Thread replies: 89
Thread images: 10
Thread images: 10
File: images.jpg (57KB, 378x389px) Image search:
[Google]
57KB, 378x389px
What's the deal with ransomware? Is it new or have the media just caught on?
>>
my brother's computer had ransomware a few years ago. he got it through torrents. easy as pie to remove. it was almost laughable.
>>
File: indian-programming.png (55KB, 600x450px) Image search:
[Google]
55KB, 600x450px
>>60425840
oh, and whoever wrote that ransomware was a f'ing idiot - claimed to be the police. here's a screenshot.
>>
Hahaha another example of how shitty the media is. Seems like all these "hacked computers" is just some Nigerian prince teir scam
>>
>>60425796
Been around a while, but until "anonymous" payment methods like BitCoin came around, it didn't really catch on much.
>>60425859
It's not actually that stupid. Some people might be more willing to pay up if it appears to be a police fine, and people who would pay up anyway are unlikely to say "hang on, this can't actually be the police, I'm not gonna pay up then".
>>
>>60425796
became popular in 2015, the doubled in 16. Still growing.
>>
>>60425796
Crypto variants have been around for years. The only reason the media jumped on this hype train is because it spread so fast, and some pretty high profile organisations were hit by it.
Then there was the 'accidental hero' of one guy who initially unknowingly stopped the spread of the first iteration of the worm.
Gives plenty of virtual signalling hipster "journalists" the opportunity to shit over Microsoft and say "it wouldn't have happened to Apple!", all while not understanding technology and it's role in each of the affected industries.
>>
Yeah I guess a lot of people who get scammed are not very comp savvy
>>
I became a victim to Sage 2.2 yesterday. I know 4chan is often steps ahead of the rest of the world, so I'm desperately wondering if someone here knows how to decrypt. I've got some very important stuff on my computer that got encrypted...
>>
>>60426032
Air gapped backups, turd.
>>
>>60426032
How'd you manage that? How much are they asking to get it decrypted?
>>
>>60426055
Doesn't really help me now when the damage is already done.
>>
>>60426072
Adobe Flash Player wanted to update, so I downloaded the update. I think that was it.
In other words, I got tricked.
>>
>>60426072
I haven't even bothered looking how much they want. I'm not gonna pay them as they probably won't give me back my files. Other victims say they are asking for $2000
>>
>>60425796
The latter. Ransomware has been around for a few years now. The positive we can draw from these attacks is that people are becoming more aware of the threat and hopefully do things to prevent their spread.
My concern is ransomware hitting other things like critical infrastructure (the hospitals count for this desu).
>>
>>60426112
It has already hit hospitals and factories
>>
>>60426032
why dont you have backups?
>>
>>60426139
Because I'm stupid. I've always been so careful and have never been hit by anything like this. This was a wake up call. I'll back up everything important from now on.
>>
How do virusus like these spread?
>>
fake news, and that red screen you see is disgusting ps
>>
>>60426178
The same way all viruses spread.
>>
>>60426178
This particular one spread using a worm which exploited a vulnerability in Microsoft's implementation of SMBv1. All it needed was a network connection, and it scanned for other hosts with port 445 open that were capable of SMBv1. When it found a target, it executed the vulnerability and installed crypto on the target system, then repeated the process
>>
>>60426178
In my case I think it was concealed as either a Adobe Flash Player update or a font for Chrome. The first signs of suspicion appeared when I was entering a trustworthy site (I still trust the site because I could view it without problem from my phone) and Chrome told me I needed a font or something to view the page.
I can't remember downloading anything else around the time I was hit.
>>
>>60426178
>>60426249
Sorry, when I say 'this particular one' I am referring to the recent WannaCry incident
>>
My news station states that it was an attack from North Korea.
Does this even make sense? People in NK don't even have internet. Also why would NK government want shekels from random people? Is it that poor?
>>
>>60426280
Probably fake news
>>
>>60425796
Ransomware been here for at least 15 years. The media didn't caught on, as they know litterally shit-they report "ransomware" as something new, while-what is new here-was that the exploit itself was a cyberweapon used by USA military (eternalblue) to hack anyone that was leaked last month and then incorporated into ransomware.
>>
>>60426178
By baiting you into running the malware executable. Vulnerability exploits are surprisingly rare.
