Cryptolocker ransomware has 'infected about 250,000 PCs'

Started by zappaDPJ, Dec 24, 2013, 16:43:34

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

zappaDPJ

QuoteA virulent form of ransomware has now infected about quarter of a million Windows computers, according to a report by security researchers.

Cryptolocker scrambles users' data and then demands a fee to unencrypt it alongside a countdown clock.
http://www.bbc.co.uk/news/technology-25506020

I don't think it's being too alarmist to state that this is probably the worst threat to your computer data that there's ever been. My local PC repair shop has started to see a few PCs/laptops infected with this and once you've got it your data is gone. The full article contains some good advice and external links which might help protect your data including...


  • Install software that blocks executable fields and compressed archives before they reach email inboxes
  • Check permissions assigned to shared network drives to limit the number of people who can make modifications
  • Regularly back-up data to offline storage such as Blu-ray and DVD-Rom disks. Network-attached drives and cloud storage does not count as Cryptolocker can access and encrypt files stored there
  • Set each PC's software management tools to prevent Cryptolocker and other suspect programs from accessing certain critical directories
  • Set the computer's Group Policy Objects to restrict registry keys - databases containing settings - used by Cryptolocker so that the malware is unable to begin the encryption process
zap
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

colirv

Colin


Simon

I thought Windows 7 and later already blocked executables.  Isn't that what UAC is all about?
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

pctech

It supposedly challenges anything that would require admin level access but I don't think encrypting files comes under admin level access anymore.

Clive

Thanks Colirv, I've successfully installed it on my netbook and will now install it on both laptops.   :thumb:

zappaDPJ

Quote from: Simon on Dec 24, 2013, 19:53:32
I thought Windows 7 and later already blocked executables.  Isn't that what UAC is all about?

That would depend on your settings, whether or not you run as an administrator and of course whether you choose to take notice of any warnings that occur. The general answer to your question however is that UAC did not stop it for the quarter of a million users already infected and the majority of those were likely to be running it.

This is probably the best resource on the web if you want to learn more: http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
zap
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

I have F-Secure and MalwareBytes Pro, so hopefully, with a little common sense and safe surfing practices, I should be OK.   :fingers:
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Steve

Quote from: Simon on Dec 24, 2013, 21:20:29
I have F-Secure and MalwareBytes Pro, so hopefully, with a little common sense and safe surfing practices, I should be OK.   :fingers:

Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

zappaDPJ

zap
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Baz

Quote from: zappaDPJ on Dec 24, 2013, 16:43:34


  • Install software that blocks executable fields and compressed archives before they reach email inboxes


What software is recommended to do this. Is the one linked by Colirv any good

Gary

Quote from: Simon on Dec 24, 2013, 21:20:29
I have F-Secure and MalwareBytes Pro, so hopefully, with a little common sense and safe surfing practices, I should be OK.   :fingers:
I dont think there is such a thing as safe surfing anymore, one dns redirect and you have been got, not a lot you can do when that happens...
Damned, if you do damned if you don't

zappaDPJ

Quote from: Baz on Dec 25, 2013, 07:48:20

What software is recommended to do this. Is the one linked by Colirv any good

It's something to look for in your email client Baz.Outlook for example does it by default.
zap
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

JD_LincsUK

I was just reading this at the Beeb a few minutes ago.

I find it beggars belief that people are still clicking links in e-mails (especially unexpected ones), which, according to the story, is how this malware is triggered.

It's very hard to be sympathetic in that kind of scenario.

Gary

Quote from: JD_LincsUK on Dec 25, 2013, 20:23:22

It's very hard to be sympathetic in that kind of scenario.
There are people out there with very little computer knowledge who don't realise the net is a scam ridden malware laced hell hole if you are not careful. My mother is one that may click a link, she is older and cannot always tell the difference between spam emails and real ones, I have met younger people too, they are not stupid, they just don't realise the threats or don't scour tec sites reading up on all this. They just want to go online and enjoy the web. As many people have said maybe there should be a basic computer literacy and security leaflet given with every new pc/tablet to help people understand the threats.
Damned, if you do damned if you don't

Technical Ben

Sadly though, those same people often fall for some knocking at the door.
It's those who check ID at the door, check written mail/phone calls who don't fall for the email/net scams (but often don't click anything, but it's a better stance non the less).
I use to have a signature, then it all changed to chip and pin.

zappaDPJ

It really depends how much effort you want to put into it. Does everyone for example check on the previous price of that never to be repeated half price offer that was at one time being sold cheaper than the offer price? Are you aware that many customer service help line calls are charged at a premium rate? The problem is there's always a new scam and while common sense will protect you the majority of the time it's not always foolproof e.g. I never use our land line but I recently had to spend hours on the phone to Sky. I even put the phone down before the hour was up not realising that call was costing me dear from the second I got through ::)
zap
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

Yep, not clicking on links in e-mails is a far better idea.

Having an ex directory number also reduces the likelihood of calls from 'the bank' and even when I do get calls I will tell them I will call them back on a number that I know is legitimate to discuss any matters (its usually marketing anyway)

Alas it doesn't seem to stop the PPI claim companies but you can't win 'em all I guess.


Glenn

Tell your council to keep your voting details off the register helps too.
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

Yep we do that too.

Also had an entry phone installed so we don't actually have to open the front door which thwarts any attempts to barge in.


Technical Ben

Quote from: zappaDPJ on Dec 29, 2013, 14:29:37
It really depends how much effort you want to put into it. Does everyone for example check on the previous price of that never to be repeated half price offer that was at one time being sold cheaper than the offer price? Are you aware that many customer service help line calls are charged at a premium rate? The problem is there's always a new scam and while common sense will protect you the majority of the time it's not always foolproof e.g. I never use our land line but I recently had to spend hours on the phone to Sky. I even put the phone down before the hour was up not realising that call was costing me dear from the second I got through ::)
Yes (I do).
I use to have a signature, then it all changed to chip and pin.

JD_LincsUK

Quote from: Gary on Dec 29, 2013, 10:20:30
There are people out there with very little computer knowledge who don't realise the net is a scam ridden malware laced hell hole if you are not careful. My mother is one that may click a link, she is older and cannot always tell the difference between spam emails and real ones, I have met younger people too, they are not stupid, they just don't realise the threats or don't scour tec sites reading up on all this. They just want to go online and enjoy the web. As many people have said maybe there should be a basic computer literacy and security leaflet given with every new pc/tablet to help people understand the threats.

Gary, the not clicking on attachment advice has been repeated ad infinitum on every TV and Radio station news and similar progs over the last 10 years - usually when something like this story crops up (yet again).

But then, just like some do things they know they shouldn't and complain of the consequences, others will argue, regardless.  :swoon:

Technical Ben

I find it's opinion that is hardest to overcome. Such as those who insist they know a software is "speeding up the computer because the add said it would" or the smiley software "is safe because they want smileys". Any evidence to the contrary is met with "but the add said" or "but I want it". Well, how to you counter that?
I use to have a signature, then it all changed to chip and pin.