back to article Fiendish CryptoLocker ransomware survives hacktivists' takedown

An attempt by security researchers to take down command and control nodes associated with the infamous CryptoLocker malware appears to have been unsuccessful in its ultimate aim of putting the Bitcoin-hungry crooks behind the scam out of business. Activists from the group Malware Must Die put together a list of scores of …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Looking on the bright side....

    Cryptolocker has persuaded me and family members to reconsider our backup and security arrangements - on line and off line backups including versioning, properly set up firewalls, all day to day use by user accounts not administrator, education for the inexpert users, replacement or removal of as much as possible of the avoidable cr@pware (Adobe, Realplayer, Java), in addition to the existing anti-malware solutions). And then system imaging from clean installs in case the worst does happen.

    All of which I should have done before. But in the belief that theat was just messing up my system and hijacking the PC for sending spam or DDoS, which can be resolved by a reinstall, it just wasn't a priority. So in some respects thank you Cryptolocker crims, you forced me to do things properly.

    1. Anonymous Coward
      Anonymous Coward

      Re: Looking on the bright side....

      Make sure those backups are offline! An online disk backup is just as vulnerable as any other online data.

      Also, make sure you can recover, including recovery of the catalogue database (if there is one) which will enable you to recover the rest of the data. An untested backup may as well be just random data.

      1. Ted Treen

        Re: Looking on the bright side....

        Quite true - although I'm a Mac user, I keep two separate & offline clones of my boot drive, so in the event of any incursion by the ungodly (there may always be some zero day exploit) I can boot from one of my backups (the most recent) and reformat & re-clone to the boot drive.

        It's a bit of a faff, but it has become second nature to me: incremental backups to clones are pretty quick, - and I NEVER let the system remember passwords for any sensitive or financial info, or store card numbers for me.

        Better 30 mins/week than letting these arseholes really spoil my day.

      2. Anonymous Coward
        Anonymous Coward

        Re: Looking on the bright side....

        "Make sure those backups are offline"

        Don't worry, that was a number one consideration. Hitherto it has just been cloud synced, protecting me against sudden hardware failure or loss, but the stealth encryption of CL made me realise the error of my ways.

        "Also, make sure you can recover, including recovery of the catalogue database (if there is one)".

        No database as this is home machines, without any clever stuff on them, but good advice anyway.

        "An untested backup may as well be just random data."

        I must 'fess up, checked, but not fully tested. For things like the system image and ripped music there's other recovery paths if they don't restore, it's just more time. The document recovery has been tested variously in full or in part (still susceptible to bit rot I suppose). I might enable checksum comparison on the backup or something like that to provide some verification on backup writes, so thank you for the prompt.

    2. Fatman Silver badge
      Joke

      Re: Looking on the bright side....

      ...education daily beatings for the inexpert clueless Lusers,

      FTFY!!!

  2. NomNomNom

    perhaps a good defense in court

    "Sorry I can't give you the encryption key because I wasn't the one who encrypted it and I refused to pay the ones who did"

    1. Anonymous Coward
      Anonymous Coward

      Interesting

      "I'm sorry Mr NSA bloke but these files were encrypted with crytolocker, i haven't deleted them in case the decrytion key is eventually located when cryptolocker is brought down and i can recover all my pics of puppies*. If YOU, Mr NSA, cant decrypt em then please feel free to attempt to prove otherwise".**

      Im going (really against my wishes) to the states next year, before i go i am going to restore my laptop to a known clean state, then run truecrypt through it. Then make some folder with corrupt images but a good name, like, ohh, "barely legal numbers 30-40"!. Should cause a laugh and will hopefully cause them to have me refused entry and flown back to blighty.

      * puppies with little perky pink noses

      ** USA, no proof/evidence makes a shit of difference. They do what the fuck they like anyway.

      1. CommanderGalaxian
        Stop

        Re: Interesting

        "....Should cause a laugh and will hopefully cause them to have me refused entry and flown back to blighty...."

        Dude - that's really not a good idea. They might fly you back eventually - after you've spent several months in detention. They really don't have a sense of humour.

      2. Anonymous Coward
        Anonymous Coward

        Re: Interesting

        "before i go i am going to restore my laptop to a known clean state, then run truecrypt through it. Then make some folder with corrupt images but a good name, like, ohh, "barely legal numbers 30-40"!. Should cause a laugh and will hopefully cause them to have me refused entry and flown back to blighty."

