Cryptolocker: new malware encrypts your files, demands ransom within 96 hours

Status
Not open for further replies.
Blacksafs said:
this is probably a stupid question but other than entering info on a shady website, is there a way for a tablet to be comprised by any sort of malware
Click to expand...
You don't need to click anything to get malware these days
you can get it through banners or any javascript executed on any website, just by opening the page

That's why you want to use noscript, it'll block most javascript code from running when you browse which reduces the chance of getting malware while browsing.

There's also constant security holes in browsers and windows that can be abused to send you a virus or trojan

Rules every computer user should know and respect:
-if you have any files you don't want to lose, back them up outside of your computer
(consider all your non back upped files forfeit and accept that sooner or later a broken or corrupted hard drive or a virus WILL make you lose them)

-don't click email links, don't click links on skype or other messaging programs without asking the other person what they are, so you know they sent it and it's not automatically sent

-never ever open files sent through email unless you expected both the email and the file

-mouse over links on forums and gaf to see the adress before clicking on them
www.google.com (click this and see why)

-if anything you see on the internet seems too good to be true, it is too good to be true

-keep java, your browser and windows (security updates) updated : every time there is a new vulnerability or exploit, sun/google/firefox/MS will patch it out within a few days, so if you keep these 3 updated your pc won't be vulnerable for long and you're statistically much less likely to get infected even if you are the kind of dumbass who clicks on every link , file and pop up they see

-never (seriously) post your email adress on a public forum or anywhere else on the internet, unless you want to be bombarded with phishing mails

-use at least two email adresses:
one for your work/school, bank and other important stuff
one for social crap, forum registrations and other useless crap, this is the one you give to your friends and family
It only takes one small forum database being hacked or an idiot relative getting a virus that sets his contacts on an phishing mail list to start the spam and phishing mails on an email adress

Virusses don't mean shit if you don't have anything they can take from you, so back up your important stuff and don't save your creditcard info anywhere online or on your pc.
I've never lost anything and think I've had a total of 3 virusses over a 15 year period by following the rules above.
If you can't set your computer on fire right now without losing anything of value, you need to make backups.

Timedog said:
Right now someone that has this is backing up their files and the files on their external harddrive are being encrypted.
Click to expand...
lol, probably
 
Yeah... This is a prime example of Ransom-ware. This kind of stuff has been around for years. I am an IT Security Consultant, my best advise would be:

Ensure you use a quality anti-virus product (a free product isn't necessarily the best), never turn off your On Access Scanner and always ensure your AV updates at every opportunity.

Consider using an internet content filtering software that blocks access to malicious sites - there are plenty of solutions from a lot of key vendors - I would recommend K-9 Web Protection - it's key focus is on parental controls, but it also allows protection from malicious web sites. It's built by Bluecoat, uses their WebPulse reputation cloud and is FREE. http://www1.k9webprotection.com

Dont, and I mean DONT, ever open or trust attachments from emails from senders who you either don't recognise or aren't expecting emails from. This is a huge attack vector for malware propagation and the majority of successful malware execution happen this way

Hope that helps.
 
In this hour I feel like I've made a nuclear bunker with barbed wire and machine gun turrets in response to kids egging my house.

Can't be too careful I guess.
 
Dr.Acula said:
The white-hats are on the case!
Click to expand...
Gota love the interwebs and the communities behind an open platform

Chinner said:
so whats the best anti virus combo? i use mse but i get that it doesn't provide full coverage, whats best to use that gives best coverage but makes thing least obtrusive? is spybot even relevant anymore?

not that it matters, if this happened to me i would probably wipe and restore.
Click to expand...

The best anti virus combo is not to use your pc like your grandma/mom/an eight year old would do
you'll always be vulnerable with every antivirus, they are always just playing catch up to what is new.
Things like the video in OP should come with tips to prevent being infected, not 'plz buy our product'
 
I remember seeing a presentation at McAfee's AVERT Labs back in.. 07 I think it was.. They stated that even back then a single variant of ransom-ware would normally have about a 0.3-0.5% successful propagation rate, but would still net £15,000+ revenue per month.
 
richisawesome said:
I read earlier that the estimated amount of attacked systems is around 150,000. Lets say only a quarter of those people pay up. That's $11,250,000 - in just over a month.

22 mil if half paid.
Click to expand...

2be9fb4a441571e581c96556d6988f34f46509de_m.gif
 
Wow. This is actually.... Really clever. Though it's totally evil. Much better than the fake antivirus products.

Back up your data somewhere that isn't always mounted to your computer, folks.
 
Anybody looking into a good backup solution should take a look a Duplicati. It connects to Skydrive, Google Drive, Amazon Cloud and pretty much all of the most popular cloud storage services, on top of FTP and external units (USB drives from all kinds). It's free, very easy to use (if not really pretty), includes encryption and supports advanced administration functions if you need them.

I basically have a duplicated copy of my work files on some bullshit, totally anonymous Skydrive/GDrive accounts + a hard copy just in case. I don't really care about movies and music, I can always re-rip those if disaster strikes.
 
