AAEH Security Threat – What You Need to Know

What exactly is AAEH?

Today, the US-Cert (United States Computer Emergency Readiness Team) released a security alert concerning the AAEH security threat.

AAEH is a group of malicious software downloads that exists in many different forms, all designed to wreak havoc on computers and networks.  It may be a “password stealer” that records your passwords as you perform online banking, log into credit card accounts and the like.  It could be in the form of a rootkit, a “clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence.” Or it may present itself as a fake anti-virus, tricking you into “installing” it on your computer.  Lastly, it has been seen in the form of ransomware that will encrypt computer key files and then demand payment in order to return the files to a readable state.

Once a user has downloaded any of the various forms of AAEH, it begins to mutate, which makes it very hard to defend against from a reactive point of view.  Even worse, if the infected computer is on a network, the malicious software morphs every few hours and rapidly spreads across to other users. AAEH has also been known to block access to well known anti-virus websites, so that infected users don’t stand a chance at getting help. The best known defense against AAEH and any other malware is to be proactive when it comes to your computers and networks.

Cryptolocker danger

How to defend against the AAEH Security Threat

Be sure that you have a solid Anti-Virus solution in place and that it is kept up-to-date with the latest virus definitions.
We often see users who install anti-virus and then never perform any updates after that installation, not realizing that by doing so they are leaving their systems completely open to attack.  If you have a multiple user network, opting for a managed anti-virus system can save you the headache of managing multiple installations and updates.

Install Updates for Your Operating System and other Software 
Installing Windows® updates and updates for any other installed software is a strong defense against threats such as these. Microsoft®, Adobe®, and other software companies release these updates to fix known security problems or vulnerabilities. When you choose not to install them, you are making a way for hackers to easily exploit your systems.  It’s like leaving your front door unlocked with a sign in the window that no one is home.

Employ a Reliable Backup System
Even the most careful users need a solid backup they can depend on. Whether it’s accidentally deleting a valuable file, folder corruption or a full-on malicious attack like these, make sure you protect your data with a good quality backup system. Also, don’t set it and forget it. Test and check to ensure that the backup is working properly and that you can restore the files when you need them most.

Do not click on links in emails that are unsolicited or from an unknown sender.
Even emails from “known” senders should be treated with the utmost diligence.  If you are even remotely skeptical, don’t click on it!

Use extreme caution when opening attachments.
Read this article to learn how you can avoid email scams.  Bottom line is, don’t open it if you don’t have to.

When browsing the web, use safe guidelines.
Don’t visit gambling sites, gaming sites, coupon sites or allow websites to install software on your computer.  If you find yourself in a risky situation, call the IT HelpDesk immediately.

Evaluate Your Security Settings.
When was the  last time you checked your security policies or tested your network configuration to ensure you and your mission critical data is fully protected?  A Vulnerability Scan can show you areas that you may not realize are putting you at risk so that you can avoid potential disasters.

Removing AAEH from an infected computer

With a sophisticated infrastructure and over 2 million unique instances of AAEH, there’s no easy 1-2-3 way to tell you how to remove it because each case is different. The best thing to do is to contact our IT Support HelpDesk immediately if you suspect you may be infected with AAEH or any sort of malware. Our certified helpdesk professionals are ready to assist you in any way possible.


Posted in

Mike Dorr, President

Mike began as a Burgess network engineer in 1998. He later spent 3 years as Five County Credit Union’s Director of IT before returning as an owner in 2006. He lives in Bath with his wife and children and is an active member of Big Brothers Big Sisters.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *