Serious Virus Threat - READ THIS!

[djMot]

This came to my attention today.  BE CAREFUL PEOPLE !!!

 

http://windowssecrets.com/top-story/cryptolocker-a-particularly-pernicious-virus/

 

 

[baldie]

Thanks for the Heads up mate precautions are now in place

[DEEJAYKEG]

Yes, this is a bad bastard.  It's especially bad news because it will seek out all drives that you can see from Windows Explorer

and encrypt their contents too.  So, if as most of us have done in the past, one backs up to another hard drive visible to

Windows, the back-up would be encrypted too!

 

Two possible solutions, one of which I have implemented after reading about this thing a few days back:

 

i) Make an external portable hard drive your back-up drive and disconnect it after performing the back-up;

ii) Back up by imaging the hard drive.

 

There are tools freely available to remove the crypto virus from your system BUT your files cannot be decrypted by

anyone other than the criminals.  Naturally, the police ask that we do not pay the crims but some people view the loss

of some data more costly than the fee (said in the report I read to be BC2 - two Bitcoins valued around $280).

 

Whilst this virus is in the wild and there is potentially a risk that anyone could be affected, those who visit high risk

web sites are those asking for trouble.

 

If you like boobs and bums so much that you have to seek them out online, best do so on a system not connected

in any way to computers or hard drives containing your treasured family snaps or crucial family, business or legal

documents...  Also be wary of running downloaded software and using USB pen drives.

 

Here's a video of this sucker running.  It looks like Sophos could block it.

 

http://youtu.be/Gz2kmmsMpMI

[tsw 8.5]

thanks mr djMot.. good to know what's out there ..

[Sammy]

Yikes. Another sign to never, ever, open a zip file or exe from an email. Avast has an option that asks you whether or not to execute a program. I assume this would help and if some program you didnt open wants to run say no.

[djMot]

Yeah, and it might also be a good idea to turn the dreaded User Account Control back ON if you have it off.

 

See here:  http://windows.microsoft.com/en-us/windows-vista/turn-user-account-control-on-or-off

[Sammy]

A pain in the ass but better that than an infected computer.

[FlyingDutch]

This is a pain in the arse - though not impossible to get rid of.  Involves rebooting into safe mode, checking what software loads up during startup and removing it.  Resetting browsers back to standard and then going through your registry.  I have successfully removed this a few times from clients pc's.  Don't feel you have to reset your computers there is a way out.  

 

This sort of virus now has its own category and its called "RansomWare".

 

Don't fall for it - its a complete and utter con !

[djMot]

@FlyingDutch - no.  This is not reversible without a decryption key.  RansomWare has evolved.  There is actually a client/server cryptography engine in this payload.  It encrypts files.  Once encrypted, you must have the engine and the key from the server to recover those files.  I'm not suggesting anyone pay the ransom, but this is effectively no different from viruses that delete or format hard drives.  It is almost certainly going to cost you massive data loss if you're infected.  Yes you can remove the virus, but removing the virus still leaves you with encrypted, and therefore useless files.  Once this badboy has done it's work, you're effectively fucked.

 

As the article points out, the biggest threat is through the social engineering that compels you to take some action out of fear, or even just because you think it's legitimate. I get tons of spam from the USPS, UPS, FedEx, etc., containing "shipping information" or "missed delivery" notifications.  Now what it you really had ordered something and got one of these notices at just about the right time?  Or what if you actually have an account with Wells Fargo or Chase bank and got an email that appears to be a dead ringer for the legitimate emails you normally get from them.  Only this time, you're being told there seemed to be a suspicious attempt to access your account and that you should do this or that to verify the security of your account.

 

I've stopped dead in my tracks more than once and for a moment pondered the authenticity of a message I'd received.  But that's just what they're hoping for - a knee-jerk reaction.  Pull the trigger - open that file, click that link.  BOOM!

[CobraBites]

safe bet...dont download shit from emails....dont go to porno sites...best protection in the world rt there....and make sure u have up to date virus system with live online access scanner works for me i dont get no virus at atll...

[eidolonFIRE]

Ah, another reason to use linux.

 

I would use linux 24-7 if I could game on linux

[Shamu]

I had not seen this post before I had put up my post on the same subject. However reading through alerted me to following one of the suggestions.

 

On my main PC I do have an external hard drive and will backup my files there and then disconnect from the PC or turn off.

 

I also run 3 PC's and usually each is updated as it is used. I have my home desktop PC, my business laptop and a desktop PC in my Pocono house. All are kept relatively up to date.

 

FYI, IMHO if you do not already have an external hard drive they are a very good optional item to have on hand.

[JohnnyQuest]

Yeah Shamu....i have always had a 20 dollar docking station with a 1T hdd.usb3......always store my backups there and follow the disconnect method as well..its an easy and cheap way to never lose anything...as well i have a 240g ssd that doesn't need a bunch of unnecessary junk on it,hence the docking station...hell i have five year old hdd's from other machines that i use for donours...lol lots of storage,,,and the docking station take both sizes of hdd's a good 20 buck investment.

[Damage_inc-]

OMF ITS LIKE THAT 2000 BUG AGAIN.HOLY FUCK!!!

[SirFartalot]

I don't know why people go out of their way to do this crap. We all enjoy the internet etc. Thanks for letting us know.

Cheers

[Dukoo]

Thanks for the Heads up