Thread replies: 61
Thread images: 7
Thread images: 7
Anonymous
WINDOWS SERVER AFFECTED WITH DXXD RAMSOMWARE, SHOWS LEGAL NOTICE AT LOGIN 2016-10-29 21:13:19 Post No. 57299207
[Report] Image search: [Google]
WINDOWS SERVER AFFECTED WITH DXXD RAMSOMWARE, SHOWS LEGAL NOTICE AT LOGIN 2016-10-29 21:13:19 Post No. 57299207
[Report] Image search: [Google]
File: legal-notice.png (242KB, 1191x834px) Image search:
[Google]
242KB, 1191x834px
WINDOWS SERVER AFFECTED WITH DXXD RAMSOMWARE, SHOWS LEGAL NOTICE AT LOGIN
Anonymous
2016-10-29 21:13:19
Post No. 57299207
[Report]
Ransom note is shown by configuring the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption and HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText Registry values. Once these settings are configured, if a user tries to login to the computer, this message will be shown before a user sees the login prompt.
>Researchers are currently analyzing the sample and looking for weaknesses. If one can be found, a decryptor will be released for free. Therefore, if anyone is affected by the DXXD Ransomware, do not pay the ransom.
Instead, please register an account and reply to the DXXD Help and Support topic so that you will be notified if a decryptor is released.
Affected registry:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption "Microsoft Windows Security Center. Dear Administrator, Your server hacked. For more informations and recommendations, write to our experts by e-mail: [email protected] or [email protected]"
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText "When you start Windows, Windows Defender works to help protect your PC by scanning for malicious or unwanted software."
>the ransomware developer is hacking into servers using Remote Desktop Services and brute forcing passwords. If you have been affected by the DXXD Ransomware, you should reset all the passwords for the affected machine.
http://www.bleepingcomputer.com/news/security/the-dxxd-ransomware-displays-legal-notice-before-users-login/
IT'S OVER LADS
MICROSOFT WILL DIE IN YOUR LIFETIME
>>
>>57299207
>MICROSOFT WILL DIE IN YOUR LIFETIME
i wish
>>
it just keeps getting shittier and shitter, why did microsoft go full fucking commie. Can anyone tell me why or how. Why do they think this will increase business everyone will just flock to apple or linux.
>>
>>57299207
>hacking into servers using Remote Desktop Services and brute forcing passwords.
If my idea was to use admin/password as login details on my linux server it be owned in less than 5 minutes by chinamen running "bruteforcers".
>>
>>57299314
>what is fail2ban
>what is SSHguard
>what is SSH keys
>>>/v/
>>
>>57299225
nah, microsoft wont, but windows will
>>
>>57299249
>full fucking commie
The fuck are you talking about
>>
File: 1477034343328s.jpg (4KB, 250x234px) Image search:
[Google]
4KB, 250x234px
>>57299207
MFW faggots on /g/ told me I'm an idiot for shitting on Windows Server Users. Who's laughin now?
>>
>>57299207
>the ransomware developer is hacking into servers using Remote Desktop Services and brute forcing passwords.
If an administrator leaves RDP open they deserve what they get.
>>
File: 1475785654831.jpg (435KB, 1177x2676px) Image search:
[Google]
435KB, 1177x2676px
>>57299362
It's just some unpaid shills
>>
>>57299383
if an administrator leaves password login enabled they deserve it
>>
>>57299356
what do you mean, they are becoming like china the os, watch everything read everything and malware everywhere. Now ransomwear. Its insane, microsoft didnt do this shit back then in xp or vista.
>>
Jesus FUCK what are those pajeets doing
>>
>>57299386
>Gaming console 23%
Thought they did better than that.
>>
>>57299436
designating
>>
>>57299338
Yes I use them all on my linux server. Your point is that you feel for some vidya games?
>>
>>57299338
>what is reading comprehension
>>
>>57299356
When capitalism backfires capitalists call it communism.
>>
>>57299466
ebic buzzphrases
>>
>exposed Windows Servers
Sysadmin pajeet deserves what he gets
>>
File: 1477083942020.png (208KB, 5000x5000px) Image search:
[Google]
208KB, 5000x5000px
>windows
>security
>>
>>57299480
backpedal harder faggot
>>
>>57299846
Shut the fuck up illiterate idiot
>>
>>57299412
If the admin doesn't have an account lockout set after 3-7 incorrect login attempts they deserve what they get. Brute forcing a password should not be possible.
>>
>>57299207
DESIGNATED HACKING OPERATING SYSTEM
>>
>>57299207
DUDE CAPS LOCK LMAO
>>
>>57299207
Just restore from backups
>>
>>57300662
This. A server getting hijacked like this should be a "oh, that's mildly annoying, guess I have to take 2 hours and rebuild" scenario.
