Huh, I just checked and you're right. Sandboxie is developed by just one guy. I can only assume the lifetime license wasn't providing him with enough money. It is his only source of income IIRC.
Edit: Straight from the developer himself:
Cryptolocker: new malware encrypts your files, demands ransom within 96 hours
- Thread starter j_k_redtail
- Start date
- Status
Huh, I just checked and you're right. Sandboxie is developed by just one guy. I can only assume the lifetime license wasn't providing him with enough money. It is his only source of income IIRC.
Edit: Straight from the developer himself:
I just use Windows Defender and Spybot S&D. Just have to manually update Spybot every week and run a scan, it protects really well. WD or MSE are unobtrusive, it keeps itself updated and runs scans on schedule.
Tech noob question: Is the Mac safe at the moment just because nobody has bothered to program specific malware yet, or are there OS-level security barriers/ structural differences to prevent such a thing (or at least make it harder)?
People used to say "Yeah, the Mac doesn't have viruses because nobody has one", which obviously isn't true anymore. I wonder if there will ever be a platform-agnostic virus.
People used to say "Yeah, the Mac doesn't have viruses because nobody has one", which obviously isn't true anymore. I wonder if there will ever be a platform-agnostic virus.
I want to know this too.
Also, are there any good free virus scanners on OS X? Is it even needed?
Regret Truth
Member
Guys, what if Malwarebytes created this virus to boost sales of their software?
.jpg)
Glad I'm not the only one that thought of this lol.
On a malware like that, I'll be surprised if there's an AV solution that catches it on scan but let you execute it.
The main issue granting a malicious code the rights to access your files, Macs make you enter a password wherein windows just make you press okay which is less involved and therefore more likely to be pressed without much thought, but if you allowed a bad piece of code to run on you apple box with administrative rights, it can very much do the same.
SapientWolf
Trucker Sexologist
Someone correct me if I'm wrong, but if you connect your machine to a network that's been compromised then you're at risk as well.
Only if the other computer has access rights to modify files on your computer.
If you can wait it out a little bit Newegg will have the lifetime license featured for $14 or so in their e-mails. It seems to show up every few weeks and has free shipping every time I see it. (Now I want to buy it but I've passed it up all those times.)
CriterionDog
Member
edit: wrong thread
stanley1993
Neo Member
Ethics aside, to me this seems like a win/win situation for Malwarebytes. If we go on the idea that they are behind the ransom, they are making money from the software sales and the "ransomware". Many antivires/malware softwares already detect it so it is hard to back the claims that one software company might be behind it. Maybe an overrall boost to the industry. A lot of possibilities but one of them could be someone planting an idea in this and many other popular thread sites. The idea that Malwarebytes is the best program and buying it is a good decision. I do see a string of malwarebyte posts... when did it all start? haha, maybe possible.
Yes. If your passwords were to get infected/deleted/whatever then that would only be happening in the sandbox; in the virtualised environment. Outside the sandbox they would continue to exist as normal, completely unaffected. Once you delete the contents of the sandbox it would be like nothing ever happened. The same thing would apply to any file on your computer.
You should note however that by default Sandboxie doesn't prevent malware from running in the sandbox, stealing your passwords and then uploading them to a remote server somewhere. It just doesn't work like that since that wasn't its original purpose. You can easily configure it to block such a scenario from happening, but don't go into it thinking that it'll automatically do it for you.
It does take 5-10 minutes of tinkering to set it up how you want, but once done it's definitely worth it. If you have a question then the Sandboxie forums are a good place to start, or just ask here/ PM me.
Yeah I might just wait. I have 2 computers, 1 that I use and 1 that my parents use (older people are usually more vulnerable), and I can afford $30 for both not $50.
Thanks for the recommendation.
Darkmakaimura
Can You Imagine What SureAI Is Going To Do With Garfield?
Wouldn't mind a nice slow spit roast over a fire for the assholes who programmed and spread it intentionally.
Mac is safe at the moment. That said you should have an anti virus and anti malware software installed. Macs get less viruses because the user base is small compared to Windows, but Apple has always suggested using an anti-virus.
More people use Macs nowadays, yes, but if I'm writing a virus I'd write it for Windows because more people can get it. There have been viruses on Macs and also Malware, so just stay up to date with your protection.
Coreda
Member
You may need to give it some permissions, but yes, it will run alongside any AV afaik. It's not meant to be an anti-virus per se, but as it contains any malicious programs that run some use it to be on the safe side.
As someone pointed out it won't prevent malware running while the sandboxed session is still open, so any info-stealing apps can still do their job, they'll just get wiped on exit, along with any file changes, etc.
CrudeDiatribe
Member
Someone at my work got this; encrypted his PC and a server full of files. Luckily we had a backup, so after it was deleted it was just a matter of restoring everything.
The popularity argument doesn't hold a lot of water since the Mac had more viruses and less marketshare in the '90s. The contemporary OS X was inherently more secure than Windows XP; Windows 7 was more secure than the contemporary OS X release. Apple has stepped up their game and you do have built-in anti-malware that is non-optional and transparent until there's a problem.
Still, exploits do happen, but mostly they're caught and fixed in a reasonable time frame.
Sophos makes one. There is anti-malware stuff built-in.
Don't run as an admin user and you'll have to type in Windows too.