>>
>>60425859
That's the ukash man,this brings memories. I got infected with one of it's earliest versions when i started watching porn, I literally shit my panys
>>
>>60426280
The media has conveniently left out the fact that last month Wikileaks dropped a leak about the CIA cyber capability, including a project named "Marble" which was used to scramble malware and make it appear it came from a foreign state. In the documentation you can see their capability to change things to Russian, Chinese, Arabic, Farsi and... Korean.
https://wikileaks.org/ciav7p1/cms/page_14588467.html
>>
>>60426173
Stupid enough to don't make backups->pay
>>
>>60426357
Thank you for your support.
>>
>>60425796
My PC was blocked by ransomware 10 years ago. It didn't encrypt anything but just blocked UI interaction. It attacked when browsing pornhub or some other well know porn website.
This was the last time I installed flash. Never happened again.
>>
>>60426096
>Adobe Flash Player wanted to update, so I downloaded the update. I think that was it.
How the fuck does this happen? Did the binary itself request an update? Did you download a random thing from the Internet? Please explain.
>>
>>60426565
He says he has Flash installed and you really need more explanation? Are you some kind of vegetable?
>>
>>60426335
They were covering year0 leaks but not anything afterwards.
Normies don't even care about CIA spying them 24/7.
>>
>>60426589
Yes, I'm looking for details
Here's your attention, pathetic retard
>>
>>60426565
I honestly don't know how. I didn't really download anything random. I was chatting with a vegan girl on Facebook about b12 and she sent me a link to a page about it. Chrome said it couldn't show me the page because the font wasn't installed, so I clicked yes to get directed to download the font. After that Chrome also wanted to download the Adobe Flash Player update. I got suspicious and went to Adobes homepage instead not to download from that vegan page. Still when I had downloaded the update file (from Adobe) the desktop backgrounds turned black with green text and a computer voice telling me "this is not a test" etc.
>>
>>60426565
Most likely a Flash object made a popup saying it needed to update Flash so he clicked okay and it downloaded an infected installer rather than getting direct from the Adobe website.
>>
>>60426753
>his version of Flash was too old to be exploited so it made him download a new version
>>
>>60426280
Not it was North Korea, but they have a significant Cyber Division, and they often do contracts with Chinese crackers.
Yes NK is that poor, it wouldn't surprise me if you could hire the NK Cyber Division, as their embassies sells drugs.
>>
>>60426753
>vegan girl
There's your problem.
>>
File: IMG_0020.jpg (102KB, 1024x722px) Image search:
[Google]
102KB, 1024x722px
>>60425859
has been used to illegal information software
>>
>>60426887
I was just waiting for that comment ;P
>>
>>60426753
link to webpage?
>>
>>60426965
The vegan one?
>>
This is one of the suspected messages
>>
>>60427011
yeah
>>
>>60427085
http://veganutmaningen.se/2016/11/02/grundlaggande-naringslara-del-3-b12-och-d-vitamin/
>>
>>60426753
scifi
>>
Well... shame on me
>>
>>60427095
>.se
Found your other problem.
>>
can i infect the local isp i i run the virus in my own lan
>>
>>60427155
Yes, do it and post results for the lulz
>>
>>60427226
i have two isp in my home but one i use only for phone wireless
and also my neighbors use the same isp with me.
Can i infect their pc?
>>
>>60427291
Yes it's theoretically possible, if you have two computers you should run it on both ISP connections, just to be sure
>>
>>60427322
so i have to make a lan at least with 2 pc and basically everyone that it is nearby me on the same isp with me is going to be infected or it will be expanded all over the isp?
>>
>>60427384
It will start with only people near you, then it will continue on the ISP.
You can do it with 2 or more PCs on the LAN, but the more PCs you have the faster it will work
>>
>>60425796
So far ransomware has relied almost entirely on phishing attacks, which means only idiots would get it.
WannaCrypt was the first ransomware spread through a worm. Just wait until somebody finds a remotely exploitable bug in iME and we get bios-level cross-platform ransomware that spreads automatically through the internet.
>>
>>60427418
i am going to do this just for fun i will see the results afterwards
>>
File: R14kkDj.png (13KB, 657x527px) Image search:
[Google]
13KB, 657x527px
Dumbass here, is there any way to put a lock on everything my PC downloads for a while?
Like to stop every single update request that any program would require. I only ever browse 4chan, watch anime and play games so I never bothered getting an anti-virus, and now I'm getting a bit scared. What methods does ransomware spread through anyway?
