Jump to content
ebrke

Windows Ransomware Attack

Recommended Posts

V.T. Eric Layton

Pardon me just a moment while I sit back and gloat.

 

What? You didn't have your network secured? You didn't have access to recently made backups of your data? Your anti-virus/anti-malware wasn't up-to-date? You still allowed telnet into your servers? You weren't using a fire-walled router?

 

Well, that's gonna' SUCK for you, then.

  • Like 2

Share this post


Link to post
Share on other sites
onederer

Lucky me, I use Linux, so I'm still loose and free to operate.

 

With Windows, I was not able to install Win. 10 when it was free. Never able to complete the entire installation. In spite of using a proxy, and a firewall (ZoneAlarm), I got hit with ransomware. Disgusted, I just left it that way, since last year. I'd have to totally reinstall Win. 7, to overcome the disaster.

 

Actually the only reason that I need to use Windows, is to update my TomTom and Magillan gps devices. Too bad that can't be done via Linux, I could then totally dump Windows.

 

Cheers!

  • Like 2

Share this post


Link to post
Share on other sites
raymac46

I also read that a lot of folks affected by this are dumb enough to continue running Windows XP or Windows Server 2003. Microsoft has apparently released patches they do for their Custom Support clients to counteract this problem.

It's not much fun for anyone who gets nailed by one of these ransomware worms. I had a friend who was hit and we just scrapped all his data. We were able to get some photos and docs back from his old PC that he still kept in the basement.

What bugs me is why would anyone post a known and powerful hacking tool out on the Web for any Black Hat to download and modify.

Share this post


Link to post
Share on other sites
V.T. Eric Layton

The dumbest thing of all about this massive ransom campaign is that it's activated (and spread) by the usual method...

 

CLICKING ON UNKNOWN ATTACHMENTS IN EMAILS

 

Can you believe that people still do this? Doesn't anyone know how to right click on an attachment and request that your AV run a scan before opening? How 'bout just NOT clicking on attachments at all? Yeeeesh! This method of infecting systems has been around since they ransomed the 2X2 animal data from Noah's system. C'mon, people!

  • Like 1

Share this post


Link to post
Share on other sites
ebrke

Sadly, there are a lot of people like my mother and her friends who are indeed not capable. Of course, there are others who should be capable but aren't for some reason.

  • Like 2

Share this post


Link to post
Share on other sites
raymac46

If you are "not capable" you still have some options assuming you know someone who is capable:

  1. Get a good security suite like ESET and keep it up to date.
  2. Get Malware Bytes Pro with real time protection.
  3. Run Linux.
  4. Don't use email if you are too dumb to avoid attachments.
  5. Don't connect to the Internet. Play games offline.
  6. Don't use a computer at all.

There are many times I wish people like Lillian would just take option 6.

  • Like 2

Share this post


Link to post
Share on other sites
Dr. J

I came across this a little while ago... seems even "technically competent" people can get sloppy and subsequently hacked...

 

https://forums.gentoo.org/viewtopic-t-1060828.html

 

A little down the thread the poor sod admits to running Firefox as root... that's probably how they got in.

 

Yeah, I'm guilty of running FireFox as root. Shame on me - I should have known better.

Edited by Dr. J
  • Like 1

Share this post


Link to post
Share on other sites
onederer

Well, it looks like even Linux has gotten hit by ransomware. This time, Gentoo. Thus far, I've been spared of getting the end of the bad stick. I wonder if it's because I have a layer of IP addresses by using a Zenmate proxy, Clamav, and a Linux defrag program, and a keylogger sniffer?

 

It could also be because I still use PCLinuxOS, because of it's stability.

 

Another thing comes to mind. Have any of you ever heard of any BSD systems being attacked by ransomware? Not that many users would make that OS system a very low peofile target.

 

Cheers!

Share this post


Link to post
Share on other sites
raymac46

I think that any Linux user could get hacked if they browse the Internet as root.

Share this post


Link to post
Share on other sites
onederer

That's questionable, because the file system of Linux is different than Windows. Odds are that the ransomware was designed to attack Microsoft's baby. After all, Windows is the favorite target because there are so many users worldwide. That makes it very tempting for jerks that purvey their malware.

 

I suppose that there are a few worms floating around the Internet just looking for Linux users, and those could be disastrous for some poor users.

Share this post


Link to post
Share on other sites
ebrke

If you are "not capable" you still have some options assuming you know someone who is capable:

  1. Get a good security suite like ESET and keep it up to date.
     
  2. Get Malware Bytes Pro with real time protection.
     
  3. Run Linux.
     
  4. Don't use email if you are too dumb to avoid attachments.
     
  5. Don't connect to the Internet. Play games offline.
     
  6. Don't use a computer at all.

There are many times I wish people like Lillian would just take option 6.

Well, I have my mother utilizing your steps 1 and 2 and she uses a limited user account--doesn't even know the admin password. She usually asks me if she gets any attachments because she can't figure out how to access them. She's 89 now.

  • Like 1

Share this post


Link to post
Share on other sites
raymac46

That's questionable, because the file system of Linux is different than Windows. Odds are that the ransomware was designed to attack Microsoft's baby. After all, Windows is the favorite target because there are so many users worldwide. That makes it very tempting for jerks that purvey their malware.

 

I suppose that there are a few worms floating around the Internet just looking for Linux users, and those could be disastrous for some poor users.

You can still get hacked through things like Flash if you are dumb enough to run as root. Maybe not this particular thing but the Gentoo guy was infected and that's Linux. Don't assume you are totally immune if you don't practice safe computing.

  • Like 1

Share this post


Link to post
Share on other sites
V.T. Eric Layton

 

3. Run Linux.

 

 

That's the one! Of course, option 6 wasn't a bad idea either. ;)

  • Like 1

Share this post


Link to post
Share on other sites
abarbarian

This is a really disgusting attack. Several freiends have been caused a great deal of trouble due to the NHS being compromised. Find the culprits and hang em high. Naturally you would need to hang the NHS techs for setting up th NHS system so sloppily. Oh and it might be a good idea to hang all the MP's past and present who allowed such a shoddy computer system to be built and run.

 

I think I will stand for Prime Minister at the upcoming elections with the policy outlined above. recon I would stand a decent chance of election. :Laughing:

  • Like 2

Share this post


Link to post
Share on other sites
V.T. Eric Layton

Don't forget to hang all those fatcat Microsoft folks.

Share this post


Link to post
Share on other sites
V.T. Eric Layton

Have I mentioned lately that I LOVE Linux?

  • Like 1

Share this post


Link to post
Share on other sites
Dr. J

I just found out that my local library got hit over the weekend... All of their public machines were running Windows 7, but god knows what was keeping their network up in the background. Oddly enough, I had previously noticed LibreOffice on the public machines instead of the MS variant... If they'll ever switch over to Ubuntu LTS on those, I guess it'll happen now...

Share this post


Link to post
Share on other sites
Corrine

That means that the library's public Windows 7 machines had not received the March MS17-010 security update.

  • Like 2

Share this post


Link to post
Share on other sites
abarbarian

Don't forget to hang all those fatcat Microsoft folks.

 

Well they are not really at fault in this instance. :whistling:

Share this post


Link to post
Share on other sites
V.T. Eric Layton

So?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...