Page 2 of 2 FirstFirst 12
Results 21 to 29 of 29

Thread: Large Ransomware Attack Is Global

  1. #21
    Administrator
    admin's Avatar
    Join Date
    Jan 2008
    Location
    Victoria
    Age
    56
    Posts
    31,150
    Thanks
    2,238
    Thanked 13,731 Times in 5,823 Posts
    Rep Power
    4552
    Reputation
    165805

    Default

    Quote Originally Posted by nomeat View Post
    No, as long as Windows is the most targeted (practically only targeted) OS on an enduser PC (not talking about gadgets) you will ALWAYS have a problem.
    Keeping it updated reduces the risk but will never elimate it.

    ... and then we have notorious plugins like Flash that websites still force us to use, which is actually how these Ramsomware attacks work by tricking people into 'updating' their version for 'security' reasons but using a cloned site.
    Some of us here can identify that immediatly but there is only so much you can expect from an average computer user, who for example in a hospital, has a lot more to worry about than constant updates:

    Sorry our Windows 10 computers in the emergency department are just doing a forced automated update, please come back later in 3 hours if you are still alive.

    Ok that might have been a candiate for the joke thread, but it is all not that back and white as you think.

    Windows is still a botched OS if it constantly requires 'security' updates.
    There is no logic in using it if security is the main issue.

    Sorry, but bullshit. Thats the sort of Linux fan replies that get wheeled out all the time.

    Why does Windows get targetted ? Its the most popular operating system in the world. Why doesn't Linux get targetted ? Basically no one uses it. See below :


    Desktop/Laptop operating system browsing statistics*


    Windows 7 38.89%
    Windows 10 29.96%
    macOS (all versions) 11.59%
    Windows 8.1 8.06%
    Windows XP 4.43%
    Windows 8 1.96%
    Unknown 1.74%
    Linux 1.68%
    Windows Vista 0.86%
    Chrome OS (Linux) 0.75%
    Windows 2003 0.06%
    Other 0.02%

    * Statcounter April 2017.

    So 84.22 percent of the Desktop/Laptop market V's Linux at 1.86 percent. Now I am pretty sure only a very very dumb hacker would target Linux for money.

    Keeping ANYTHING updated never totally eliminates risk. You are introducing impossible factors to the argument, your emergency department scenario is about as silly as it gets. You do know updates can be scheduled right ?

    At the end of the day, the problem was identified. Old outdated and unsupported operating system.

    Any recent Linux hacking problems ?





    And I am not searching hard here, on a per capita head of users Linux has just as many issues as Windows does. Probably more, as Linux users tend to hold on to older versions more than Windows users. Tell me, how are security updates for 16 year old Linux versions ?

    And just to add, this was not passed along on by websites using Flash tricking people in to updating anything., which you would struggle to find any sites that use it these days. It was deployed via a worm through a network of computers rather than relying on humans to click on a spam mail or infected attachment.



  • #22
    Premium Member

    Join Date
    Jan 2008
    Posts
    4,311
    Thanks
    5,982
    Thanked 4,171 Times in 1,771 Posts
    Rep Power
    1348
    Reputation
    50392

    Default

    Microsoft have come to the fore and released updated security patches for their operating systems going back to and including Windows XP.

    Customer Guidance for WannaCrypt attacks

    Microsoft solution available to protect additional products

    Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. This blog spells out the steps every individual and business should take to stay protected. Additionally, we are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today.

    For additional information and links to patches see .

  • The Following 3 Users Say Thank You to tristen For This Useful Post:

    Landytrack (17-05-17),lsemmens (16-05-17),Uncle Fester (15-05-17)

  • #23
    Senior Member
    Uncle Fester's Avatar
    Join Date
    Jan 2008
    Location
    Commonly found in a pantry or the bottom of a fridge, searching for grains, fermented or distilled
    Posts
    6,405
    Thanks
    2,289
    Thanked 4,414 Times in 2,517 Posts
    Rep Power
    2046
    Reputation
    81778

    Default

    Quote Originally Posted by admin View Post
    Sorry, but bullshit. Thats the sort of Linux fan replies that get wheeled out all the time.

