back to article Wait, STOP: Are you installing Windows 10 or RANSOMWARE?

People aren't good at waiting for stuff, and with computer users queueing up to download Windows 10, ransomware purveyors have started to move in. CTB-Locker This is going to be expensive ... Cisco's security team has noticed a new spamming campaign attempting to spread the CTB-Locker ransomware using emails purporting to …

Stop

"Windows 10 is familiar and easy to use".

Yeah, like that's going to fool anybody.

15
3
Silver badge

Windows 10 is Ransomeware?

*Cough*

24
2

Re: Windows 10 is Ransomeware?

It's certainly hard to swallow. Still trying to work an Amazon reference in though.

13
0
Anonymous Coward

Re: Windows 10 is Ransomeware?

It's certainly hard to swallow

An African one? I fart in ze general direction of Redmond.

5
1
Anonymous Coward

Re: Windows 10 is Ransomeware?

Looks like Windows 10 should be renamed Windows Google edition given the amount of spying it does on you. At least Google give away their products in exchange for loss of privacy rather than charge $199.99 (pro usb edition) for the privilege, hell I can buy a chromebook for $199.

7
4
Silver badge

Re: Windows 10 is Ransomeware?

That's unfair its free for the life of the device.

Office365, however.... yep, that looks like ransom-ware to me.

0
0
Devil

Re: Windows 10 is Ransomeware?

That's unfair its free for the life of the device.

They promised that for Windows 10, all right. But what about the Microsoft account? At the moment it is not strictly needed... yet.

My suspicion is that they will keep on herding their users into Microsoft accounts and at some point start charging for them in one way or another. It would only be logical if the account would be necessary to receive updates and if you want control about updating you have to pay for a "plus" account. Some scheme like that is more than likely.

At that point Windows 10 will indeed change into a kind of Ransomeware.

2
2

This post has been deleted by its author

Silver badge

It would only be surprising if this had not happened. And Microsoft must have known this when they set up their upgrade system and sent out all those registration messages.

3
3
Silver badge

Yeah, people should stop releasing new products until they've found a way to stop thieves putting its name onto their malware. These companies are just lazy.

3
0

What really troubles me is that several decades after the first hard drive crashed, we still have people who don't back up their stuff.

11
0

I could say the same thing about condoms... the human race should be long gone!

People must REALLY value their porn collections... what troubles me is exactly what it is people have to lose... Family photos/videos?

0
1
Silver badge

>What really troubles me is that several decades after the first hard drive crashed, we still have people who don't back up their stuff.

Well, what use are encrypted backups? It will certainly encrypt your backups if you do not disconnect the drive prior to installing the ransomware, and who does that ?

Windwows 10 is ransomware, you will see come 2016 ...

1
4
Facepalm

An idea

So if you fall for this. Remove hard drive, put new one in, and restore your backup. You did make backups didnt you?

5
0
FAIL

Re: An idea

And if it's encrypted your backups?

0
0
Silver badge
Facepalm

Sits nervously....

Awaits call from family, friends who have self appointed me their Help Desk....

14
0
Anonymous Coward

Re: Sits nervously....

Hey Winki,

I've a problem.

Uncle Ned

4
0
Silver badge

Re: Sits nervously....

We don't talk to Ned's side of the family....

16
0
Anonymous Coward

Re: Sits nervously....

And we dont talk to you unless we want something. Fix my PC now or I'll call your mother / shit on your lawn / shoot your dog.

Uncle Ned

2
0
Headmaster

Are any of us surprised?

How often, for example, have we seen articles in the mainstream press warning their millions of readers against doing anything other than delete any e-mail allegedly from their bank asking them to use this link to etc.? How often have the banks themselves written to their customers (via snail mail) telling them that any such e-mail is bogus and should be deleted immediately? A certain percentage of the great techno-ignorant unwashed cannot be told. I have already had to warn a couple of chums who regard me as their gratis sysadmin that they should under no circumstances download from unofficial sources. Their response was to winge about having to wait more than a couple of days despite it being carefully explained to them that we are talking about countless millions of machines that simply cannot be upgraded overnight. I am sorry to say that you just cannot get through to some people regardless of how hard you try.

