Help & FAQs    Search BCF    Members    Groups    Events Calendar
Resend my activation email : Register : Log in 
BCF: Bike Chat Forums


Locky Ransomware

 Reply to topic
Bike Chat Forums Index -> The Geek Zone
View previous topic : View next topic  
Author Message

Jayy
Mr. Ponzi



Joined: 08 Jun 2009
Karma :
PostPosted: 14:55 - 06 May 2016    Post subject: Locky Ransomware Reply with quote
Friend of mine has had his work laptop nailed by this locky ransomware. It only has/had invoices, letter heads, etc on it but still, as far as I can tell, there's no way round this one other than prevention/backups?
 Back to top
View user's profile Send private message You must be logged in to rate posts

TbirdX
Crazy Courier



Joined: 06 Dec 2015
Karma :
PostPosted: 15:53 - 06 May 2016    Post subject: Reply with quote
Tell him to stop going to Mexican midget amputee porn sites and he'll be fine.
____________________
VFR800X - CFMoto 450MT - TTR250
 Back to top
View user's profile Send private message You must be logged in to rate posts

CaNsA
Super Spammer



Joined: 02 Jan 2008
Karma :
PostPosted: 16:02 - 06 May 2016    Post subject: Re: Locky Ransomware Reply with quote
Jayy wrote:
there's no way round this one other than prevention/backups?


You are correct.
 Back to top
View user's profile Send private message You must be logged in to rate posts

Jayy
Mr. Ponzi



Joined: 08 Jun 2009
Karma :
PostPosted: 16:11 - 06 May 2016    Post subject: Reply with quote
That's pretty much what I told him, other than back ups or prevention, you be fucked Laughing

Tbird... for educational purposes, such as where? Very Happy
 Back to top
View user's profile Send private message You must be logged in to rate posts

CBFcarl
Nearly there...



Joined: 29 Oct 2013
Karma :
PostPosted: 16:24 - 06 May 2016    Post subject: Reply with quote
I had this a few years ago. "my brother" had been browsing specialist sites and then got a lock screen from "Met Police E-crime department". Logged in as alternative user, installed malwarebytes and ran a full computer check. Found and removed ransomeware, did full AV check after. Rebooted and was able to log in with no lasting damage.
____________________
thx1138 wrote: Well if you had a car, I'd bet it would smell like urine had had drunken sex with vomit and made a poo baby.
Polarbear wrote: They are all old now. Probably had more abuse that a Rotherham schoolgirl.
Hellkat wrote: I want to know if Nigella smells of garlic, or just minge.
 Back to top
View user's profile Send private message You must be logged in to rate posts

Ste
Not Work Safe



Joined: 01 Sep 2002
Karma :
PostPosted: 16:54 - 06 May 2016    Post subject: Reply with quote
CBFcarl wrote:
I had this a few years ago. "my brother" had been browsing specialist sites and then got a lock screen from "Met Police E-crime department". Logged in as alternative user, installed malwarebytes and ran a full computer check. Found and removed ransomeware, did full AV check after. Rebooted and was able to log in with no lasting damage.

That sounds like the most amateur ransomware ever. Razz
 Back to top
View user's profile Send private message Visit poster's website You must be logged in to rate posts

P.addy
Red Rocket



Joined: 14 Feb 2008
Karma :
PostPosted: 16:59 - 06 May 2016    Post subject: Reply with quote
CBFcarl wrote:
I had this a few years ago. "my brother" had been browsing specialist sites and then got a lock screen from "Met Police E-crime department". Logged in as alternative user, installed malwarebytes and ran a full computer check. Found and removed ransomeware, did full AV check after. Rebooted and was able to log in with no lasting damage.


That is definitely not ransomware.

I've got various bits here if you want to try switching user and doing an AV scan. Let me know how you get on Whistle

I see at least....2 or 3 cases a week in normal operating hours.
 Back to top
View user's profile Send private message Send e-mail You must be logged in to rate posts

J.M.
World Chat Champion



Joined: 27 Mar 2011
Karma :
PostPosted: 17:26 - 06 May 2016    Post subject: Reply with quote
The files are only lost if it's a ransomware that encrypts files - otherwise just plug the HDD into another machine.
____________________
2004 R1 & 2018 XSR900
 Back to top
View user's profile Send private message You must be logged in to rate posts

Jayy
Mr. Ponzi



Joined: 08 Jun 2009
Karma :
PostPosted: 17:34 - 06 May 2016    Post subject: Reply with quote
J.M. wrote:
The files are only lost if it's a ransomware that encrypts files - otherwise just plug the HDD into another machine.