        You're an idiot then. Do you know how many countries will refuse you entry, if you've been refused entry to one of their allies? Do you realise that if you succeed they may well hold you while they attempt decryption? Do you realise that the British consulate isn't going to be entirely impressed when they realise that you've done this deliberately "for a laugh"?

        As I commented to a friend about someone I saw in Luxor airport wearing a t-shirt protesting about Egypt's treatment of the Palestinians - Never, ever, make political statements in a port.

      3. Test Man

        Re: Interesting

        "Im going (really against my wishes) to the states next year, before i go i am going to restore my laptop to a known clean state, then run truecrypt through it. Then make some folder with corrupt images but a good name, like, ohh, "barely legal numbers 30-40"!. Should cause a laugh and will hopefully cause them to have me refused entry and flown back to blighty"

        You're a total tinfoil-hat-wearing nutter. Been to the States twice with work and my work laptop. On none of those occasions was my laptop ever looked at, EVER. Hell, I don't think they even knew I had a laptop on me.

        So calm down.

        1. Anonymous Coward
          Anonymous Coward

          Re: Interesting

          It's also worth mentioning that the US is a really nice place to visit. I've been to New England, New York and Atlanta, everyone I've met has been lovely, you may not want to engage them in talk about politics, but every single American I have met has been a genuinely nice person.

          1. Alan Brown Silver badge

            Re: Interesting

            Statistically, americans are the nicest people on the planet andrated #1 at helping strangers.

            This probably has a lot to do with the way their gvernments (local/reagional/national) will happily shaft any/everyone at the slightest opportunity - they're more likely to attack USA citizens over something than the damned furriners.

            1. Stevie Silver badge

              Re: Statistically, americans are the nicest people on the planet andrated #1 at helping strangers

              True, but if you happen upon one of the outliers you could end up being shot for knocking on the wrong door to ask directions. Goes double if you are Japanese, apparently.

        2. BongoJoe

          Re: Interesting

          I found it amusing/worrying when I went through half a dozen x-rays/metal detectors both ways on my last trip and they still couldn't find the screwdriver with the five inch shaft in my carry on bag.

      4. Stevie Silver badge

        Re: Interesting

        @ cornz 1:

        Riiiiiiiiiiiiiiiiiiiiiiigtht.

        If you are that "hard", why aren't you able to just say you aren't going? Surely someone so self assured and aggressive knows how to unvolunteer? In the real world?

        (aside) I reckon someone needs to take a break from reading the BOFH archives.

        1. Anonymous Coward
          Anonymous Coward

          Re: Interesting

          Because my father in law would be disappointed. That's why. Not that its any of your business.

          1. Stevie Silver badge

            Re: Not that its any of your business.

            You *made* it my business (and anyone else's who cares to comment) when you posted about it in a public forum in such an aggressive manner.

            You want to keep your business to yourself, do so with my blessing.

      5. Jaybus

        Re: Interesting

        Really bad idea to poke fun at port security, regardless of where it is. Why not try it at Hearthrow and save yourself the long transatlantic flight? I doubt it would be very funny for you, but the rest of us would piss ourselves.

      6. Amorous Cowherder
        Facepalm

        Re: Interesting

        "Should cause a laugh..."

        Not really, they have zero sense of humour. I can image they only smile when they get a chance to read you your rights and lube up the gloves!

      7. tom dial Silver badge

        Re: Interesting

        Whether you're at a Customs checkpoint or stopped for a traffic offense it is unwise to sass the officials. You might win in the end at considerable inconvenience and expense; or you might not, probably at greater inconvenience and expense.

        1. Intractable Potsherd Silver badge

          Re: Interesting

          All the "don't do it" comments just show that the terrorists have won.

          So sad.

          1. John Gamble

            Re: Interesting

            All the "don't do it" comments just show that the terrorists have won.

            Considering the no-sense-of-humor types have been in place since planes were hijacked to Cuba, the terrorists (current batch) are just a variation on an old theme. Only the things to watch for have changed.

          2. Anonymous Coward
            Anonymous Coward

            Re: Interesting

            @Intractable Potsherd

            Not in my mind they haven't mate..

            +1

            1. Yet Another Anonymous coward Silver badge

              Re: but every single American I have met has been a genuinely nice person.

              In advance of my next trip can I just say that every single DHS/TSA/INS agent is a genuinely nice person.

              ps. I would also like to point out that every single NSA employee is a sweetheart

  3. volsano

    Successfully knocking out Cryptolocker will stop new infections.

