CryptoLocker

[The Shaggy D.A.]

Firstly, I've put this here as it should get the audience who don't visit The Geek Zone.

I've just spent a couple of hours sorting the wife's laptop of the aformentioned CuntWare. Not heard of it before today, the virus itself is easy to get rid of, but once running it trundles through the PC, encrypting files as it goes, which it then holds to ransom. They hold the other half of the encryption key, and will only perform the decrypt on the receipt of BitCoins.

Bottom line, if you have files that you can't live without, for fuck's sake keep a backup somewhere.

https://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
____________________
Chances are quite high you are not in my Monkeysphere, and I don't care about you. Don't take it personally.
Currently : Royal Enfield 350 Meteor
Previously : CB100N > CB250RS > XJ900F > GT550 > GPZ750R/1000RX > AJS M16 > R100RT > Bullet 500 > CB500 > LS650P > Bullet Electra X & YBR125 > Bullet 350 "Superstar" & YBR125 Custom > Royal Enfield Classic 500 Despatch Limited Edition (28 of 200) & CB Two-Fifty Nighthawk > ER5

[Ariel Badger]

Did she pay the cnuts?
____________________
Bikers make great organ donors, get 115 on your licence today.

[-Matt-]

Interesting use of bitcoin still a bit on the fence about them personally, banning them is a bit like banning money as it used for drugs and arms trading, but on the other hand as a currency it does play into the hands of some undesirable activities.

[Benno]

Ah crap I don't even have an antivirus program any more

better get one!
____________________
I'm autistic. That means I'm smarter than you.

[-Matt-]

[Benno]

[Rogerborg]

[The Shaggy D.A.]

[doggone]

This typically comes from an email attachment and probably won't be stopped by antivirus if you open it.

[JonB]

Thanks for the link Shaggy.

This is going to really screw up non-IT literate people quite badly in the sense they will be probably pay money to decrypt files.

I'm actually quite annoyed that my version of Windows 8 does not have a Local Security Policy editor so I cannot manually ban programs installing themselves from the appdata directory. Microsoft need to sort this so that we can protect themselves. I'm not sure anti-virus alone will stop this.

Given that MS have introduced security measures so that I have to press "yes" when installing absolutely anything it is pretty humiliating for them that someone has found an obvious loophole.

Finally, it goes to show that Bitcoins usefulness is only for soliciting illegal activity.
____________________
Be careful whose advice you buy, but, be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than it?s worth.

[GhostRider]

[ThoughtContro...]

[Ariel Badger]

I have the following email. I am not expecting a delivery and it is marked as "Virus" ( By who or what I do not know) I will not be opening it but I am sure many people would.
____________________
Bikers make great organ donors, get 115 on your licence today.

[Hetzer]

There's a reason MS is worth a quarter of what it used to be worth. Just as it's obvious that W8 is part of the deliberate dollar-whoring scam of shit/good/shit/good/shit OS releases.

I predict they'll go the same way with the OS as they have with their Office program, we'll be paying a yearly licence.
____________________
"There's the horizon! Ride hard, ride fast and cut down all who stand in your way!"

[dydey90]

If this happens then the files are lost. The virus doesn't have the capacity to decrypt the files even if you are daft enough to pay.
____________________
This post is probably not serious and shouldn't be taken literally.
Past: CBR125,ER6f NINJA 650, ZZR600 Current: VFR750

[doggone]

Not entirely true, some reports early on said paying the fee did work however it's probably got to the stage now where they can't keep up with the 'workload' !

[ThoughtContro...]

[Going]

This has be around for quite a while. On a side note I heard that it will encrypt files that come under a drive letter, not just on Windows part.
(Like; Connected phone, USB drive, Cloud sorage etc)

[Flatbadger]

This is buried within the text of the first link in the thread, so don't panic if you're careful -

[Pol Anorl]

they are encrypted with a 256 bit AES key. The AES key is then encrypted by the malware using RSA keys. In order to decrypt file to get the AES key, you would need both the public RSA key and the private RSA key which is held on the attackers server. Without these keys you are screwed.

RSA 2048 will take mega years to decrypt..

create a rule to block executables running from a subfolder of %AppData% thatl help you block it if you do end up getting it.

microsoft security essentials does have a strong signature on cryptolocker so should also block it pretty well

As ive just found, the base version of cryptolocker was released to the public on hackforums on the 20th of this month...

shits gona spread so hard now.. and eventually die down.
____________________
GOOD GAME BODYGUARD: https://i.imgur.com/8WePGgf.jpg
20:30:37 Pyro.: I don't sort of like men, I take every advantage to choke on dick.
Jewlio Iglesias: You live in Liverpool - Chances are, the front door has already been kicked off the hinges

[-]

I had a couple of business customers who lost a lot of files because of this. After nobbling the local my docs it set about their network drive.

On another note, if you have a backup which just makes copies of files rather than compiling a large single backup file, don't leave it plugged in.

[t121anf]

One evil bit of computing genius...

[Ribenapigeon]

[-Matt-]

That was what i said . People can't go round banning a form of curreny as someone decides to use it for nefarious purposes or we'd have no currencies in the world.

I think the difference with bitcoin is its just opened up a few more avenues of activity previously unseen, but that doesn't justify banning it really, as theres plenty of negative activities bitcoin can't be used for that normal currency can also.

[duhawkz]