4
1

Re: Are any of us surprised?

It doesn't help that suddenly our bank is employing digital czars (pr people) that exhort elderly and inexperienced users to search for promo codes and click on the links, I mean how f'in stupid is that ?

3
0
Silver badge

Re: Are any of us surprised?

Big companies don't think things through. BT for example use a domain called custhelp.com for certain support. Look at the whois for it you will see it is not a BT domain.

(1) How is the man in the street supposed to understand that it is ok in certain circumstances to break the rules about clicking on unfamiliar links?

(2) If a "rogue" organisation successfully dupes custhelp (apparently part of oracle) into accepting their media, and serves up dodgy links to people, their penetration will be far-reaching because advisors will say "oh yes, custhelp.com is legit, click on the link." The rules will change because of this: you not only have to look at the domain you are clicking into, but the sub-domain as well.

6
0

This post has been deleted by its author

Re: Are any of us surprised?

Or Nominet, who back in May sent an e-mail to everyone with a domain under the .uk CCTLD (including those with .co.uk etc. domains) saying

"You now have access to an online account with Nominet that you can use to manage some other services associated with your .uk domain names (for example to transfer your domain name or check your registration details).

"Please follow the link below to access your online account and confirm that your contact details are correct"

According to their customer support this was a genuine e-mail rather than a phish, but it fails every sniff test.

8
0
Silver badge
Boffin

Re: Are any of us surprised?

I am sorry to say that you just cannot get through to some people regardless of how hard you try.

Tried a sledgehammer, a pickaxe or the aptly-named Stanley Fubar (XL, preferrably)? The diamond-blade water-cooled saw I have eats 10cm concrete for lunch, so a luser's cranium should be no problem at all.

(safety glasses icon, for obvious reasons)

4
1
Silver badge

Re: Are any of us surprised?

Exactly. BobRocket. My bank spams the fuck out of me. They and their customers are literally sitting ducks. Needless to say, I've been looking for another, but it seems they have all lost their minds.

1
0
Silver badge
Joke

Re: Are any of us surprised?

What's wrong with an old fashiomed LART? Or a cattle prod?

Keep your fubared pickaxe off my cranium, Stanley!

What next? - Internet connected sledgehammer?

0
0
Silver badge
Mushroom

Re: Are any of us surprised?

What next? - Internet connected sledgehammer?

The RLART suite, culminating in the OADS (Orbital Anvil Delivery System - Fiat Iustitia Caelo Ruato)

0
0
Coat

Re: Are any of us surprised?

Dear customer, we send you this mail in order to inform you, that we will never request your PIN, address and other personal data per e-mail.

For legal reasons please confirm reception of this notification by clicking on below link and following the notification process.

<link to payload on spoofed page>

yours sincerely

your bank

0
0
Silver badge
Joke

Difference?

So..... Explain to me again what the difference between the two is?

Oh.. you want to play a windows game without ads? Well that's gunna cost ya extra fool!

8
0
Anonymous Coward

Confused me

From the title I thought this was going to be an article examining the potential impact to users of relying on an OS which may at some time require further payment for it to be used (Microsoft's words on Windows As A Service etc. haven't been clear enough to make that not something to be concerned about).

Add in the use of Bitlocker with keys held on Microsoft Accounts and you could have the makings of "Windows 10 = Ransomware".

Tin-foil hattery and FUD, I know. But it's the weekend.

7
2

Re: Confused me

my thoughts as well on seeing title, but better expessed than I could at this time on a weekend!

0
0
Anonymous Coward

The clock is ticking

Next year is when nickel and dimeing will really kick in. 9.99 to play solitaire? how much to use the calculator? The real cost will be revealed. Sky used the same tack when they got F1. Free in the first year and now an arm and a leg. No matter how many times you fool people they still fall the same old stunts.

4
0
Headmaster

Re: The clock is ticking

You spelt c***ts incorrectly :-)

4
0
Headmaster

@cosymart

So did you! ;-)

7
0
Silver badge

Re: @cosymart

He used the LIN spelling variant.