    But does it leave a way for the infected to (should they choose to do so) to pay the ransom? If not, the end result will be much worse for the unbackedup.

    A controlled shutdown would be kinder to the victims.

    1. NogginTheNog

      Pay the ransom?

      My understanding is that even if you ponied up in at least some cases you didn't get your files back? Thieving bastards in not honouring deals shock!

      1. David Webb

        Re: Pay the ransom?

        Indeed, it's "safer" for the crooks to delete the keys needed to unlock infected computers, if the keys got out into the wild people could unlock it themselves, possibly, so much easier to lock the PC throw away the key and demand cash for something they can't deliver, and really, if they don't deliver I can't see Trading Standards knocking on their door in whichever country they may be based in.

        1. ElReg!comments!Pierre Silver badge

          Re: it's "safer" for the crooks to delete the keys

          Indeed it is, and for one more reason: bitcoins are difficult to trace, but if you are found in possession of the key, that's pretty damning evidence...

    2. Anonymous Coward
      Anonymous Coward

      "Successfully knocking out Cryptolocker will stop new infections."

      New infections of Cryptolocker v1. The real threat of CL is that it has been perhaps the most effective piece of ransomware of all time (I speculate so). Which means that other envious cyber crooks are looking at how they can get a piece of the action, either by buying the software and modifying it, or writing their own to copy the business model. That's why I went for the measures noted above, because at the moment I can see which are (probably) the CL emails as they arrive either from ADP Payroll, Fedex, or "I am Natasha from Russia. Look my picture in attachment". But that only protects me when I can see and delte the threat. The Holy Grail for the crims is to be able to infect machines in (for example) a drive by download (or maybe the Grail is getting this to work on the machines of supposedly rich and security unaware Mac users).

      Imagine you are a computer crook. If your malware recruits a machine to a botnet for sending spam, or participating in DDoS attacks, how much do you earn? $200 for 10,000 machines per day, say 60c per machine per month max, assuming there's sufficient rental demand to rent them out continuously. If you can install something like CL, you get perhaps 5% of infected users paying up say an average of $20 per machine infected, with no onging need to maintain the bots. So working ransomware gets you double the income of maintaining a botnet for eighteen months, and you get the money up front.

      I think the security advisory firms haven't made enough of the aspects of CL that are not individually novel, but collectively are game changing: Effective delivery, stealthy and effective encryption, delivering on the unencryption when users pay up, untraceable payment.

  4. phil dude
    Linux

    backups and...

    Yes, even though bitlocker doesnot affect myself (Linux user) I am seriously giving thought to backup strategies and using the copy-on-write technology that is becoming mainstream...

    Perhaps this is the year Linux becomes the host machine of choice to protect the windows guests of this problem?

    P.

    1. Anonymous Coward
      Anonymous Coward

      Re: backups and...

      If you use copy on write AKA Continuous Data Protection types of backups, the files which the backups are stored in are online, they are therefore just as vulnerable to encryption malware as any other file.

      You need to have offline backups at the very least and if you want online, you need offline copies of these files as well..

      1. Alan Brown Silver badge

        Re: backups and...

        "If you use copy on write AKA Continuous Data Protection types of backups,"

        Backups which are online are merely file copies which haven't been deleted yet.

        IN 1997, New Zealand's largest ISP (IHUG) had a young (13yo) script kiddie break into the webserver containing customer websites. He deleted the lot AND the "backups" on mounted drives AND the backups which were on accessable (non-mounted) filesystems. Needless to say a lot of customers didn't have backup copies on their own systems.

        He then had the lack of foresight to appear on national TV boasting about it. This was before NZ had laws against such things. His family required police protection for some considerable time afterwards,.

        THAT is one of the reasons why I like tape.

    2. ElReg!comments!Pierre Silver badge

      Re: backups and...

      > Yes, even though bitlocker doesnot affect myself (Linux user) I am seriously giving thought to backup strategies

      As anyone should, and not because of BitLocker.

      > using the copy-on-write technology that is becoming mainstream

      That's the solution to a completely different problem though.

      > Perhaps this is the year Linux becomes the host machine of choice to protect the windows guests of this problem?

      Not really, virtual Windows machines on a non-windows host would be just as vulnerable. "not being a hopeless dimwit" is perhaps the best defence in this case. A pdf in a zip file attached to an email from an unknown source, seriously? There's a serious education fail here.