Funky Papa said:
Anybody looking into a good backup solution should take a look a Duplicati. It connects to Skydrive, Google Drive, Amazon Cloud and pretty much the most popular cloud storage services, on top of FTP and external units (USB drives from all kinds). It's free, very easy to use (if not really pretty), includes encryption and supports advanced functions if you are into that.
Click to expand...

It works over ssh? Awesome, will check it out, is it faster than rsync for an incremental?
 
I will try it, have been looking for a good encrypted system recently, right now it's rsync over ssh and then encrypting at the other end. Building the file list for an rsync seems to take ages though.
 
DedValve said:
Be real with me, will I have to lay low on porn sites outstide the popular ones like xtube, redtube, etc.?
Click to expand...

Many of the most popular porn sites install all kinds of nasty shit, they are just much more sneaky and hide it better.

Get your smut using a separate, securized browser (rejecting cookies, plugins, javascript, logins, the works) that you don't use for any other functions. Firefox is my main browser, so I keep IE for those duties because of dat Bing video search.
 
I really need to go back to dual booting and mostly using Ubuntu. Not like I'm doing anything other than web browsing/music listening most of the time.

Worried about friends though. Had to spend ~2 hours fixing a friends computer over the phone thanks to one of those scareware "this is the metropolitan police we've detected illegal filesharing, please pay this fine" viruses. That wasn't fun.
 
I think my dad's laptop may have gotten infected with the malware, he just called me saying he can't get into his laptop and its asking him for $300..
 
Killah said:
I think my dad's laptop may have gotten infected with the malware, he just called me saying he can't get into his laptop and its asking him for $300..
Click to expand...

It's probably that Moneypak virus. That one is a lot easier to deal with than Cryptolocker but it's still kind of shit.
 
Orbis said:
Only if you plan on repeatedly backing up many GBs of data. For some people, this is mostly going to be a possibly lengthy one time process, followed by much smaller backups of new files. I have several gigabytes of photos for example, but that's in total, so I don't have to keep backing these up. I also use an external drive though.

Just some info on Dropbox and this 'ransomware' though; because Dropbox automatically syncs your files, if Cryptolocker encrypts everything in your Dropbox folder, these files will be picked up and uploaded by Dropbox and overwrite the cloud version. No need to panic if this happens; obviously you'll first want to disable Dropbox on the infected PC, clean the PC of this infection, then you can restore previous versions of any encrypted files from the Dropbox website. Dropbox keeps old versions of files for 30 days I believe, at no cost to your overall storage space.

And generally there's no real need to panic over this particular piece of software. It's not massively widespread, but it should serve as a reminder to check your security and backup methods generally.
Click to expand...

TIL Drobox has versioning.

Also, security now has it right. This will probably change the future of malware.
 
Couldn't you just create two admin accounts, account A and account B and account C. Use account A for normal use. Create a folder that account B ONLY has write access, and account A ONLY has read access, with account C as the owner. Use account B periodically to backup files to that folder. Never use account C (could even be the default Administrator account).

Programs that run on Windows are typically run under TrustedInstaller or the user account that started it. It shouldn't have appropriate access to encrypt your files. I might test this out on a test PC.

Would be a lot easier than a cloud backup or another kind (but those are still optimal if you trust the cloud and need your data backed up).
 
I store/backup important files on external HDD rarely connected. I do that because I don't trust HDDs.

How are these people getting infected?
 
CobbFC09 said:
Any recommendation as to which one to use or does it not really matter.
Click to expand...
I prefer Dropbox. More people use it so it's easier to share stuff. Plus they have the best app and web interface.

All of them are similar though.

danwarb said:
I store/backup important files on external HDD rarely connected. I do that because I don't trust HDDs.

How are these people getting infected?
Click to expand...

What's the point of a backup if all the files are old as hell when you restore?
 
Welp .. There goes recommending free solutions to people anymore. I'm going to ditch Avast free and use MBAM Pro straight away.

Edit: Just noticed that Avast free does get it.. Sticking with it for now.
 
Mikey Jr. said:
What would happen if you did system restore?
Click to expand...

System Restore creates regular restore points and maintains older copies of files using the Volume Shadow Copy service. This is the feature that allows you to restore previous versions of files (Right Click --> Properties --> Previous Versions). Some users have had some success restoring their files using this technique, or a utility called Shadow Explorer.

Many people do not have the Volume Shadow Copy service enabled, so I'd check.
 
Enco said:
I prefer Dropbox. More people use it so it's easier to share stuff. Plus they have the best app and web interface.

All of them are similar though.
Click to expand...
So in regards to using an external HDD for backing up larger amounts of data automatically, is there any good free options aside from Crashplan. I did check them out but they appear to only offer a free trial.
 
Status
Not open for further replies.

Similar threads

Starship Flight 11 launch within the hour
39
497
ReBurn replied
The Why Files
26
976
Diatribe1974 replied
JFK Assassination Files Released!
2
55
5K
DKehoe replied
The "Bing Wallpaper" app is malware
Business 
1
956
Trogdor1123 replied
Village Roadshow Files for Chapter 11 Bankruptcy
News 
13
1K
TheInfamousKira replied
Top Bottom