Tech support locker scam poses as failed Microsoft Update Cybercrooks have put together a new scam that falls halfway between ransomware and old school browser lockup ruses. The new class of “tech support lockers” rely on tricking users into installing either a fake PC optimiser or bogus Adobe Flash update. Once loaded the malware mimicks ransomware and locks users out of their …
That attitude is a bit selfish James.
There are plenty of folks out there (like one's relatives and friends) who aren't as smart as you, who consequently need their security knowledge regularly updating, their "normal" behaviour modifying and often as is the case, also need their system of choice rescueing, so that they can once again lead a normal life, using whatever device or software is popularised by the media.
Please don't scoff at the victims, it lowers the tome of the forum.
Alfazed
When called on to 'fix' computers by relatives I delete Flash and 'optimisers' and say why. One particular relative insists that he has to have Flash and that his computer runs too slowly. I've told him that when, not if, there is a problem because of Flash or the 'optimiser' he shouldn't bother to call me. He got upset and vowed never to call me about computers again. Sounds like a plan to me. He also ignored me when I told him that he really needed to have a backup. Another relative has told me that he's currently looking for a new computer as he had a really bad 'virus' attack his old one, some kind of ransomeware from the sound of it, and lost everything. Perhaps he's learned. I doubt it. It is, however, no longer my problem, and his problems serve as a beautiful object lesson for other relatives, several of whom have (finally) purchased external drives and are backing up their stuff. (This means that I get to go around and show them how to back up, so it's actually more work. However, it's work that is a lot more useful that cleaning up after yet another malware attack.)
I have removed Flash, QuickTime, Silverlight, and older versions of Java from my systems. All of them, with the exceptions of those machines which must run older versions of Adobe Creative Suite (not, repeat not, Creative Cloud) and those machines don't go online so that their exposure level is low. I'll be dumping Creative Suite from my Macs shortly; it'll be replaced by Affinity's software, which is both cheaper than Adobe's ($40 per app, versus $60/month, which is never, ever, going to happen) and more reliable. And, mostly I can banish Java 6 forever.. Photoshop and Illustrator for Creative suites 5.x and 6 requires Java 6. Once I get rid of them, I no longer need Java 6. Adobe says that I should update to Creative Cloud, which apparently doesn't need Java 6. I say that Adobe can kiss my ass. Affinity is working on Windows versions of their stuff. Creative Suite will be gone from my Windows machines roughly a millisecond after Affinity ships their Windows versions. And then my entire network will be an Adobe-free zone. No Flash. No Acrobat. No Creative Suite/Cloud. Well, there will probably be a few Adobe fonts installed still, but other than that, all gone. My network is already a Silverlight-free zone, and a QuickTime-free zone, and will be a Java-free zone Real Soon Now. Java 6 will be gone once Adobe is gone, and newer versions will go once certain other apps go.
And I'd still like to know if the malware mentioned in the actual article blocks booting in safe mode. Some malware does. If I can boot to safe mode, I can think of a few ways to clean up this malware.
And when you phone them up they presumably take a card payment. It should be simple enough for card companies to identify the beneficiary.
Hmm. Making a profit from crime, or put effort in to catch people in unreachable countries. Are you really wondering why they can still take card payments?
Thought not.
Well it is interesting that in Malwarebytes report no mention is made concerning the number: 1-844-872-8686.
Namely, it is a US non-geographic toll-free number and hence it's 'owner' (ie. the party who pays the call charges) can be found through a reverse lookup and the payment of a small fee ~1USD.
Which raises a question as to whether the registered user of that number is actually the business taking the call etc. ...
And the police can get the phone company to cough up the forwarding number and track down the miscreant.
This is not an email/bitcoin scam thing that can be anonymized via Tor, this is a scam that relies on phone companies not snitching them to the law.
And apparently it works, so why not ? Capitalism at its best.
The entire fix for this mess:
Remove the HDD from the afflicted machine, connect it to another machine with one of the numerous recovery Linux distros installed. Recover all the (l)user's files. Back them up to a couple of different media. Delete Windows and install from a Linux Mint DVD. Copy all the (l)user's files to the Home directory of their new system. Spend 10 minutes showing them how to log in, locate their files and configure their Email. Job done. No further "service calls" from "Microsoft" and a computer that runs as it should.
No further "service calls" from "Microsoft" and a computer that runs as it should.
Two things wrong with that:
1- there is no active correlation between running Windows and getting called by a scammer - all it takes is, say, a hacked government server and your details are out there.
2- "as it should" is unfortunately a relative term. I cannot count the occasions where people who had LibreOffice installed came to support whinging that their letters "didn't look right" and they wanted thus MS Word, which happens to not run very well in Linux. This is what you get with the vacuous world we live in: how it looks takes precedence (by some considerable distance) over content. Proof in point: the Kardashians, the Daily Mail and politics.
That is really the only thing that stops a Linux desktop from becoming a business standard: looks. Well, OK, that and the rather remarkable absence of any FOSS, Open Standards based competition whatsoever for Microsoft Outlook. Unbelievable, but true. Nothing viable has emerged in the more than 2 decades that I've been using Linux. If I had any coding skills I'd start it myself.
Compulsory Outlook at work - it's an awful email client, massively resource hungry.
All email clients I used on Linux, even the worst ones, have had far less resource usage than Outlook does on Windows.
The only real selling (lock-in) point of outlook is the calendars that tend to be commonly used in many workplaces as it's a bit awkward to access them from other apps, though there are a few Linux offerings that give some outlook calendar use, ranging from plugins (e.g. Thunderbird), to inbuilt handling (Evolution)
All email clients I used on Linux, even the worst ones, have had far less resource usage than Outlook does on Windows.
Oh, don't get me wrong, I know Outlook is not exactly a spectacular example of coding efficiency either (let's face it, it shows all the signs of having been coded by Microsoft itself), but it's one user interface for contacts, email and calendar, and in a manner that allows interaction between the 3 (although they've dropped a trick, the same as Apple has in its calendaring).
I usually reside on Macs and Linux so I get to avoid the damn thing (and we now dropped Microsoft -and Adobe- products internally completely), but I know customers that are hooked on that "one gateway" interface (read: almost everyone non-tech and in a position to make decisions) cannot be prised off that addiction which pretty much ends any discussion about a Linux desktop..
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
