Ransomware Trojan is back and badder than ever A ransomware Trojan threat is back – in an even more noxious form – two years after it last appeared. A new variant of the GpCode ransomware encrypts user files on infected Windows PCs using theAES 256 and RSA 1024 encryption algorithms. The malware only encrypts the start of media or Office files, but that's enough to make …
He's pointing out that these are talented people and their skills would be better used elsewhere.
As for the coding, not everyone is a programmer, so shut up.
Did you build your car? No? Then don't complain about anything about it, same goes for your TV, fridge, carpets,house, in fact ANYTHING you own that YOU personally didn't make, don't EVER complain about.
You are the sort of arse that make Linux for geeks.
"Ooo so what, you can't write your own driver for your HP printer. Well that's your problem."
"Did you build your car? No? Then don't complain about anything about it, fridge, carpets,house, in fact ANYTHING you own that YOU personally didn't make, don't EVER complain about."
I don't, I pay a guy (or gal) to fix them for me. Or I buy an alternative. Same with software. I can either fund (or part fund) the fix, find an alternative or get involved with fixing it.
There is a great malaise today where people expect every little thing to be sorted for them by some mythical higher power, or for every little thing to be perfect from the get go.
Standing on the sidelines and moaning isn't going to get anyone anywhere. In any aspect of life.
It's put up or shut up.
"..how much time have YOU devoted to fixing and testing the bugs that you complain about? Put up or shut up."
"Doctor, doctor, my ears are bleeding"
Doctor: "Actually I think you will find that *I* have a medical degree and *YOU* don't"
"So are you going to help me?"
Doctor: "No. Put up or shut up"
The BigYin wrote -----
Ah yes...this will be a doctor who lives on thin air than and does not expect any remuneration for their time. My, my, my.
So I do "put up" for the doctor. It's called "paying the bill".
-----
We pay our bills too. We've put up. Looks like it's your turn to shut up.
'my solicitor/builder/car mechanic/security programmer is useless'
- could you do a better job? No? So don't complain.
What you overlook in your anxiety to dismiss criticism is the customer's obvious assertion-
'but it's because I'm not a solicitor/builder/car mechanic/security programmer that I hired him.
'I may not be a solicitor/builder/car mechanic/security programmer but I can tell a rubbish job when I see one.
And I see one.
I'm thinking interesting things about the consumer credit act at this point. If you *did* pay up, you could then hold the credit card company liable for the consequences of the non-delivery of the unscramble key and the consequential losses. Because they are jointly liable in law (with a blackmailer!), and it's already been proved in court that the CCA joint liability extends overseas.
I think someone suing their bank for the cost of all consequential damages ought at least result in some heavy pressure being exerted to find the culprits!
"I think someone suing their bank for the cost of all consequential damages ought at least result in some heavy pressure being exerted to find the culprits!"
Incorrect methinks, the banks would just add a paragraph to their t's and c's placing all responsibility for the transactions on the customer and increasing their fees at the same time to offset any potential loss they might suffer from the bad publicity.
I don't know who has downvoted me, however if it is because I said that the CCA doesn't apply to PayPal, I quote Which? Magazine who point out that: "Section 75 of the Consumer Credit Act doesn't apply to Paypal transactions."
See http://www.which.co.uk/consumer-rights/online-shopping/paypal---your-rights/paypal-protection-problems/ for details.
Actually, not that interesting;
In other countries, the equivalent of the CCA may apply. In blighty though (amongst other countries) PayPal haven't completed the necessary registration (they have a choice for reasons Ive forgotten). Fuckers aren't even regulated by the FSA!
Re Credit Cards. If the crooks didn't deliver the code, you could claim back from the bank. Doesn't apply to debit cards though, it's because the Law takes a strange view of the transactions;
In your eyes;
Man Sells Dog
You pay him by credit card
Done
In the eyes of the law
Man sells dog
Credit card company buys dog at your request (placed by presenting the card)
You buy dog from CC company (with interest!)