    Why does Windows get targetted ? Its the most popular operating system in the world. Why doesn't Linux get targetted ? Basically no one uses it.
    I am fully aware of that and even that fact alone is why it would make more sense to use it with security in mind.

    I didn't want to turn this into a Linux fan contra Windows fan topic but you are now really asking for it
    I am not a fan of anything but computers and I use Linux/MacOSX/Windows about equally.


    Any recent Linux hacking problems ?




    If you would have actually taken the time to read your links rather than displaying your total ignorance you might have noticed :
    First link:
    Today, Canonical announces that the Ubuntu forums have been hacked. Keep in mind, this does not mean that the operating system has experienced a vulnerability or weakness.
    Second link:
    Hackers believed to have accessed the underlying server via the team's WordPress blog and then got shell access to www-data.
    Again this was a website attack not a vunerablity in the operating system.

    Third link:

    Austin managed to steal the credentials of one of the Linux server admins and used these to install the Phalanx malware
    What the f--k has stealing somebody's password to access one single computer got to do with a vulnerablity in the operating system ?
    But it is a good example to show how hard it is to actually install malicious software.

    There is no path to freely allow the propagation of a Virus through the public. A virus that can't spread has no use for hackers.
    Linux people don't click on the shiny green download buttons because nothing will happen.
    Any software outside of the repositories usually needs to be compiled from source code which is open for anybody to see if it contains something malicious.
    If there is something precompiled available for a distro it will most likely not work on another, often not even on a different version number.
    You might be able to hack an individual machine but that is it.
    You can even make you own Linux version. Then you must be extremely important for a hacker to waste all his time just for you


    Quote Originally Posted by admin View Post
    And I am not searching hard here, on a per capita head of users Linux has just as many issues as Windows does. Probably more, as Linux users tend to hold on to older versions more than Windows users. Tell me, how are security updates for 16 year old Linux versions ?
    Now that really is just utter bullshit!
    Also nobody uses 16 year old Linux versions.
    Ubuntu is ugraded twice a year and I just installed the latest version 17.04
    Archlinux gets upgrades every month, if you want.
    The difference is that it is and has always been cost free.
    I get to chose when I upgrade.
    Notice that I say upgrade not update as the user experience is always improved, it is not just security.
    I am absolutly not worried about that.
    Last edited by Uncle Fester; 15-05-17 at 09:48 PM.
    Update: A deletion of features that work well and ain't broke but are deemed outdated in order to add things that are up to date and broken.
    Compatibility: A word soon to be deleted from our dictionaries as it is outdated.
    Humans: Entities that are not only outdated but broken... AI-self-learning-update-error...terminate...terminate...

  • #24
    Senior Member
    irritant's Avatar
    Join Date
    Nov 2014
    Posts
    1,684
    Thanks
    5,055
    Thanked 3,664 Times in 831 Posts
    Rep Power
    1636
    Reputation
    73270

    Default

    Sorry for the silly question guys, but I'm a bit confused.

    Does one actually have to click on some button in a website or click a link in an email in order to get this on your PC? Or can one get it simply because one is connected to the internet?

    If the latter, that's scary.
    True freedom is the greatest gift a man can possess, yet is the one thing most easily and innocently given away, to crafty curses and binds cleverly disguised as blessings and gifts, in the pursuit of supposed achievement, status and power.

  • #25
    Senior Member
    Uncle Fester's Avatar
    Join Date
    Jan 2008
    Location
    Commonly found in a pantry or the bottom of a fridge, searching for grains, fermented or distilled
    Posts
    6,405
    Thanks
    2,289
    Thanked 4,414 Times in 2,517 Posts
    Rep Power
    2046
    Reputation
    81778

    Default


    That was only this one that seemed to be mainly targeted at corporate clients using email links.

    There are 100's of thousands of ransomware trojans and yes you would need to click on something to install it. That does not have to be online. A file you received from a USB stick could carry the trojan too.

    It can also be a link for a 'security' update for something on your system which makes it paticularly dangerous like fake Flash updates.
    Sometimes they warn you that there is something wrong with your system and you need to 'click HERE' to fix it but there are heaps of better phishing tricks.
    Always hover over any link before you use it, look in the status bar and verify that it is legit.