It does, with 2048bit RSA encryption. They fucked Laughing
 Back to top
View user's profile Send private message You must be logged in to rate posts

dydey90
World Chat Champion



Joined: 01 Oct 2013
Karma :
PostPosted: 18:21 - 06 May 2016    Post subject: Reply with quote
I once got something similar on an old laptop that was used exclusively for... browsing... but it must have been in the early days of ransomware. Police screen flashed up but there were several typos on it so even though I'd never heard of that sort of thing at the time, I knew it wasn't legit.

Ctrl + Alt + Del actually went through it.
____________________
This post is probably not serious and shouldn't be taken literally.
Past: CBR125,ER6f NINJA 650, ZZR600 Current: VFR750
 Back to top
View user's profile Send private message You must be logged in to rate posts

ScaredyCat
World Chat Champion



Joined: 19 May 2012
Karma :
PostPosted: 18:25 - 06 May 2016    Post subject: Re: Locky Ransomware Reply with quote
Jayy wrote:
Friend of mine has had his work laptop nailed by this locky ransomware. It only has/had invoices, letter heads, etc on it but still, as far as I can tell, there's no way round this one other than prevention/backups?


Depends what it is....

Find out: https://id-ransomware.malwarehunterteam.com/

Then have a look...

https://noransom.kaspersky.com/

https://www.grahamcluley.com/2016/03/ransomware-author-decryption-keys/

https://www.theregister.co.uk/2016/03/16/locky_ransomware_undone_for_now/

https://www.dropbox.com/s/n4lfdv9ti8sbwtu/decrypted_keys.csv?dl=0

https://www.bleepingcomputer.com/forums/t/601765/locked-ransomware-support-and-help-topic-read-ittxt/?p=3953491
____________________
Honda CBF125 ➝ NC700X
Honda CBF125 ↳ Speed Triple
 Back to top
View user's profile Send private message You must be logged in to rate posts

James83
Crazy Courier



Joined: 10 Apr 2013
Karma :
PostPosted: 04:25 - 07 May 2016    Post subject: Reply with quote
Paddy. wrote:
That is definitely not ransomware.

I've got various bits here if you want to try switching user and doing an AV scan. Let me know how you get on Whistle

I see at least....2 or 3 cases a week in normal operating hours.


That's what old school ransomware was. It was just an application that didn't give you any option to close it. That was enough to cripple and fool the average end user into 'paying the fine' or whatever it claimed payment was needed for. The crypto stuff is new wave.

I remember being called to a customers house for one of those, its angle was 'You watched some porn, now you owe us money for it'. She had grounded her son for watching the porn, and handed over her credit card number, then called us (Her ISP) when it still showed up.

No amount of explaining would have her believe that you couldn't be retroactively charged for watching porn and that she should cancel her credit cards. Felt bad for her son, although let be honest, it probably was from watching porn, just not the porn it was claiming.
____________________
Jonathan A wrote: tart.
 Back to top
View user's profile Send private message You must be logged in to rate posts

Jayy
Mr. Ponzi



Joined: 08 Jun 2009
Karma :
PostPosted: 11:50 - 07 May 2016    Post subject: Reply with quote
This lockey ransomware is particularly well made according to several security blogs and as such, unless someone breaks the encryption (un-likely) not much you can do.

It's pretty simple really, don't go opening attachments from people you don't know or even people you do know, unless you are specifically excepting one.

Common sense prevails.
 Back to top
View user's profile Send private message You must be logged in to rate posts
Old Thread Alert!

The last post was made 10 years, 18 days ago. Instead of replying here, would creating a new thread be more useful?
  Display posts from previous:   
This page may contain affiliate links, which means we may earn a small commission if a visitor clicks through and makes a purchase. By clicking on an affiliate link, you accept that third-party cookies will be set.

Post new topic   Reply to topic    Bike Chat Forums Index -> The Geek Zone All times are GMT + 1 Hour
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Read the Terms of Use! - Powered by phpBB © phpBB Group
 
Debug Mode: ON - Server: birks (www) - Page Generation Time: 0.09 Sec - Server Load: 1.83 - MySQL Queries: 13 - Page Size: 76.94 Kb