Still, shouldn't have been possible in the first place if they had a decent AD security policy in place.
>>
>>57299249
I'm definitely interested in another OS. I'm so tired of Windows STD.
>>
>>57300580
This lol
>>
>>57300662
Someone stupid enough to use Windows Server and a shitty password that can be bruteforced fast obviously won't have any backups at all.
>>
>>57300662
>Just restore from backups
What are those?
>>
WAIT SO AN ADMINISTRATOR CAN MAKE WINDOWS SERVER DISPLAY A MESSAGE?
YOU CAN EVEN PUT REGISTRY KEYS IN .REG FILES AND ATTACH THEM TO MAILS???
THANKS /g/ FOR THIS SCOOP!
>>
The Apple MacBook Pro with Retina Display doesn't have this problem.
>>
>>57302485
The Dell XPS 13 Developer Edition with InfinityEdge Display doesn't have this problem either.
>>
File: 1266126008249.jpg (68KB, 305x196px) Image search:
[Google]
68KB, 305x196px
>>57302163
>if you use windows server you are dumb
>>
What kind of vector would be needed for this, an infected workstation on the same domain as the server? I cannot see it working any other way. Surely no one is dumb enough to nat an rdp connection through their firewall directly to the server
>>
>>57300662
This
>Oh no ransomware
>Sorry everyone server will be down for an hour while we roll the vm back to last nights snapshot
>>
>>57299207
it makes me laugh that RDP literally fails instantly on password fail.
what kind of shitshow incompetence is that anyhow?
wow google, I'm glad your shitty captcha is not responsive.
>>
>>57302485
Right, because it's users can barely log into Facebook, let alone, maintain a server.
>>
>>57302597
But anon RDP doesn't immediately fail it takes several incorrect attempts before the rdp connection kills itself
>>
>>57302526
>and a shitty password
Learn to read
>>
What a shitty OS, but what do expect? It's written and maintained by minimum wage Indians.
>>
>>57299383
Some servers only exist as RDS hosts .....
>>
File: Selection_613.png (18KB, 433x179px) Image search:
[Google]
18KB, 433x179px
>>57299846
>>57300538
>>
>>57302997
Yeah and they're hosted through something like sonicwall or citrix negotiation which stops bruteforcing attempts
>>
>>57299207
> XD
gb2reddit, faggot.
>>
>>57299207
>TRUSTING POOJEET OS
>>
>>57302607
huh? I thought modern RDP required valid creds before it actually rendered anything.
netauth or whatever bullshit rdp extension is called.
>>
>2007 will be the year of Linux
>2008 will be the year of Linux
>2009 will be the year of Linux
>2010 will be the year of Linux
>2011 will be the year of Linux
>2012 will be the year of Linux
>2013 will be the year of Linux
>2014 will be the year of Linux
>2015 will be the year of Linux
>2016 isn't over lads, it may be the year of Linux
>>
>>57303098
But anon, I have Linux installed on everything, including my toaster! I'm freee!!!!!
>>
>>57303098
>2008 will be the year of Linux
Linux saw version 1.0 of Wine, aiming to let you run all your normal software even if you use a niche OS like Linux
>2011 will be the year of Linux
Linux got double digit market share
>2012 will be the year of Linux
Microsoft started offering Linux hosting.
>2013 will be the year of Linux
Linux reached one billion installs
>2014 will be the year of Linux
Linux reached one billion active users
>2015 will be the year of Linux
Linux laptops outsold MacOS. About half of the best selling laptops ran Linux.
>2016 isn't over lads, it may be the year of Linux
Microsoft released WSL, aiming to let you run all your normal software, even if you run a niche OS like Windows
>>
File: 1475878223136.jpg (12KB, 225x225px) Image search:
[Google]
12KB, 225x225px
>>57303098
It has already been the years of linux. Servers, android, routers are things. And more and more people are installing GNU/Linux on their desktops, with Windows 7 losing support in 2020, forced installations of NSA/Windows 10, macOS being tied to a hilariously bad platform, BSD never even a viable option, and better and better driver support for le gaymin GPUs and everything else in Linux. I have debian on my X220, T520, and Lubuntu on my T43, and there has been literally no issues.
>>
>>57303010
i Know rite it alweys Annoys Me which poeple screww ub graMmr
>>
>>57303254
>even if you run a niche OS like Windows
kek
>>
>>57299207
Nice, the fuckers are using Tutanota
>>
>>57299474
This
>>
>>57299207
HOW POOTELLA WILL EVEN DEFECATE
>>
>>57302538
Actually
https://www.youtube.com/watch?v=hMtu7vV_HmY
>>
>>57299351
>tfw no matter what they shit on the users' plate most of them will eat it anyway. Arm desktop may change this.
>>
>>57299207
>brute forcing passwords
nothing to worry about
Thread posts: 61
Thread images: 7
Thread images: 7