Jump to content


Welcome to DBSTalk


Sign In 

Create Account
Welcome to DBSTalk. Our community covers all aspects of video delivery solutions including: Direct Broadcast Satellite (DBS), Cable Television, and Internet Protocol Television (IPTV). We also have forums to discuss popular television programs, home theater equipment, and internet streaming service providers. Members of our community include experts who can help you solve technical problems, industry professionals, company representatives, and novices who are here to learn.

Like most online communities you must register to view or post in our community. Sign-up is a free and simple process that requires minimal information. Be a part of our community by signing in or creating an account. The Digital Bit Stream starts here!
  • Reply to existing topics or start a discussion of your own
  • Subscribe to topics and forums and get email updates
  • Send private personal messages (PM) to other forum members
  • Customize your profile page and make new friends
 
Guest Message by DevFuse

Photo

New Internet Scam - ‘Ransomware’ Locks Computers, Demands Payment


  • Please log in to reply
31 replies to this topic

#21 OFFLINE   wilbur_the_goose

wilbur_the_goose

    Hall Of Fame

  • Registered
  • 4,399 posts
Joined: Aug 16, 2006

Posted 21 February 2013 - 06:17 AM

Krebs is a giant in the ITSec world. Good article on ransomware: http://krebsonsecuri...ware-operation/

...Ads Help To Support This SIte...

#22 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 12,916 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 21 February 2013 - 07:22 AM

Listening to the podcast now, very interesting on how the business of this stuff actually works. I didn't really realize when you buy an exploit kit, it could com with a license agreement that it could only be used against a particular domain, with add on packs and tech support.

#23 OFFLINE   satcrazy

satcrazy

    Icon

  • Registered
  • 733 posts
  • LocationGreat lakes, NW Pa.
Joined: Mar 15, 2011

Posted 21 February 2013 - 11:37 AM

So,
The only thing to do is back up all files, and f/disk?

Would also like to know what program you and wilbur use for general security.

I'm currently using Bit Defender, but when it expires, I'm thinking Kaspersky.

#24 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 12,916 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 21 February 2013 - 12:04 PM

For AV, I like Kaspersky. I generally don't like the suites (from anyone). But just as important (maybe even more so), is keeping everything updated. I like a free program called PSI from Secunia. It keeps track of all your software and tells you when a security update comes out, when it is end of life etc.

AV is a part of online security, but cannot be the only aspect. If malware can use a vulnerability to get in, AV can be powerless to stop it. It's not enough to just say, don't go to sketchy sites. While those of course can make you a target, malware can wind up on legit sites, either due to the site itself being compromised, or through an ad. A subsite of the LA Times had malware for 6 weeks recently.

http://secunia.com/v...nning/personal/

A lot of it is just common sense. If a site tells you that a particular thing needs installed or updated (like new version of Flash), go to the publisher's site and get it from there.

Krebs Three rules apply here:
1) If you didn’t go looking for it, don’t install it; 2) If you installed, update it. 3) If you no longer need it, get rid of it! (#3 especially applies to Java lately)

I also don't reuse passwords, every site has it's own, my primary email I have set to require two factor authentication when it's a system that I haven't told it to trust.

One thing I should point out, I'm not an expert like Wilbur, I have an interest in the topic but he has the background.

#25 OFFLINE   wilbur_the_goose

wilbur_the_goose

    Hall Of Fame

  • Registered
  • 4,399 posts
Joined: Aug 16, 2006

Posted 21 February 2013 - 12:21 PM

dpeters - you're right on the money recommending PSI. Great product, highly recommended.

satcrazy - that may or may not work. If the last backup had the malware present, but not active, you'd end up restoring the malware too. These aren't lonely high school kids trying to crash your PC - they're organized criminals that hire professionals to commit crime. Kaspersky is good, and I've used Eset too. The ones I really don't like are McAffee and Norton - they come with a lot of bloat and have a big memory footprint.

It's also a good idea to run something like Malwarebytes once in a while. And, if you're on Windows, be sure to run the "Malicious Software Removal" tool that comes down as part of Windows Update monthly.