Not sure it's required in this case it is accessing files you own/have access to, running as a program under your user. No administrative rights required. Being protected by needing to type only protects the OS and the applications your personal files can be boned without admin rights.
The popularity argument doesn't hold a lot of water since the Mac had more viruses and less marketshare in the '90s. The contemporary OS X was inherently more secure than Windows XP; Windows 7 was more secure than the contemporary OS X release. Apple has stepped up their game and you do have built-in anti-malware that is non-optional and transparent until there's a problem.
Still, exploits do happen, but mostly they're caught and fixed in a reasonable time frame.
Sophos makes one. There is anti-malware stuff built-in.
Don't run as an admin user and you'll have to type in Windows too.
Not sure it's required in this case it is accessing files you own/have access to, running as a program under your user. No administrative rights required. Being protected by needing to type only protects the OS and the applications your personal files can be boned without admin rights.
Thank you! I also found that Avast makes one! So I'll give them a go.
Roland1979
Junior Member
That's why you back up stuff you can't afford to loose. And i don't negotiate with terrorist. I'd rather see it all burn. I'd rather do a complete re-install of Windows then paying a single cent. And what a f*ckers! They should be hit HARD!
Well, if anything, this had made me take my security a bit more seriously.
I finally set up a dedicated, password protected administrator account so that I can stop using an admin account for my day-to-day work. I've realized I've got to get more religion about backing up to an external and unplugging it after the backup, and I made additional backups of some of my more irreplaceable documents and pictures on cloud storage (I had 25GB on Skydrive that I wasn't using). I've always been disciplened about antivirus software and staying on top of OS and software updates.
Scary stuff in the OP.
I finally set up a dedicated, password protected administrator account so that I can stop using an admin account for my day-to-day work. I've realized I've got to get more religion about backing up to an external and unplugging it after the backup, and I made additional backups of some of my more irreplaceable documents and pictures on cloud storage (I had 25GB on Skydrive that I wasn't using). I've always been disciplened about antivirus software and staying on top of OS and software updates.
Scary stuff in the OP.
:lol
Win 7 on my PC, MSE found this on 10/6/13:
A lot of good info on Crypto:
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
A lot of good info on Crypto:
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
Coreda
Member
You'll be waiting for quite a while then, as these things never really go away. As one security person has been quoted as saying, "Security exploits never get worse, they only get better."
MilesWebber
Member
Poor windows users 
That is one shitty program.
That is one shitty program.
CrudeDiatribe
Member
Except it's not fucking your OS up, it's destroying your files. If this happened to me and I had no backup I would pay, my files are the only record of my life outside of my head.
I have three backups, though I think two of them are clones so would overwrite the good files with the bad files if my Mac was infected by shit like this and I didn't notice.
Make sure at least some of your backups are automatic. This ransomware does not affect files accessed via UNC paths; i.e., you can back up over the network to \\foo.local\backups just like that, or with that share mapped to c:\backups or to k:\ (or whatever). The latter two options will cause your backups to be eaten by this, but the first one won't.
Daniel Jackson
Member
Excellent article. It has some nice info on how to prevent infection by setting some policy rules. It recommend you all to follow its advice.
velociraptor
Junior Member
What tools do you use?
Randy Monk
Member
"Is there a way to contact the virus author?
People have asked how they can contact the author of this infection when their payment does not go through. There is no direct way to contact the developer of this computer infection. They are, though, monitoring the various threads about this infection, including our CryptoLocker support topic, and have responded to infected user's issues as well as to give other messages on the home page of their Command & Control servers. The address for this Command & Control server can be found on the desktop wallpaper on an infected computer. The url that they specify to download the decrypter, can also be used to view the messages from the author."
Fucking hell. They are setting a terrible precedent with this virus.
davepoobond
you can't put a price on sparks
At least they offer actual customer service rather than just not giving a shit.
Randy Monk
Member
Thats what I'm getting at. Its like they are so blatant that they would even offer customer service to their vicitims. This is very unsettling.
PS3GamerKyle
Member
lol you are kidding, right? oh my god, it took 5 seconds to plug it in...the travesty
Daniel Jackson
Member
Yeah that's so amazing, they're acually offering customer support.
If a lot of people get infected, they might even have to outsource their support to India.
All you need is to input your password once: that'll grant the software rights to do whatever it want, like setting up daemons and stuff. Some kinds of Mac software require admin rights to be installed, so the attacker just needs to find a way to disguise their malware as something people want (or think they need) to install.
You don't really need administrative rights to get damaged by such software: any user-level app can access the user's own documents. The software just needs to keep itself running for enough time to do damage, which is harder if it can't set itself to run automatically on boot.
Wolf Akela
Member
I practice very safe browsing and have never been infected since half a decade ago.
Stuff like this still scares me and I'm seriously considering upgrading MB to the paid version.
Stuff like this still scares me and I'm seriously considering upgrading MB to the paid version.
Diablohead
Member
Stuff like this makes me suddenly really paranoid, backing up important work right now, it was due time to backup anyway.
Prophet Steve
Member
Yes, I think so.
Roland1979
Junior Member
I am aware of that that's why i said you need to back up files. But to remove some infections a complete re-install is sometimes necessary, especially if it's more then a few. Haven't had many in years, but in the past i have had a situation where a re-install of the OS was just easier and probably faster. Some could not be removed, some may stay hidden and you remove every trace this way.
- Status