IMPORTANT PSA: RANSOMWARE WILL WRECK YOU [EDIT: MOSTLY]

Contra(dictory)

also I hang out here, I guess
Even if you aren't particularly tech-literate, I'll lay this out in the simplest manner possible for you. This is important information, no matter who you are or what sites you visit. If you're running Windows XP, Windows Vista, Windows 7 or even Windows 8, you are in danger.

First off, Ransomware is a form of malware that takes control of your computer and refuses to let you use it until you pay up, and the prices range from anywhere to a couple hundred to thousands of dollars. I highly doubt any of you are packing that kind of money, so listen up. If you follow these steps, you should be safe.

  • Make backups. Backing up your files may sound tedious- and it is- but if you don't have a functional backup when this happens, you'll have no choice but to pay up or, in the worst case, say goodbye to your files for good.
  • Install an antivirus. At the moment, Avast! and Malwarebytes Pro are the only known antivirus programs capable of preventing infection from the biggest ransomware yet, CryptoLocker.
  • For fuck's sake, don't open spam emails, don't use torrents from untrusted sites, and stay as far away as humanly possible from porn and "free" streaming sites.

This PSA was created because the newest bit of Ransomware, CryptoLocker, basically completely bricks your computer if you don't pay up. Other bits of Ransomware can be removed in Safe Mode or are easily avoided- this one is not. CryptoLocker works by encrypting your computer's files, rendering them unusable, and then demanding your payment within a short deadline. If you don't pay up in time, they throw away the key and nothing you can do will ever get those files back.

Create routine backups- weekly, preferably- so that even if you get hit by this, you won't lose everything.

Install either version of Avast or Malwarebytes Pro to ensure you're safe. So far, this can only be prevented. Once it begins, you are powerless.

This thing's spreading like the flu. Be careful, browse safe, and spread the word as much as you can to make sure your friends and family don't get hit by this.

Here's a Reddit thread that documents it better than I did. Be sure not to click any links in that thread- or any suspicious links, really- and stay tuned to see if anyone can find a solution to this fiasco.

Based Sora said:
Good news: relatively easy to remove!


Bad news: if you don't pay, your encrypted files are still lost.

I would still advise showing some caution, but as long as you backup your most important stuff on a regular basis, you should be fine.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

Dammit. Well, I am a user of Avast, so I should be safe for now, but I'll see if I can make a Back-up of important things.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

Make sure you do routine scans and you keep it updated. This is only the beginning- chances are once this dude gets enough money, he's gonna make something even worse.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

>Once it begins you are powerless

This is never the case. You may lose all of your data, but you are never powerless. You can wipe shit. At the very most, you could replace your HDD/SSD.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

i never actually found out how to make a backup image

so if you have any advice on how to back up my computer at all i'd be pretty grateful
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

Go and buy an external hard drive.

There are settings in windows that'll ask you if you want to set it up as a backup drive.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

ahahahaha

it takes over your computer and then encrypts your files?

that's incredibly nefarious and i'm surprised no one thought of this before

One trick that helps against most viruses is to not run your computer with an admin account. That way, even if a virus gets onto your computer, it won't have the admin privileges necessary to wreck stuff.

Of course, the most insidious viruses can get around this, but it might help.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

This isn't anything new, Ransomware has been around since at least the middle of the last decade.

It's just a recent instance being performed on an credibly large scale. However, I am of the belief that most users of this forum aren't at a high risk to contract this virus, but it doesn't hurt to be safe.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

Dr. Javelin said:
ahahahaha

it takes over your computer and then encrypts your files?

that's incredibly nefarious and i'm surprised no one thought of this before

One trick that helps against most viruses is to not run your computer with an admin account. That way, even if a virus gets onto your computer, it won't have the admin privileges necessary to wreck stuff.

Of course, the most insidious viruses can get around this, but it might help.

it can be contracted without admin access

also, it starts encrypting some time before you get the notice
I assume the notice shows when it's finished
when it's already too late
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

ah

well then, that is indeed a nefarious virus

impressive in its evilness
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

it displays Even Evil Has Standards though- a lot of ransomware stays locked up after you pay or just blows up your computer

this one actually leaves, decrypts your files, and even leaves behind a little thing that prevents reinfection
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

Good news: relatively easy to remove!


Bad news: if you don't pay, your encrypted files are still lost.

I would still advise showing some caution, but as long as you backup your most important stuff on a regular basis, you should be fine.
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

Based Sora said:
and even leaves behind a little thing that prevents reinfection
so why doesn't antivirus software copy that and put it on your computer to begin with
 
Re: IMPORTANT PSA: RANSOMWARE WILL WRECK YOU

because chances are, it's a backdoor that the guy could use later on

anyways, it's better to prevent it altogether, which Avast and MBPro are already doing
 
couldnt "a thing that prevents reinfection" also be digitally signed in a way that prevents it from being copied?

like im not huge on cryptography but if you took something like the disk identifier and encrypted it with the virus's private key, and stored it locally on the hard drive, you could use that to identify that disk as immune to reinfection without conferring that immunity onto any disk it was copied to. the decrypted disk identifier wouldn't match the hard drive's disk identifier, and the virus could detect that and know you were trying to fool it

i don't quite know if the disk identifier is really suitable for this (you CAN change it, although it's not that easy), but i'm sure there's some value somewhere in windows that is suitable, because microsoft needs the ability to stop you from just copying your whole hard drive and whatever paid software you have on it over to a friend's computer
 
Shoutmon said:
like im not huge on cryptography but if you took something like the disk identifier and encrypted it with the virus's private key, and stored it locally on the hard drive, you could use that to identify that disk as immune to reinfection without conferring that immunity onto any disk it was copied to. the decrypted disk identifier wouldn't match the hard drive's disk identifier, and the virus could detect that and know you were trying to fool it
I was thinking this too (though not specifically drive ID), bet they didn't make it that easy.
 
That's what bleepingcomputer.com is for :P
 
Back