Which is why you can claim back from the CC co if the item is misdescribed, doesn't arrive etc. AFAIK there's no loophole they can use to avoid it in 99% of cases
Yes, it does have to be over £100 (and under £30K)
As for terms and conditions, they can't do that. The Consumer Credit Act is the law of the land, and any term or condition that attempts to usurp your legal rights is invalid. They sometimes try, on the basis that most of their customers won't know that such a condition isn't worth the paper it is written on. They also try random misinformation, misdirection, losing your letters, and any other trick that they think might make you give up. One has to persist.
"can't the money transfer be tracked and help find the people involved?"
I doubt it because the money transfer will no doubt go to one of the other gullible fools who answers an advert for "working at home" which involves taking payments into your bank account and then sending it on elsewhere for a small payment each time. With a chain of these pr*ts left to pick up the pieces when or if the rozzers do turn up.
"A malicious PDF is reportedly used to download and install the ransomware"
So it is just Adobe Reader that is exploited, or are other readers affected too?
Still, as only the last 24 hours worth of personal data should have been affected (and it doesn't change that often). It would mean wiping, re-installing and then recovering data from the off-site back-ups (I presume the back-up drives would have been jiggered). Annoying, yes. Devastating, no.
Everyone has off-site back-ups for their home PCs, don't they?
Why are you giggling?
Either the bad guys do indeed provide the key in exchange for the money, or they don't bother. It seems a relevant choice to me. If the plan from the start is to just lie, they don't really need to encrypt files -- overwriting them with garbage and *claiming* they're encrypted would work just as well. And they can just disappear when they have the money, or keep trying to suck more out Nigeria-style.
OTOH, being "honest" about their intentions might encourage people to pay up more often, and encryption software can probably be bolted on to the malware without that much extra effort.
but keep the backup drive offline at any time when it is not needed for running a backup or recovery.
How many people have their data "backed up" to a drive that is permanently connected to the host machine/network and therefore just as vulnerable to malware as the original data?
Does this malware go after network shares? It would certainly be possible.
Chances are that if you know enough to partition your backup storage into a different enough security context from the production environment, the production data will be on a system where the person administrating it has also achieved some partitioning between trusted and untrusted executable content.
People without the knowledge to automate backups probably won't have recent backups anyway. People with the knowledge to automate backups are likely to have thought about security context partitioning between the backup and production systems and trusted and untrusted executables.
1) uninstall all Adobe products, as you should have long ago...
2) Back up your data regularly, and not just by copying to an external HDD (where the same virus can easily find the same files and encrypt them there too) Use a real backup application that actually creates backup files, or an online backup service like Carbonite or BackBlaze (and not the one in Windows Vista or 7, it's bugged, and has been since it's inception).
3) Don't use IE, and use noScript or similar blocking technology to prevent anything more than simple HTML code from displaying.
4) Actually use an AV product with adware/spyware tools. I'd stay away from Symantec of McAfee retail products (though McAfee ePO is not bad), but many other products are highly rated.
5) never click on a link in an e-mail unless you know who and WHY they're sending you a link (aka you were expecting it).
6) don't store personal information that can be used against you on your PC at all unless those files are encrypted (and only do so if you HAVE to.)
"Use a real backup application that actually creates backup files"
What is a "real" backup program? And what are the backup programs you allude to that don't create backup files?
Surely the choice of how to package your backup files (encryption?/compression?/file containers?) is going to be different based on your specific needs and expectations. To claim that there is one right way would be silly.
It is an advert for regular backups of data. Doesn't affect network drives, well it didn't on the laptop I have here.
I think the infection came from updatessoftms.ru so if you have a corp. firewall block it, although being rogues I doubt it will be limited to the one site. It was that site forward slash random 15 chars.pdf
There are ways to plug adobe vulnerabilites. http://ctaspley.wordpress.com/2010/08/24/protect-your-pc-against-adobe-pdf-reader-security-flaws/
When it launched the PDF if ran some java which was picked up by trend but didn't stop his infection.
Sadly the people who never back up anything, download any old crap without scanning it, and dont have antivirus are always the people in botnets and getting infected by worms like this.
If it takes something like this worm to teach a few people about antivirus, safe surfing and safe download habits then it's worth it.
Bring on the worms!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
