"Eastern Europeans go free"
The Czech's in the post...
Ransomware miscreants have developed a strain of malware that lets victims known that their computer has been encrypted verbally. The Cerber ransomware encrypts users' files using AES encryption before demanding an extortionate payment of 1.24 Bitcoins ($500) in order to supply a private key needed to decrypt files. The …
This post has been deleted by its author
This is the kind of user-friendly notification that would improve many other products; instead of making users check their file-systems for signs of infection, it gives a clear audio-confirmation that they're up Fertilizer Creek.
Clearly the black-hats have been profiling their market segment and have realised that the clueless, their best customers, are likely to miss the fact that they're infected for a significant period of time, potentially affecting cash flow (always a problem for a growing business).
They've also realised it's a good idea to avoid breaking the law in a country that can get their hands on you.
Could be a sign that "Malware Consultant" is now a thing.
"This is the kind of user-friendly notification that would improve many other products; instead of making users check their file-systems for signs of infection, it gives a clear audio-confirmation that they're up Fertilizer Creek.
Clearly the black-hats have been profiling their market segment and have realised that the clueless, their best customers, are likely to miss the fact that they're infected for a significant period of time, potentially affecting cash flow (always a problem for a growing business).
They've also realised it's a good idea to avoid breaking the law in a country that can get their hands on you.
Could be a sign that "Malware Consultant" is now a thing."
would be to create a bunch of these and NOT give out decryption keys. People would stop believing they can recover their data and stop paying. The victims may even learn to backup important stuff and stop using an account with admin privileges for everyday stuff.
"...would be to create a bunch of these and NOT give out decryption keys."
I have a better idea. Create a bunch of these that totally do the whole encryption thing right up to the ransom note, but make actual payments impossible (looks the part, but it fails / it's fake). Then, after exactly 24 hours they put up a different note telling you this time you got lucky as this was only a "drill" asking you how would it feel to have this happen to you for real - then they should proceed to nicely decrypt everything exactly as they found it. I believe going without your files for 24 hours would be worth the price of the education received...
"Track down these ransomware peddlars and shut them down by any means."
Such as peeling the fuckers' skins off at a rate of one cubic centimetre per hour and streaming it live as a public warning to other sociopathic ransomware vermin that doing this to people carries the direst of consequences.
Oddly that describes the sensation I had yesterday trying to set up an enterprise network (when the automatic parameter setting failed - all the CHAPv2 / PEAP stuff) then install Matlab, ImageJ, Office and EndNote on a new laptop running Windows 8.1
..."uses VBScript" belong together in the same description.
I don't see how writing code to encrypt network drives but disabling it indicates sophistication, either. Cryptolocker and Cryptowall were already doing that by the end of 2013, and they're 90% of infections.