LinkBack URL
About LinkBacksRead more.Either pay up 1BTC ($780, £618), or infect two 'friends', in order to decrypt your files.
Read more.Either pay up 1BTC ($780, £618), or infect two 'friends', in order to decrypt your files.
A social engineering based virus like that does not feel like it was made by someone "just fer tuh lulz". That's far more sinister
Does sound more like a social experiment. How evil.
Still easy fix, spin up two virtual machines.
How would that fix it? Wouldn't they need payment first?Originally Posted by Dashers
(However, there is a sinister alternative: if you share the malware with at least two other folk, who fall victim to it and 'pay up')
If it happened to me, I assume I could just wipe the entire PC? As there is nothing on my PC that is... something I need to keep. It is purely a gaming PC. Pictures/Videos are all kept on separate PC and Laptop as backup.
I believe the insinuation would be that if a VM was infected you'd just delete it and use the other, then spin up a 2nd again.
Indeed, if you have up to date backups then this is just a pain-in-the-back-side. You could simply format the PC and re-install Windows / all your software again, then copy the data back.
I always prefer to have an offline copy of data on a USB drive. As I assume these Malware programmes can easily infect Dropbox / etc if they are used from the desktop.
It's fairly easy for malware to detect if it's running in a VM environment by looking at the range of memory addresses the malware is running on .
This is just awful, it reminds me of a certain religious group that believe heaven has a finite number of places and the only way to get in is to convert more people to said religion than others do.
throw new ArgumentException (String, String, Exception)
The 2 VMs are the solution, let it infect them and then your main PC is in the clear.....IF you believe their claims.
Scum sucking dregs of humanity that they are, I wouldn't trust infection or paying.
Main PC: Asus Rampage IV Extreme / 3960X@4.5GHz / Antec H1200 Pro / 32GB DDR3-1866 Quad Channel / Sapphire Fury X / Areca 1680 / 850W EVGA SuperNOVA Gold 2 / Corsair 600T / 2x Dell 3007 / 4 x 250GB SSD + 2 x 80GB SSD / 4 x 1TB HDD (RAID 10) / Windows 10 Pro, Yosemite & Ubuntu
HTPC: AsRock Z77 Pro 4 / 3770K@4.2GHz / 24GB / GTX 1080 / SST-LC20 / Antec TP-550 / Hisense 65k5510 4K TV / HTC Vive / 2 x 240GB SSD + 12TB HDD Space / Race Seat / Logitech G29 / Win 10 Pro
HTPC2: Asus AM1I-A / 5150 / 4GB / Corsair Force 3 240GB / Silverstone SST-ML05B + ST30SF / Samsung UE60H6200 TV / Windows 10 Pro
Spare/Loaner: Gigabyte EX58-UD5 / i950 / 12GB / HD7870 / Corsair 300R / Silverpower 700W modular
NAS 1: HP N40L / 12GB ECC RAM / 2 x 3TB Arrays || NAS 2: Dell PowerEdge T110 II / 24GB ECC RAM / 2 x 3TB Hybrid arrays || Network:Buffalo WZR-1166DHP w/DD-WRT + HP ProCurve 1800-24G
Laptop: Dell Precision 5510 Printer: HP CP1515n || Phone: Huawei P30 || Other: Samsung Galaxy Tab 4 Pro 10.1 CM14 / Playstation 4 + G29 + 2TB Hybrid drive
The article states that those two people have to pay up, not just be infected, so that idea won't work.
The lack of reading comprehension here was starting to set me off by the time I got this far in. I don't think there's any ambiguity in how you said it, even though it was already mentioned by someone else above and they carried on regardless.The article states that those two people have to pay up, not just be infected, so that idea won't work.
This is where a good backup strategy comes in handy.
Live long and prosper.
I doubt I will fall victim to one of these but if I do its just the format and restore backup.
I run my backup daily at busy times with my business, past that just when needed.
I don't backup my steam library so that would be one hell of a download.
Thats nasty. thank goodness my important files are in the cloud.
My mistake, I didn't clock that before I commented.
For more practical advise:
Use a NAS for anything you want to keep. As you connect to your files on a NAS via a file-level protocol and not a block-level protocol, if can only encrypt the files and not the underlying disk. Still a problem, but that can be addressed with a snapshotting file system like btrfs. This will create a read-only snapshot of your file system at regular intervals. Somebody encrypts your files? Not a problem, just switch to the snapshot from an hour ago.
Snapshots work by freezing the disk where it is and then any future changes are made as a "delta" to the last snapshot. This means you're not taking up significantly more disk space for each snapshot (indeed, if nothing has changed, there is effectively no increase in size).
Of course Windows does support this concept with file-history or VSS, but there is a risk that one of these viruses encrypts at block-level as it could have local admin access.
And of course - create a disconnected backup.
Personally, I backup all my documents and mail etc to a family member's NAS over a VPN, and I periodically put all my photos onto an encrypted external drive and store in a locked drawer at work.
If my house was wiped out, I'd need whatever hardware, re-download any software (as most stuff is key based, that's backed up) and rebuild, and re-rip/download any media. It would be a right PITA, but I will still have my data.
I had a couple of customers caught out by this kind of ransomware. Really nasty stuff. It was 256-bit encrypted and you couldn't track where the payment went as they basically used the TOR Network as a 'host'. Clever, but evil.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