>>
>>60427529
firewall and antivirus
>>60427529
>What methods does ransomware spread through anyway?
like any other virus = anything exploitable you idiot
>>
>>60427529
see
>>60426249 and >>60427464
in regards to stopping updates, that's a bad idea. continue to update your programs, but only run executable files which you can confirm where they came from.
>>
File: 1460623005667.png (37KB, 1127x685px) Image search:
[Google]
37KB, 1127x685px
>>60427569
>anything exploitable you idiot
Yeah but what does exploitable mean in computer terms?
>>
>>60426753
Wow, you are not that good with computers, are you
>To proceed, open your download folder and locate the Adobe Flash Player installer file, for example "flashplayer[xxxx]_[xx]_install.exe."
>"flashplayer[xxxx]_[xx]_install.exe."
>Install.exe
you dum-dum
>>
>>60427590
an exploit essentially means there's a bug in a computer program, which can be used in an unintended or malicious manner
you can never be 100% protected, but you can make good decisions like regularly running updates, having a good anti-virus software, and not downloading and running things which you don't know where they came from or what they are, especially .exe files
>>
>>60427614
Not really that good no. I usually click the "open when ready" thing. I'll be more careful in the future.
I still need to have my stuff decrypted though.
>>
>>60425796
Ransomware is decades old. Dates back to the 80s. It only just recently caught on because bad guys found out its more lucrative to encrypt the files of really fucking stupid users, rather than to bot them out, and sell the bots to the highest bidder.
>>
>>60425889
Yeah except all your files are now unaccessible because they were encrypted with an unbreakable algorithm
>>
>>60425796
Different forms of ransomeware have been around forever. I remember back in 2002-3 getting the fbi popular that wouldn't go away and thinking about the possibility of never seeing my files again, idk if there were any that encrypted your junk though.
>>
File: 1438779059563.jpg (27KB, 620x400px) Image search:
[Google]
27KB, 620x400px
>>60425796
> Is it new or have the media just caught on?
for fucks sake
how is this a technology board, no one seems to know anything about tech related stuff anyway
might as well change this shitty board name to /consumer electronics/
>>
>>60427529
Don't be an idiot. Update your software moron. This ransomeware uses two nsa hoarded vulnerabilities to spread, and there only needs to be one computer on your local network that has been infected for it to spread to any other uncoated computers.
>>
>>60426096
>In other words, I got tricked
Viruses these days don't even announce themself!
>>
>>60427985
I haven't been hit by a virus in like 5 years, especially not this harmful. What anti-virus does /g recommend. MSE was obviously not enough :/
>>
>>60428012
Paid, I use ESET
Free probably FortiClient
>>
>>60425859
>IF you use a webcam, they were saved
Can't even into
also upside down quotation marks
>>
>>60427952
>shithead on /b/, /v/, /whatever/ sees something tech related
>clicks on the 'g' button
>posts shithead question
>>
>>60427952
I came here to basically post this.
>>
File: 1494916244900.jpg (81KB, 475x346px) Image search:
[Google]
81KB, 475x346px
hella old hella easy.
but most 98% installed by an employee.
look at the ones who went on vacation then the virus started , they will usually make sure to be gone while you freak out.
>>
>>60428038
I don't know very well those 2, but if they behave like common AV (default policy: allow), use Comodo, it's free.
>>
>>60428214
If you think the common/default AV policy is allow, I pity your lack of exposure to real security products
>>
>>60426753
So it's actually the font link, not the Adobe flash update isn't it?
>>
File: Untitled.png (922KB, 1680x1050px) Image search:
[Google]
922KB, 1680x1050px
>>60427095
i tried with a fresh VM with W8.1, using IE and looks ok to me...only one image dont show up, but thats pretty normal.
About flash and font stuff, the browser and the site, it didnt show/trigger anything...
>>
>>60427976
But I got Windows7 with not a single update because I don't want Papa Microsoft looking at me.
>>
>>60428252
Since when AVs don't block anything but files known as malware?
>>
>>60426753
>Chrome said it couldn't show me the page because the font wasn't installed, so I clicked yes
You're retarded
>>
>>60430930
>He must state the obvious
You're retarded.
>>
>>60425796
only retards will get it. just dont be a retard.
>>
>>60425859
A friend of mine got such thing. It was fuckinh hilarious.
Thread posts: 89
Thread images: 10
Thread images: 10