackers are constantly scanning the internet looking for devices that are not up to date and/or are not configured securely (for example using default credentials).  Once such systems are identified, they are infected with malware,” he warns.

“Additionally, attackers are also constantly sending out spam/phishing emails that contain malicious attachments.”

Corregedor says, while South Africa is just as vulnerable as any country when it comes to infection, the country’s lack of a National Information Security Awareness campaign could render it in deeper danger.

SA experts stop bitcoin virus

Published by IT-Online on 17 October 2017

A dangerous Bitcoin-mining virus has been detected and disabled by two Johannesburg-based IT experts.

White hat ethical hacker William Vermaak, from PBSA’s digital arm pbDigital, and senior software developer Morne Wilken, detected malicious activity on one of their customer’s servers last week. The two immediately analysed the source of the virus and uninfected the server.

According to Vermaak, the virus had gone undetected by all available virus packages.

“We submitted samples to ESET the next day and [the company] immediately responded from its virus lab in Denmark, confirming the virus was wild and that detection for the threat had been added to its latest definition updates.”

By the time of detection, the virus had already infected 0,04% of Windows computers in South Africa. Russia was hardest hit, with 0,5% of all Windows computers infected.

Essentially a Bitcoin-mining virus, the Winlog Virus downloads a Bitcoin CPU miner on the victim’s computer, and then mines Bitcoins for the virus originator.

Vermaak says this type of virus is particularly evasive. “It tries to make itself resilient and configures various system schedules to start it again if it’s stopped. The virus will also install itself on the system as a system service.

“The virus infiltrates the System Registry and changes some keys to make itself run again if it’s shut down. Shortcuts on the victims’s Desktop are modified to run the virus and these then run the original program, in an attempt to mask it’s presence. The virus also copies itself into various other files on the system — including Microsoft.exe — to try ensure resilience.”

Almost three months ago, Russian president Vladimir Putin’s Internet advisor, Herman Klimenko, issued a dire public warning that 20% to 30% of all computers in Russia were infected with computer malware designed to turn devices into Bitcoin-mining machines.

At the time, Klimenko told Moscow-based news broadcaster RBC that viruses that install bitcoin-mining software are the “most common and most dangerous” type of computer malware in existence.

 

SA white hat hackers disable Bitcoin-mining virus

Published by ITWeb on 17 October 2017.

A dangerous Bitcoin-mining virus has been detected and disabled by two Johannesburg-based IT experts.

A potentially devastating Bitcoin-mining virus has been stopped in its tracks, thanks to the vigilance and quick actions of two local IT experts.

Although mining Bitcoin with regular computer hardware is no longer profitable, that isn’t keeping criminals from giving it a try. Over the past few years, there have been several types of Bitcoin-mining malware, infecting computers all over the world.

White hat ethical hacker William Vermaak, from PBSA’s digital arm pbDigital, and senior software developer, Morne Wilken, detected malicious activity on one of their customer’s servers last week.

The two immediately analysed the source of the virus and uninfected the server. “Unfortunately, the only trace left in the code by the originator is the Bitcoin wallet that the Bitcoins will be deposited into. To trace the Bitcoin wallet is extremely difficult and you will need a police warrant to get any information from the Bitcoin companies hosting the wallet,” says Vermaak.

According to Vermaak, the virus had gone undetected by all available virus packages. “We submitted samples to ESET the next day and [the company] immediately responded from its virus lab in Denmark, confirming the virus was wild and that detection for the threat had been added to its latest definition updates.”

Founded in 1992, ESET is a Slovakia-based IT security company that offers anti-virus and firewall products such as ESET NOD32. The security company named the virus winlog.VBS – VBS/TrojanDownloader.Agent.QE trojan winlog.bat – BAT/CoinMiner.UG Trojan.

By the time of detection, the virus had infected 0.04% of Windows computers in SA, while Russia was hardest hit, with 0.5% of all Windows computers infected. Windows is currently the most popular end-user operating system in the world.

Essentially, a Bitcoin-mining virus, the Winlog Virus downloads a Bitcoin CPU miner on the victim’s computer, and then mines Bitcoins for the virus originator. Vermaak says this type of virus is particularly evasive.

“It tries to make itself resilient and configures various system schedules to start it again if it’s stopped. The virus will also install itself on the system as a system service. It infiltrates the System Registry and changes some keys to make itself run again if it’s shut down,” Vermaak explains.

“Shortcuts on the victim’s desktop are modified to run the virus and these then run the original program, in an attempt to mask its presence. The virus also copies itself into various other files on the system – including Microsoft.exe – to ensure resilience.”

Bitcoin-mining machines

Almost three months ago, Russian president Vladimir Putin’s Internet advisor, Herman Klimenko, issued a dire public warning that 20% to 30% of all computers in Russia were infected with computer malware designed to turn devices into Bitcoin-mining machines.

At the time Klimenko told Moscow-based news broadcaster RBC that viruses that install bitcoin-mining software are the “most common and most dangerous” type of computer malware in existence.

With the surge in Bitcoin-mining viruses, Vermaak says: “You need to keep your anti-virus software updated, and your operating system on the latest updates.

“With the growing demand for Bitcoin, this is sure to escalate in the near future, but it is still very new so hopefully we’ve stopped this method of infection for now.

“These days there is no such thing as a bulletproof system. Everything has got some weakness whether it’s a known or unknown vulnerability. Someone will find a vector that no one will think of to gain access to a system and use it to their advantage. The only thing you can do is to minimise the risk by using a good anti-virus package and to do backups regularly,” Vermaak concludes.