    3. Sparkypatrick

      Re: backups and...

      If you have a Windows guest running on Linux, any files visible to the guest are vulnerable.

    4. phil dude
      Linux

      Re: backups and...

      well this is my floating idea. At my lab the netapp box (or whatever it is under the hood) had these hourly snapshot things. It was simply impossible to lose data, but then again that's what we pay our sysadmin for....

      So this technology is becoming more mainstream, in that I know that LVM has it, but it is not granular enough.

      So along comes ZFS and BTRFS etc.. so copy on write and snapshots.

      Am I mistaken in thinking that if the Linux box was managing the copy-on-write with snapshots (say every hour/day etc...) and exposing the filesystem as SAMBA (or whatever) to a windows guest, that cryptlocker would come in and mess up files (I am assuming users home directories), but since copy-on-write , the old version would still be around?

      As I declare I am not a raw windows user (only in VM), but it occurred to me this may be a practical and desirable solution, amenable to many.

      I am not saying linux is immune to malware, just that apply the strength of one system to another, creates a diverse target to make bad guys try harder...

      Any improvements to this strategy?

      P.

      1. Anonymous Coward
        Anonymous Coward

        Re: backups and...

        WRT the NetApp appliance: Snapshots are great, but you should think of them as a copy rather than a backup. They are (or can be) presented out via CIFS, so are just like ordinary file systems. A failure to the array will also take down your snapshots as they're on the same physical hardware. Hence the requirement for offline.

        As for zfs/btrfs etc, I don't know as much about these, but if you've got malware on a linux system, which encrypts filesystem data, it's not a great leap of the imagination to suggest that this malware would also kill your zfs/btrfs snaps/copy on write/whatever else, once it had encrypted your files. So, again for normal use great, but you need offline copies.

      2. SImon Hobson Silver badge

        Re: backups and...

        > So along comes ZFS and BTRFS etc.. so copy on write and snapshots.

        > Am I mistaken in thinking that if the Linux box was managing the copy-on-write with

        > snapshots (say every hour/day etc...) and exposing the filesystem as SAMBA (or

        > whatever) to a windows guest, that cryptlocker would come in and mess up files

        >(I am assuming users home directories), but since copy-on-write , the old version

        > would still be around?

        No expert here, but yes - that would be my understanding. As long as you keep a snapshot from before CL got it's paws into the filesystem then you should be able to roll back. You still need other backups as a filesystem corruption or disk failure can still lose you your data, as will a house fire if you don't have a backup offsite.

      3. ElReg!comments!Pierre Silver badge

        Re: backups and...

        > Am I mistaken in thinking that if the Linux box was managing the copy-on-write with snapshots (say every hour/day etc...) and exposing the filesystem as SAMBA (or whatever) to a windows guest, that cryptlocker would come in and mess up files (I am assuming users home directories), but since copy-on-write , the old version would still be around?

        You're mixing things. CryptLocker will attempt to encrypt every filesystem that is visible to the machine it's running on. A secure way to do it would be to have the host perform a snapsot of the VM every now and then, without involving the guest at all, and with no access -no write access at least- from the guest to the snapshot. That's usually built in the virtual machine manager, for a very good reason. If the guest OS (Windows) is the one requesting the archiving writes, then it's at least partly vulnerable as the malware will be "aware" of the existence of the "archive" filesystem and will attempt to encrypt it as well. SAMBA especially sounds like a bad idea, FTP is probably easier to lock down.

        In short, as long as the system running the malware has write access to the "backup", you're toast.

        1. Nigel 11

          Re: backups and...

          Linux LVM snapshot will preserve the state of the LVM at the time it was taken. Cryptolocker, or anything else not running on the Linux LVM host, could only affect the snapshot if it were mounted and exported read-write. A common practice is to mount it read-only and export it read-only, so users can perform self-service rescue of files they (or cryptolocker) have messed up. RO mount means that only a root exploit on the Linux host can damage it, but then copying the snapshot to offline and offsite storage is a good second-line, not least should your backup volume fail.

          One caveat - make sure that the snapshot LVM is the same size as the source LVM so that should Cryptolocker or everything else write to most of the blocks on the source, the snapshot doesn't run out of space.

    5. Alan Brown Silver badge

      Re: backups and...

      "Yes, even though bitlocker doesnot affect myself (Linux user)"

      If you have a CIFS share and IF a windows machine on the network gets infected, you may not feel so unaffected.

      $orkplace (another department) has had exactly that kind of experience recently.

  5. Cliff

    Devalue BTC, kill the profit?

    This scam is noteable in that it demands payment in untraceable, irreversible BTC. Would it be so successful if payments had to be by credit card in a real currency?

    1. ElReg!comments!Pierre Silver badge

      Re: Devalue BTC, kill the profit?

      They ask for 2 BTC because the value is high. Shoult a BTC be worth a few cents (as it once was) they would ask for thousands of them, that's all. Or for Western Union, like the 419 scammers. Or for anonymous prepaid cards like the "your browser is locked until you pay the fine" nag pages.

  6. pop_corn

    I've only heard of someone who's heard of someone who's had problems recovering their data after paying up, but never spoken to anyone directly. It would be pretty stupid of the authors of the virus not to unencrypt the data, as if the word on the street was that they didn't, then people would stop paying up.

    Bear in mind that the newer versions of the virus have apparently started asking for only 0.5 bit coins, in response to its sudden rise in value. That's not the move of someone stupid.

  7. Anonymous Coward
    Anonymous Coward

    What goes around...

    ...usually comes around. I wouldn't want to be these crims when they get caught.

    1. Nigel 11

      Re: What goes around...

      I wouldn't want to be these crims when they get caught.

      Especially if it's organised crime that is first to catch up with them. It's probable that organised crime has also had its data corrupted, and what can they do? Can't inform the authorities. Can't pay the ransom, in case it were a sting by the authorities. Can do something hideously violent and permanent to the perps if they find them.

      1. Charles 9 Silver badge

        Re: What goes around...

        Unless CL was ALSO the product of organized crime, meaning your scenario would escalate into a mob war.

  8. DB2DBA

    Your tax dollars at work

    Considering all the resources NSA has available, shouldn't they be decrypting the CL key(s) and making them publicly available? Then at least taxpayers would get something useful from the money they've spent.

    1. Alex Rose
      Unhappy

      Re: Your tax dollars at work

      From everything I've read the malware generates a key pair and then sends the private key to the scammers over the internet. Hence there's one key pair per infected machine, not just one key pair for all machines.

  9. Anonymous Coward
    Anonymous Coward

    It is true what they say about BitCoin, it is often used by crooks.

    This is what I don't get, if PayPal and others weren't so twitchy about people using their service for dubious purposes then some sort of traceability would be possible.

    1. Jaybus

      Because PayPal is legit and don't want to get themselves banned?

  10. TheWeddingPhotographer

    The issue with these scumbags is that you cant "follow the money" that's why ultimatally the Bitcoin model, is deemed for failure.

    Essentially Bitcoin circumvents the tax man, Accountancy etc. etc. Eventually, governments will have to agree to regulate this sort of venture, or close them down, as it undermines pretty much everything modern economics is built with

    As for all of the spamming / scamming scumbags, Im sure Government agencies know enough to close them down. It appears, from a espionage point of view, they have pretty much embedded themselves into all aspects of the internet

    1. Frumious Bandersnatch Silver badge

      RE: Essentially Bitcoin circumvents the tax man, Accountancy

      No, it doesn't. No more than using paper/plastic money, at any rate. (Value-Added/Sales) Tax laws work because the seller acts as the tax collector. They have to keep records of what they buy, what they sell and the prices they sell the items at. They're then liable for collecting the sales tax or VAT from the customer and paying it back to the taxman (or offsetting it against their tax deductibles to get a balance that they must pay). Bitcoin has absolutely nothing to do with this. Dishonest traders will fiddle the books (putting in false sale value, for example, or just writing off stock) regardless of whether customers are paying in cash or for barter value (like Bitcoin is).

      As for following the money: that's what a business's set of accounts are for. Again, it has nothing to do with Bitcoin. Paper money is just as "untraceable", yet you never hear people complaining that it allows for anonymous transactions!

    2. Nigel 11

      Short of closing down the internet how *can* the authoritoes close Bitcoin down?

      Anyway, it's not new. Since the earliest days of the Chinese Empire (and probably earlier, but the records have perished) there have been trustworthy(*) alternative criminal(**) organisations which would move your money across borders and around accountancy barriers for a fee. Typically you hand over some money and receive a token, such as a roughly torn sheet of paper. You later present it to a representative of the same organisation at another location, and they match the other torn piece and then hand over the agreed amount of cash.(***)

      (*) for certain values of trustworthy

      (**) according to the authorities, who ask more in taxes than the alternative asks in fees.

      (***) this practice may even be the origin of paper money instead of gold, brought back from the underworld by the authorities, who could then back several banknotes with the same piece of gold and get away with it for centuries. Behaviour which any self-respecting criminal gang would be ashamed of.

  11. Anonymous South African Coward Silver badge
    FAIL

    CryptoLocker

    Had my bag of fun with this piece of garbage.

    The attack vector was something like this : luser allowed her son (against IT policy) to install and run games on her work laptop. I suspect her son caused the laptop to be infected with CL either by opening an email attachment or the such. It proceeded to encrypt every single .doc, .xls and the such files on said laptop.

    Then it displayed its ransomware notice.

    Her son tried to uninstall it, but panicked when it changed the desktop background to the infamous CL background bitmap.

    He sbould've left it there, but he didn't, and downloaded (and reinfected the laptop) with CL accordingly to the instructions given.

    Then mommy came to work with said laptop, plugged it into the network, and did some work.

    Then she proceeded to phone me.

    Worst day ever. I killed her connection, and had to restore from a backup... Luckily it was only her laptop, her home folder on the server and one directory with lots of .PDF, Word and Excel files affected - and the corruption didn't spread to the automated backups yet....

    She was under the impression I could "google for a fix and way to remove it" .... Hopefully the loss of her photos and other (not backed up) documents on her laptop will make her think twice now....

    Had to do a fresh windows install on a new HDD as I could not get rid of the CL trojan at all... Will probably format and reinstall that HDD at some later stage.

    Going to introduce (and enforce) new, tougher IT policies next year. Lesson learnt.

    1. Fatman Silver badge
      Alert

      Re: CryptoLocker

      The attack vector was something like this : luser allowed her son (against IT policy) to install and run games on her work laptop. I suspect her son caused the laptop to be infected with CL either by opening an email attachment or the such.

      At WROK PALCE, that would be an Employment Termination Event.

      End of discussion.

      But, since we don't use WindblowZE, the point is somewhat moot.

    2. Alan Brown Silver badge

      Re: CryptoLocker

      "Then mommy came to work with said laptop, plugged it into the network, and did some work."

      I hope you pointed out pretty forcefully to her and the CEO how lucky you were that the central fileservers didn't end up encrypted?

      In some companies she'd have been escorted to the door by security with the personal content of her desk belongings only following a few days later by courier delivery.

    3. Mark 65

      Re: CryptoLocker

      Just curious, but why/how were admin rights available to install software in the first place on the work laptop?

      +1 for disciplinary event comment above though.

  12. Anthony Hegedus Silver badge

    For all out customers with the appropriate linux servers, we've just blocked zip files in incoming emails. The minor inconvenience is outweighed by the safety aspect. For customers with windows servers and an antivirus on the server, we can usually block these attachments too. Most of our customers are perfectly happy with this arrangement.

    1. JoeF

      Doesn't help you if somebody brings in an infected device from home.

  13. Anonymous Coward
    Anonymous Coward

    Hate to say it but

    Surely ISPs could cooperate and just block all affected machines from "phoning home" ?

    A simple matter of El Camerono signing the "Internet Security Act" would suffice, empowering ISPs to block known botnetted machines and charge a fair price for either cleaning said machines themselves via a third party or keeping them blocked until the owner fixes them.

    1. Alan Brown Silver badge

      Re: Hate to say it but

      "Surely ISPs could cooperate and just block all affected machines from "phoning home" ?"

      If you know the IPs in used AND the domains in use, you can try.

      Otherwise you may as well be playing whack-a-mole with 10-moles and 1000 holes.

      1. Charles 9 Silver badge

        Re: Hate to say it but

        Easy enough if you plug each hole you come across. Hard to phone home when you can't phone, period. And if anyone complains, tell them their machine is full of holes and needs to be fixed and to read the T&Cs again.

  14. Anonymous Coward
    Anonymous Coward

    "UK consumers"

    SELECT * FROM uk WHERE consumer = false;

    0 rows returned

  15. TopOnePercent Silver badge

    NSA

    Surely, now the Snowden cats are out of the bag, the NSA can identify those responsible for CryptoLocker and send in the SEALS?

    My family get two rebuilds for free, the third comes at the price of their admin rights. No matter the OS, having unskilled people using technology will not end well.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019