1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Internet Scam - ‘Ransomware’ Locks Computers, Demands Payment

Discussion in 'Tech Talk - Gadgets, Gizmos and Technology' started by Nick, Aug 27, 2012.

  1. wilbur_the_goose

    wilbur_the_goose Hall Of Fame

    4,476
    49
    Aug 16, 2006
  2. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    Listening to the podcast now, very interesting on how the business of this stuff actually works. I didn't really realize when you buy an exploit kit, it could com with a license agreement that it could only be used against a particular domain, with add on packs and tech support.
     
  3. satcrazy

    satcrazy Icon

    1,021
    19
    Mar 15, 2011
    Great...
    So,
    The only thing to do is back up all files, and f/disk?

    Would also like to know what program you and wilbur use for general security.

    I'm currently using Bit Defender, but when it expires, I'm thinking Kaspersky.
     
  4. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    For AV, I like Kaspersky. I generally don't like the suites (from anyone). But just as important (maybe even more so), is keeping everything updated. I like a free program called PSI from Secunia. It keeps track of all your software and tells you when a security update comes out, when it is end of life etc.

    AV is a part of online security, but cannot be the only aspect. If malware can use a vulnerability to get in, AV can be powerless to stop it. It's not enough to just say, don't go to sketchy sites. While those of course can make you a target, malware can wind up on legit sites, either due to the site itself being compromised, or through an ad. A subsite of the LA Times had malware for 6 weeks recently.

    http://secunia.com/vulnerability_scanning/personal/

    A lot of it is just common sense. If a site tells you that a particular thing needs installed or updated (like new version of Flash), go to the publisher's site and get it from there.

    Krebs Three rules apply here:
    1) If you didn’t go looking for it, don’t install it; 2) If you installed, update it. 3) If you no longer need it, get rid of it! (#3 especially applies to Java lately)

    I also don't reuse passwords, every site has it's own, my primary email I have set to require two factor authentication when it's a system that I haven't told it to trust.

    One thing I should point out, I'm not an expert like Wilbur, I have an interest in the topic but he has the background.
     
  5. wilbur_the_goose

    wilbur_the_goose Hall Of Fame

    4,476
    49
    Aug 16, 2006
    dpeters - you're right on the money recommending PSI. Great product, highly recommended.

    satcrazy - that may or may not work. If the last backup had the malware present, but not active, you'd end up restoring the malware too. These aren't lonely high school kids trying to crash your PC - they're organized criminals that hire professionals to commit crime. Kaspersky is good, and I've used Eset too. The ones I really don't like are McAffee and Norton - they come with a lot of bloat and have a big memory footprint.

    It's also a good idea to run something like Malwarebytes once in a while. And, if you're on Windows, be sure to run the "Malicious Software Removal" tool that comes down as part of Windows Update monthly.

    If you're interested in cybercrime, check out my favorite report: The 2012 Verizon Data Breach Report: http://www.verizonenterprise.com/re...each-investigations-report-2012-ebk_en_xg.pdf

    (This isn't the VZ you probably know - they run a really great IT security practice)
     
  6. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    Yippee, Krebs just tweeted that NBC.com has malware. Not going there for obvious reasons, but sounds like it could be an iframe with Citadel.
     
  7. satcrazy

    satcrazy Icon

    1,021
    19
    Mar 15, 2011
    Great...
    dpeters,

    Thanks, will get psi.

    Will also remember the 3 rule theory.

    I have my pc set up with Admin and [limited] User Accounts, with passwords for all.

    So if youtube wants you to update flash, go to adobe web site. Got it.

    Wilbur-

    So if back up is iffy, what's the best choice here?

    I'm embarassed to admit this, I thought the malicious software removal tool was autorun. Could I get instruction on how to run this, and where it is located?

    I've not heard of Eset, will look at that as well.

    Now, on to read those articles and do my updates.

    Thanks again to both of you.
     
  8. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    Right, and never use the admin account for anything other than what you really need it for. Always do day to day things limited.

    Eset is also good, their product is NOD32. I would probably just use the AV product, not the suite. If you have more than two systems, the Family Security Pack is a steal. Keep in mind, AV is one small part of this. Running NBC.Com through a site called Virustotal today, it used 46 virus scanners to scan. 3 caught the malware. You can't say that one of those 3 are the good ones, they will not pick up something else. It's not really a negative against the AV companies, it just shows the size of the problem. Things were simpler when a virus was spread by floppy and just made the characters fall to the bottom of the screen. The motive was much different.

    You still want a backup, as a general rule. Having a local backup, like to DVD is good, but disks go bad. You also want offsite backup. I use Carbonite for this. It starts at $60 a year, but it's unlimited. By default, it encrypts your data with their key, but you can make your own. Of course if you lose your own key, they can't help you.

    Carbonite may help if you get this kind of malware, but I can't say for sure. It's not a network drive, and you can restore previous versions of files.
     
  9. wilbur_the_goose

    wilbur_the_goose Hall Of Fame

    4,476
    49
    Aug 16, 2006
    satcrazy - dpeters11 has all the right answers :)
    Want a job? :)
     
  10. acostapimps

    acostapimps Hall Of Famer

    1,866
    50
    Nov 5, 2011
    Illinois
    that's why I do windows and security updates every chance I get it. so to not run into problems like this or any virus or malware.
     
  11. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    Just keep in mind, it can still happen fully patched, so stay vigilant. Actually, I believe the latest Flash patch (third this month) is for a 0-day vulnerability.

    But there is a point where you've done everything you can and at least minimized the risk.
     
  12. wilbur_the_goose

    wilbur_the_goose Hall Of Fame

    4,476
    49
    Aug 16, 2006

Share This Page