If you're interested in cybercrime, check out my favorite report: The 2012 Verizon Data Breach Report: http://www.verizonen...2-ebk_en_xg.pdf

(This isn't the VZ you probably know - they run a really great IT security practice)

#26 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 12,916 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 21 February 2013 - 12:47 PM

Yippee, Krebs just tweeted that NBC.com has malware. Not going there for obvious reasons, but sounds like it could be an iframe with Citadel.

Edited by dpeters11, 21 February 2013 - 01:03 PM.


#27 OFFLINE   satcrazy

satcrazy

    Icon

  • Registered
  • 733 posts
  • LocationGreat lakes, NW Pa.
Joined: Mar 15, 2011

Posted 21 February 2013 - 08:55 PM

dpeters,

Thanks, will get psi.

Will also remember the 3 rule theory.

I have my pc set up with Admin and [limited] User Accounts, with passwords for all.

So if youtube wants you to update flash, go to adobe web site. Got it.

Wilbur-

So if back up is iffy, what's the best choice here?

I'm embarassed to admit this, I thought the malicious software removal tool was autorun. Could I get instruction on how to run this, and where it is located?

I've not heard of Eset, will look at that as well.

Now, on to read those articles and do my updates.

Thanks again to both of you.

#28 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 12,916 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 21 February 2013 - 09:15 PM

Right, and never use the admin account for anything other than what you really need it for. Always do day to day things limited.

Eset is also good, their product is NOD32. I would probably just use the AV product, not the suite. If you have more than two systems, the Family Security Pack is a steal. Keep in mind, AV is one small part of this. Running NBC.Com through a site called Virustotal today, it used 46 virus scanners to scan. 3 caught the malware. You can't say that one of those 3 are the good ones, they will not pick up something else. It's not really a negative against the AV companies, it just shows the size of the problem. Things were simpler when a virus was spread by floppy and just made the characters fall to the bottom of the screen. The motive was much different.

You still want a backup, as a general rule. Having a local backup, like to DVD is good, but disks go bad. You also want offsite backup. I use Carbonite for this. It starts at $60 a year, but it's unlimited. By default, it encrypts your data with their key, but you can make your own. Of course if you lose your own key, they can't help you.

Carbonite may help if you get this kind of malware, but I can't say for sure. It's not a network drive, and you can restore previous versions of files.

Edited by dpeters11, 21 February 2013 - 09:24 PM.


#29 OFFLINE   wilbur_the_goose

wilbur_the_goose

    Hall Of Fame

  • Registered
  • 4,399 posts
Joined: Aug 16, 2006

Posted 22 February 2013 - 06:22 AM

satcrazy - dpeters11 has all the right answers :)
Want a job? :)

#30 OFFLINE   acostapimps

acostapimps

    Hall Of Famer

  • DBSTalk Club
  • 1,621 posts
  • LocationIllinois
Joined: Nov 05, 2011

Posted 27 February 2013 - 03:43 AM

that's why I do windows and security updates every chance I get it. so to not run into problems like this or any virus or malware.

Directv Genie DVR HR44-700
Directv HD DVR HR24-500
Directv HD Receiver H24-200
Directv Wireless Mini Client C41W-100 (Deactivated)
Directv Standard SD Receiver D12-700 

SWM 16  SWM 8-Way Splitter  SWM 2-Way Splitter  Slimline 5LNB  

Directv Subscriber From 2009-?


#31 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 12,916 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 27 February 2013 - 06:17 AM

Just keep in mind, it can still happen fully patched, so stay vigilant. Actually, I believe the latest Flash patch (third this month) is for a 0-day vulnerability.

But there is a point where you've done everything you can and at least minimized the risk.

#32 OFFLINE   wilbur_the_goose

wilbur_the_goose

    Hall Of Fame

  • Registered
  • 4,399 posts
Joined: Aug 16, 2006

Posted 28 February 2013 - 02:00 PM

Good paper on the subject: http://www.sophos.co...rus.pdf?dl=true

It'll download the report in PDF format to your PC.

(PS - The landing page is http://www.sophos.co...-antivirus.aspx . I wanted to add it here in case you wanted to avoid a blind download)




Protected By... spam firewall...And...