KER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLION Victims of the CryptoWall ransomware have been extorted out of at least $1m. Despite a takedown operation in June, CryptoWall continues to be the largest and most destructive ransomware threat on the internet, according to the latest analysis of the threat by security researchers from Dell SecureWorks Counter Threat Unit. …
Good article, but why cover this when my, I mean Julian Assange's story is still playing out. Sure Syria, Gaza, Ukraine, are important, but people die all the time. It's not new. The day-to-day life inside the Ecuadorian embassy is not easy and that's real news. You should be asking what it's really like for a 43 year old Australian to defend liberty and freedom for all while cooped up at Flat 3B, Hans Crescent. You remember Bradley Cooper and the way Wikileaks supported him with a collection to cover his legal fees? That money will get to him soon to aid in his trial defense. We need to hear more about that! No wait a sec. Let's more on to more interesting items.
That Edward Snowden bloke is just so last year. People want to hear more in-depth reporting on the impact of Julian's releasing hundreds of thousands of diplomatic cables. Quotes from embarrassed politicians are what sell newspapers and generate donations to Wikileaks. No one wants to hear about Swedish extradition orders or any sexual allegations of a completely unfounded nature. How is this news?
Then there's the food issue. You wouldn't believe what the Ecuadorians serve for dinner every night. You can only eat so many llapingachos and ceviche before you really start craving a takeaway curry. Then there's the popcorn. Served with every meal? Really? And it's plain; no butter or salt. Can't nip down the road for McDonalds every now and then chaps? Oops, it seems I wandered from the central topic which is, of course, Julian Assange. Everyone needs to know more about this vigilant champion of every man's freedom and his struggle to avoid American incarceration. He even said he was leaving the embassy soon so you know big things are coming. He'll get so many back pats from congratulatory police officers as he leaves that it'll leave bruises.
More Julian news, and much less reporting on everything else is what we should take from this exchange. So if you see an article that does not mention my, I mean Julian's, name you should be haranguing that writer for blatantly biased reporting. Right, time for my exercise. I think I'll walk around my room counterclockwise tonight.
Signed,
Anonymous
Then looked at a catalogue of backup tools.
Not sure those would help if the malware does indeed encrypt everything in sight including removable storage and network drives. Unless one realizes immediately what's going on, the backups might end up getting encrypted too (or equally bad, backing up encrypted stuff, assuming it's not a multi-version scheme) - then what...?
Which is why any scheme worthy of the name "backup" includes offline (and offsite) copies. Perhaps not updated as often as the local ones, but all the same - if your house burns down then your in-house backups are as useful as the original files that also went up in the flames.
Not all backup systems present the "backup" as files on the regular file system.
How about rsync to a remote system that has no obvious log-in? Said system could also have features like file system snap-shops so you could roll-back even if said remote file system is deleted/encrypted.
I don't have a dog, either.
Or any number of bank accounts, ISP's, credit cards or Facebook account using my 'proper' email address.
Oh, nor have I made any accident claims
But faxes?
I've seen these in the spam box but -- faxes -via email ?
May be the fax is an email attachment - in PDF?
Yeah - I get the spam emails about a facebook message waiting for me.
Given that I'm probably the world's biggest social media hater and do not in fact have a facebook account I doubt that very much.
And thank you, but I am neither bald, fat nor impotent. And I doubt again that I really have won a lottery that I haven't bought a ticket for.
I mean seriously, which MORONS still click on this stuff???
A corporate level multi-function printer/copier can receive a fax and route it as email.
You can also send it from your desktop.
And yes it generally is converted into a pdf attachment.
Although I suspect very few people under 30 have even seen a fax.
Banking still use them (mortgages and such) and given the economy most in that age group are not likely to use them.
"When you double-click on the fake PDF, it will instead infect your computer with the CryptoWall infection and install malware files"
Would using a PDF viewer that don't execute scripts help in preventing infection, same with disabling ZIP attachments, and so on.
To update the above, I've just had a look at a spam email attachment "invoice_<random digits>.zip" - it contains "invoice_<different random digits>.exe" - in other words, not even attempting to hide the file type. This may or may not be CryptoWall - perhaps I should try executing it using wine? ;)
It's funny how I've seen hundreds, probably thousands of adverts on TV telling me not to drink too much, not to drink and drive, to put my seatbelt on, not to fly kites round pylons, to wear a bike helmet, and other "stay safe" adverts on TV.
I don't think I've ever seen an advert that warns me not to click on email attachments, or that popups telling me I have malware might be scams. I've never seen an advert that to warn me that MS doesn't call customers randomly telling them they're infected. Never.
I mean it's fine for us who know, but they just sell PCs and laptops to anyone, and there's no responsibility at all. I remember cleaning a neighbour's PC and saw a weird thing in the tray. This person was paying a subscription to their own malware. I'm not kidding. It was heartbreaking to tell them that. They had a direct debit set up and everything.
Businesses are business. They should be training their staff anyway, but every time I get a phone call from "Windows support" I'm sure the people down the road can hear the tirade of vitriolic abuse I give them.
But ransomware is particularly nasty. These guys have made a million bucks and STILL no ad campaign. Malware signatures and detection should be open sourced so that if Comodo finds something, keeping it secret from Avast is not an option. They should be made to compete on features, not on security.
all very true hippy, maybe signed files might help, this pain in the arse UAC stuff is probly saving a few people. But with the likes of Oracle and Adobe pushing shit like ask toolbars mcAffee free trial crap at every update its no wonder people get confused.
maybe people could opt for a walled garden setup when they buy the pc, that might help.
just having a few basic rules pounded into their heads would also help , i suppose they have to want to help themselves..
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