0
0
Silver badge

If you run the numbers, it's no surprise

First let me just say that ransomeware and it's creators must die.

That said, it's no mystery why they do it. A chance to make 100s of thousands up to a few million in a month is one hell of motivator.

1
0
Joke

This is acually.....

Microsoft is actually testing their new Windows 11 upgrade path . After you install the free crap and get tired of being survielled, then you upgrade to the cryptolocker version!

1
0
Silver badge
Big Brother

hey, the staff at GCHQ/NSA enjoy a giggle putting out this stuff.

2
0

Interestingly, the 'typos' look like the errors caused by someone creating their texts on a Macintosh. You see them a lot on websites or emails.The Mac has two modes for text, unicode or Apple's older representation for accented text which includes proper quotes and single quotes.

0
0
Anonymous Coward

Re. ransomware

Why isn't this sort of fraud viewed as seriously as terrorism already?

0
1
Silver badge

Re: Re. ransomware

Because one is usually an attempt to kill someone and the other may lose you some possessions?

1
0

"Williams told the Reg that it also demonstrates its efficacy by showing a complete list of encrypted files and offering to decrypt five of them for free."

Could this be used to determine the decryption key?

1
0
Silver badge

""Williams told the Reg that it also demonstrates its efficacy by showing a complete list of encrypted files and offering to decrypt five of them for free."

Could this be used to determine the decryption key?"

Sort answer: no. If it could, then anyone with both the plaintext and the cyphertext could be able to work out the key. But since this is public key encryption essentially, anyone can generate cyphertext using their own plaintexts. So no real help I'm afraid.

0
0
Mushroom

A serious question here ...

Regardless of one's views about Microsoft, the topic of ransomware is one that has always enraged me, not due to the antics of the extortionists who send out this crap, or the mindless victims who will click on anything without thinking, but for the failure of governments to take effective action. What would be effective?

First, use every technological resource (NSA, GCHQ, etc) to track down the culprits (difficult? yes, impossible? no) and then literally execute them after establishing their guilt in a courtroom.

Second? Make it known that ANY individual anywhere on the planet that engages in such data extortion via encryption/ransomware is going to be KILLED. That's right, kill the no-good sons o' b*tches, kill them with extreme prejudice, kill them with a smile on our faces.

Why should they be permitted to continue wasting oxygen? What do they contribute to society?

Kill them.

3
1
Devil

Re: A serious question here ...

<quote>That's right, kill the no-good sons o' b*tches, kill them with extreme prejudice, kill them with a smile on our faces.</quote>

For sport, they could be fastened in an electric chair, streamed live over the internet; and a url published to 'finish them off'. Enter the right hexadecimal code, and the relay closes, and they get fried. They will "sweat bullets" waiting for the end to come, which will make the current flow through them even better.

Now, ElReg, where is that evil bastard icon???

Then again, you could always use one of these:

http://www.theregister.co.uk/2015/08/01/fda_hospitals_hospira_pump_hacks/

1
0

Frustrations against ransomware are justified

Lots of comments on this thread trying to link ransomware to terrorism / asking for the death of said individuals. While I do agree with your anger (former Cryptowall victim here speaking) I think that they are more of an organized crime, rather than terrorists. In order to qualify for the terrorist title, wouldn't they need an ideology to back them up first? Not that it should diminish their punishment in any way, but I think we should call them what they are: criminals.

As for the downloading of Windows 10, I have not encountered any of these cases yet, but I cannot say that similar cases haven't happened to me. The emails look so real and legitimate, that even people who are supposedly tech educated can fall for it. We've implemented a software (Rollback Rx) to combat these kinds of situations, in where even if the user were to fail our security systems, we can still preserve our computer's and network's integrity. Rolling back has really cut back on our maintenance and security costs, without having to compromise quality.

1
0
Silver badge

Re: Rollback Rx

Impressive spec. My worry with a product like that is to do with the underlying hardware. It looks as if a layer is being created between the file system and the hardware platters which manages things. Presumably it will cope with hot-swappable RAID disks, but what if a normal pc's hard drive develops bad sectors, etc. would I be able to stick the drive in another pc, for example, to recover the data?

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018