    Ransomeware can encrypt your cloud too, everything you are networked too.
    Back up your vitals on physical storage and keep it safely away disconnected from everything, hopefully before you got the trojan.
    If I were a really evil hacker I would create a trojan the excutes encryption weeks later after it was installed and people have already backed it up.
    Kind of like every file is infected with self encrypting timebomb.

    All the malware protection companies and Windows then wouldn't know about it until it is too late.

    Don't worry I can't code beyond BASIC and some Assembler for microcontrollers.
    Last edited by Uncle Fester; 16-05-17 at 01:26 AM.
    Update: A deletion of features that work well and ain't broke but are deemed outdated in order to add things that are up to date and broken.
    Compatibility: A word soon to be deleted from our dictionaries as it is outdated.
    Humans: Entities that are not only outdated but broken... AI-self-learning-update-error...terminate...terminate...

  • The Following 3 Users Say Thank You to Uncle Fester For This Useful Post:

    irritant (16-05-17),Landytrack (17-05-17),tristen (16-05-17)

  • #26
    Premium Member

    Join Date
    Sep 2013
    Posts
    363
    Thanks
    1,205
    Thanked 196 Times in 99 Posts
    Rep Power
    213
    Reputation
    3620

    Default

    Geez you would not want to be in a household of "Internet of Things" where your washing machine, toaster, refridgerator, air conditioner, TV and sound system and all the rest are all internet linked.

    Then get a ransome ware message on all the devices demanding $300 (or whatever) per device before anything would work again.

    What an unbelieveable mess some people would be in.

    Blackmailed into forking up or the whole world you live in just crashes into a heap of total nothingness.
    Last edited by Landytrack; 16-05-17 at 11:36 AM.

  • The Following User Says Thank You to Landytrack For This Useful Post:

    irritant (16-05-17)

  • #27
    Senior Member
    Philquad's Avatar
    Join Date
    Jan 2008
    Location
    nelson bay
    Age
    55
    Posts
    3,872
    Thanks
    192
    Thanked 1,305 Times in 783 Posts
    Rep Power
    665
    Reputation
    16938

    Default

    Quote Originally Posted by AdrianR View Post
    Sorry for the silly question guys, but I'm a bit confused.

    Does one actually have to click on some button in a website or click a link in an email in order to get this on your PC? Or can one get it simply because one is connected to the internet?

    If the latter, that's scary.
    last year agl electricity had a bad case of fake bill emails with a link to pay your overdue bill (idiots dont bother to check the amounts) then the website had a link to a zip file & a text file in that, that runs the cryptolocker script, so yea you got to be stupid 3 times

    another lately simply had a "install this font" on a infected website, that would run a ransomware script too, so yea theres different methods
    https://www.facebook.com/philquad68

  • The Following User Says Thank You to Philquad For This Useful Post:

    irritant (16-05-17)

  • #28
    Senior Member
    irritant's Avatar
    Join Date
    Nov 2014
    Posts
    1,684
    Thanks
    5,055
    Thanked 3,664 Times in 831 Posts
    Rep Power
    1636
    Reputation
    73270

    Default

    Quote Originally Posted by Landytrack View Post
    Geez you would not want to be in a household of "Internet of Things" where your washing machine, toaster, refridgerator, air conditioner, TV and sound system and all the rest are all internet linked.
    I heard somewhere once that Bill Gates' house inside (all his appliances, rooms (i.e. doors, access, temperature/climate control)) was genuinely run by a special type of Windows-based OS or something like that.

    Imagine you're bursting and you can't get into your own sh*thouse before paying a ransom, LOL.

  • The Following User Says Thank You to irritant For This Useful Post:

    Landytrack (17-05-17)

  • #29
    LSemmens
    lsemmens's Avatar
    Join Date
    Dec 2011
    Location
    Rural South OZ
    Posts
    10,585
    Thanks
    11,868
    Thanked 7,061 Times in 3,338 Posts
    Rep Power
    3153
    Reputation
    132592

    Default

    The beauty of Open Source products like Linux is the fact that any security holes are rapidly found and fixed. because everyone is responsible for development, not just a department working for a few bucks.
    I'm out of my mind, but feel free to leave a message...

  • Page 2 of 2 FirstFirst 12

    Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •