Jump to content



Photo

  • Please log in to reply
68 replies to this topic

#61 T9RKELL

T9RKELL

    Neowinian

  • Joined: 13-September 13

Posted 28 October 2013 - 19:44

Hey guys, 

So my dads office was hit with this last week, it was actually transferred but an adjacent companies network. They share a space with my dads office. None of the malware programs that they have installed picked this up. We were able to remove the malware after several attempts, but now his entire server is encrypted. Does any one know if there has been a successful method to decrypt the files yet? He has backups but unfortunately the IT guy that had set up his server some how turned off back ups last November! 

 

Hum has created a decryption tool, and posted about it at previous pages of this thread, maybe it will help


#62 T9RKELL

T9RKELL

    Neowinian

  • Joined: 13-September 13

Posted 28 October 2013 - 19:51

As to ways of infections, there were several reports of receiving phishing emails with rogue attachments. Next, a lot of people got them at shady sites like porn and torrent.

 

My brother in law runs an infosec blog, he has several interviews with infosec guys, section ofr deaf people with written transcriptions of interesting Black Hat and DEF CON talks. He latest articles are dedicated to ransomware: http://privacy-pc.co...cker-virus.html



#63 +techbeck

techbeck

    Neowinian Senior

  • Tech Issues Solved: 8
  • Joined: 20-January 05

Posted 28 October 2013 - 19:53

PITA.  Had this on someone's computer recently.  Told him to turn off his computer, slaved his HD, and copied files off his system.  Then redid the software.



#64 OP +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 11 November 2013 - 23:59

The problem with cryptoLocker is this.

 

90% of people have no daily backup. 9% Have a daily backup that backing up to an always connected External drive. 1% also have a have a cold (off site backup)



#65 #Michael

#Michael

    Neowinian Senior

  • Joined: 28-August 01

Posted 15 November 2013 - 19:14

This is just how bad this malware is getting:

 

 

Now here’s a first — crooks who realize the importance of customer service.

It’s the latest twist in the global CryptoLocker ransomware attack. This diabolically nasty malware locks up all of the victim’s personal files — and in some cases, backup files, too — with state-of-the-art encryption. The bad guys have the only decryption key and they demand $300 or two Bitcoins to get it.

“It’s been a disaster for many of the people hit with it,” said Lawrence Abrams who has been tracking the spread of this infection on BleepingComputer.com

Within the past few days, the criminal gang behind CryptoLocker created a site for victims who need help making their required extortion payments.

“These guys have some big cojones,” said security expert Brian Krebs, who writes the blog KrebsOnSecurity.

The CryptoLocker Decryption Service allows victims to check the status of their “order” (the ransom payment) and complete the transaction. I am not making this up!

Those who paid the ransom (with either Green Dot cards or Bitcoins), but did not get the decryption key — or got one that didn’t work — can download it again.

Those who missed the 72-hour deadline can also get their key, but the price jumps from two Bitcoins to 10. At today’s market value, that’s nearly $4,000. And Green Dot is not accepted with this extended-deadline service.

 

 

Full article over at today: http://www.today.com...tims-2D11586019



#66 AStaley

AStaley

    Neowinian

  • Tech Issues Solved: 4
  • Joined: 07-August 04
  • Location: United Kingdom
  • OS: Windows 8.1 Pro x64, OSX Mavericks, Elementary OS, Server 2008 R2/2012 R2, CentOS.
  • Phone: iPhone 4 (IOS7.1.1)

Posted 16 November 2013 - 09:41

I couldn't help but smile after reading the above, crooks with a sense of customer service.

#67 Star-Pirate

Star-Pirate

    Privateer

  • Tech Issues Solved: 1
  • Joined: 17-July 13
  • Location: Manchester, UK
  • OS: Windows 7 Ultimate

Posted 16 November 2013 - 10:19

The people that make virus's and Malware have now realised that there's serious money, to be made by infecting computers with this sort of stuff. So I think that were going to see a lot more of this type of crapware popping up, in the next few years.



#68 +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 16 November 2013 - 10:21

Hello,

Someone created a tool to decrypt right? That should be on the first page of the thread.

Also, I think this is front page news worthy.

#69 AStaley

AStaley

    Neowinian

  • Tech Issues Solved: 4
  • Joined: 07-August 04
  • Location: United Kingdom
  • OS: Windows 8.1 Pro x64, OSX Mavericks, Elementary OS, Server 2008 R2/2012 R2, CentOS.
  • Phone: iPhone 4 (IOS7.1.1)

Posted 16 November 2013 - 11:16

Hello,

Someone created a tool to decrypt right? That should be on the first page of the thread.

Also, I think this is front page news worthy.

 

I don't think that tool works with the latest versions of Cryptlocker which use much stronger encryption.