Page 1 of 2 12 LastLast
Results 1 to 20 of 29

Thread: Large Ransomware Attack Is Global

  1. #1
    Super Moderator
    enf's Avatar
    Join Date
    Jan 2008
    Location
    Canberra
    Age
    70
    Posts
    17,752
    Thanks
    16,817
    Thanked 34,961 Times in 9,058 Posts
    Rep Power
    13677
    Reputation
    644429

    Default Large Ransomware Attack Is Global

    ooops...

    The fact that there's a highway to hell and a stairway to heaven says a lot about the anticipated traffic flow.

  2. The Following 4 Users Say Thank You to enf For This Useful Post:

    cmangle (13-05-17),irritant (13-05-17),lsemmens (13-05-17),Uncle Fester (13-05-17)



Look Here ->
  • #2
    Senior Member
    Uncle Fester's Avatar
    Join Date
    Jan 2008
    Location
    Commonly found in a pantry or the bottom of a fridge, searching for grains, fermented or distilled
    Posts
    6,405
    Thanks
    2,289
    Thanked 4,414 Times in 2,517 Posts
    Rep Power
    2046
    Reputation
    81778

    Default

    This has been around for decades and hospitals are ideal targets:


    Which makes things dangerous because lifesaving medical hardware that is connected to vulnerable Windows systems could fail from such an
    attacks when their parameters/settings data has become compromised.

    Yet astonishing little is done to prevent it or catch the perpetrators, probably because of the small ransom fee.
    Bitcoin is fully trackable and with enough effort even bypassing VPN protection.

    A few things here:

    It is believed to have exploited a vulnerability purportedly identified for use
    by the US National Security Agency (NSA) and later leaked to the internet.

    Private security firms identified the ransomware as a new variant of "WannaCry"
    that had the ability to automatically spread across large networks by exploiting a known bug in Microsoft's Windows operating system.
    Why am I not surprised.
    I hope they don't start to use Windows for the fly by wire systems on Aircraft.
    ...ooops, we just locked the horizontal stabilser of your newest A380 at an attitude of 90˚ due to a Windows vunerabilty.
    Pay us now $300 ...no wait make that $300 million. You have got about 2 minutes.
    Last edited by Uncle Fester; 13-05-17 at 12:34 PM.
    Update: A deletion of features that work well and ain't broke but are deemed outdated in order to add things that are up to date and broken.
    Compatibility: A word soon to be deleted from our dictionaries as it is outdated.
    Humans: Entities that are not only outdated but broken... AI-self-learning-update-error...terminate...terminate...

  • The Following User Says Thank You to Uncle Fester For This Useful Post:

    cmangle (13-05-17)

  • #3
    Senior Member
    Philquad's Avatar
    Join Date
    Jan 2008
    Location
    nelson bay
    Age
    55
    Posts
    3,872
    Thanks
    192
    Thanked 1,305 Times in 783 Posts
    Rep Power
    665
    Reputation
    16938

    Default

    if you read into it, theres a patch that come out in march to prevent this



    so they say, ive seen 1st hand what these things do, its not pretty, worse is, even after decryption, your faced with the old encrypted files side by side with the fixed, 2x every files u had, windows & all.
    small people no biggy but imagine terrabytes of files being doubled, its a hell of a cleanup, i have 1 brainwave idea, use a renaming program (they work fast) rename a copy or backup of all your .docx .jpg .rar .excel ect & add a weird extension like .wtf to them
    i noticed this because when i copped it recently, it didnt touch any of my movies, no mkv or avi files?
    https://www.facebook.com/philquad68

  • #4
    Premium Member
    ol' boy's Avatar
    Join Date
    Jan 2008
    Posts
    17,662
    Thanks
    8,131
    Thanked 10,460 Times in 5,194 Posts
    Rep Power
    4471
    Reputation
    184272

    Default

    Saw the UK and Russia blowing about it late last night, Windows XP
    Last edited by ol' boy; 13-05-17 at 02:19 PM.
    If u want to go on an expedition get a Land Rover, if u want to come home from an expedition get a Landcruiser!

  • #5
    Premium Member
    hoe's Avatar
    Join Date
    Jan 2008
    Age
    60
    Posts
    6,367
    Thanks
    266
    Thanked 4,596 Times in 1,948 Posts
    Rep Power
    1820
    Reputation
    70528

    Default

    A lot of pos machines etc. use xp embedded.....

    Sent from my LON-L29 using Tapatalk

  • #6
    Banned

    Join Date
    Jan 2008
    Location
    Under the Boardwalk AC USA
    Posts
    2,119
    Thanks
    1,471
    Thanked 3,031 Times in 777 Posts
    Rep Power
    0
    Reputation
    54367

    Default

    So will this FINALLY motivate people to routinely do backups that are kept on non connected drives?

  • The Following User Says Thank You to cmangle For This Useful Post:

    irritant (13-05-17)

  • #7
    Premium Member
    SS Dave's Avatar
    Join Date
    Feb 2010
    Location
    North Canberra
    Age
    63
    Posts
    2,117
    Thanks
    5,296
    Thanked 7,917 Times in 1,280 Posts
    Rep Power
    3335
    Reputation
    154682

    Default

    So Excuse my ignorance is that going to be 300 per computer and does that mean each computer has a different unlock code or will the group that sent out the virus say jam it grab what cash they can and run and let each computer destroy the files.

    SS Dave
    Death smiles at everyone. Grumpy old men smile back.

  • #8
    Administrator
    mtv's Avatar
    Join Date
    Jan 2008
    Posts
    19,893
    Thanks
    7,508
    Thanked 15,066 Times in 6,761 Posts
    Rep Power
    5647
    Reputation
    239305

    Default

    Quote Originally Posted by cmangle View Post
    So will this FINALLY motivate people to routinely do backups that are kept on non connected drives?
    Maybe a few more will be prompted, but the majority who haven't bothered with all the other threats to date probably won't.

  • The Following User Says Thank You to mtv For This Useful Post:

    cmangle (15-05-17)

  • #9
    Senior Member
    Philquad's Avatar
    Join Date
    Jan 2008
    Location
    nelson bay
    Age
    55
    Posts
    3,872
    Thanks
    192
    Thanked 1,305 Times in 783 Posts
    Rep Power
    665
    Reputation
    16938

    Default

    Quote Originally Posted by SS Dave View Post
    So Excuse my ignorance is that going to be 300 per computer and does that mean each computer has a different unlock code or will the group that sent out the virus say jam it grab what cash they can and run and let each computer destroy the files.

    SS Dave
    i would guess its per machine, although its a different disease when my mechanic had cryptlocker it went through 2 computers on a network, but i was able to put all files on 1 before decryption, i then try the same decryptor tool on my machine with 1 of the files, no go. the 1 i got recently (stupidly) theres no decryption tool for, heres a sample i kept

    https://www.facebook.com/philquad68

  • #10
    Crazy Diamond
    Tiny's Avatar
    Join Date
    Dec 2010
    Location
    Tasmania
    Age
    64
    Posts
    6,391
    Thanks
    10,996
    Thanked 5,436 Times in 2,651 Posts
    Rep Power
    2156
    Reputation
    89057

    Default

    Phil guessed right 300 per PC.

    & now Malwarebytes is holding me to ransom by telling my I'm only protected if I have the paid for version, not the free one. lol.

    Dear ,

    A massive ransomware attack spread across the globe today, locking up thousands of hospital, telecommunications, and utilities systems in nearly 100 countries. The attack used data stolen from the NSA to exploit vulnerabilities in Microsoft Windows and deliver the WanaCrypt0r ransomware. The demand was for $300 per PC.
    While the ransomware was first detected wreaking havoc in emergency rooms and doctors' offices in the UK, the infection quickly spread worldwide, including to the US.
    We're alerting you to reassure you that if you're currently using the premium version (or the premium trial) of with real-time protection turned on, you are protected from this threat. Our premium technology blocks the WanaCrypt0r ransomware before it can encrypt your files. (The free version of Malwarebytes, however, does not protect you against WanaCrypt0r. To see which version you have, open up your Malwarebytes software and look for the version name at the top of the window.)
    If you're not currently using the premium version of Malwarebytes, we recommend that you update your Microsoft Windows software immediately. Microsoft released a patch for this vulnerability in March, but many users haven't updated, leaving their computers open to this attack.
    Here at Malwarebytes, we pledge to keep you protected and informed about the latest issues. Your peace of mind is our number one priority.
    Sincerely,
    The Malwarebytes team
    P.S. Learn more about this threat .
    Cheers, Tiny
    "You can lead a person to knowledge, but you can't make them think? If you're not part of the solution, you're part of the problem.
    The information is out there; you just have to let it in."

  • #11
    Premium Member
    ol' boy's Avatar
    Join Date
    Jan 2008
    Posts
    17,662
    Thanks
    8,131
    Thanked 10,460 Times in 5,194 Posts
    Rep Power
    4471
    Reputation
    184272

    Default

    Not sure if this is a coincidence or something more sinister
    But did anyone else get logged out of their Google/Gmail account and made to choose a new password yesterday?

    Happened to both myself and Mrs

    Never happened to me before ever

    Google said "Suspicious Activity".....
    I checked back through the IP address's that access my accounts and there was an IP change yesterday
    If u want to go on an expedition get a Land Rover, if u want to come home from an expedition get a Landcruiser!

  • #12
    Banned

    Join Date
    Jan 2008
    Posts
    2,783
    Thanks
    1,262
    Thanked 1,871 Times in 886 Posts
    Rep Power
    0
    Reputation
    27488

    Default

    Here is the newsletter i got from bitdefender who are working on a free decrypter followed on their facebook

    Don't worry about world's most advanced piece of ransomware. We've got your back!
    Bitdefender's advanced detection technologies have blocked WannaCry from the very beginning

    You might have already heard that a new family of ransomware called WannaCry has infected over 140,000 computers worldwide. This piece of ransomware is based on a zero-day exploit that helps it jump from one infected computer to another and encrypt all the information stored on it.

    We're writing to you to let you know that Bitdefender's advanced detection capabilities based on next-generation technologiess were able to intercept this threat since its emergence. As a Bitdefender customer, your information has been safe all the time.

    Here is a little background information about this new threat

    Unlike other ransomware families, the WannaCry strain does not spread via infected e-mails or infected links. Instead, it takes advantage of a security hole in most Windows versions to automatically execute itself on the victim PC. According to various reports, this attack avenue has been developed by the National Security Agency (NSA) in the US as a cyber-weapon and it was leaked to the public earlier in April along with other classified data allegedly stolen from the agency.

    Until now, a number of hospitals, telecom companies or gas and utilities plants have suffered massive disruptions caused by data being held at ransom.

    As this ongoing outbreak is affecting countless computer users around the world, we are actively working on a free decryption tool to help victims recover their information without paying the ransom. Make sure to follow us on Twitter and Facebook to be notified when it becomes available.


  • #13
    Senior Member
    Philquad's Avatar
    Join Date
    Jan 2008
    Location
    nelson bay
    Age
    55
    Posts
    3,872
    Thanks
    192
    Thanked 1,305 Times in 783 Posts
    Rep Power
    665
    Reputation
    16938

    Default

    good info, about the most exiting thats happened here lately, ive even resorted to playing with the kiddy-geeks at ocau

    1 thing puzzles me, if the so called ransomers only take bitcoins, why not ban\block bitcoin? no pay, no fun. and when i looked at paying this ransom in my 1st experience, i could buy the bitcoin from westpac, commbank ect

    is that a joke or am i misinformed?
    https://www.facebook.com/philquad68

  • #14
    LSemmens
    lsemmens's Avatar
    Join Date
    Dec 2011
    Location
    Rural South OZ
    Posts
    10,585
    Thanks
    11,867
    Thanked 7,061 Times in 3,338 Posts
    Rep Power
    3153
    Reputation
    132592

    Default

    Already been fixed
    I'm out of my mind, but feel free to leave a message...

  • #15
    Senior Member
    Uncle Fester's Avatar
    Join Date
    Jan 2008
    Location
    Commonly found in a pantry or the bottom of a fridge, searching for grains, fermented or distilled
    Posts
    6,405
    Thanks
    2,289
    Thanked 4,414 Times in 2,517 Posts
    Rep Power
    2046
    Reputation
    81778

    Default

    Quote Originally Posted by Philquad View Post
    why not ban\block bitcoin? no pay, no fun.
    You're kidding, right?

    You might as well try to block the entire internet

    As for using blockchains for money transfers this will eventually become the norm.
    It is more reliable, faster, cheaper and fully transparent.

    As I mentioned before with enough effort cracking the VPN barrier these guys are obviously using, they can be caught BECAUSE they are using bitcoin.
    They have busted drug websites in the past too.

    Just to give you an idea, every Bitcoin block has its full transaction history associated with it since it was created and that can be revealed through a block explorer by anyone.
    There are allegedly ways to wash them on so called exhanges, but that is superficial. FBI or whoever could still see the patterns.
    Last edited by Uncle Fester; 14-05-17 at 10:35 PM.
    Update: A deletion of features that work well and ain't broke but are deemed outdated in order to add things that are up to date and broken.
    Compatibility: A word soon to be deleted from our dictionaries as it is outdated.
    Humans: Entities that are not only outdated but broken... AI-self-learning-update-error...terminate...terminate...

  • #16
    Premium Member

    Join Date
    Sep 2013
    Posts
    363
    Thanks
    1,205
    Thanked 196 Times in 99 Posts
    Rep Power
    213
    Reputation
    3620

    Default

    Looks like the crims or whoever have not really made that much money from their ransomware efforts. Considering its a global attack and hundreds of thousands of computers were infected.

    Only about $US 20,000 has been paid in bitcoins to the perpetrators.

    Think this thing will be swishing around the net for some time to come.
    Last edited by Landytrack; 15-05-17 at 08:57 AM.

  • #17
    Senior Member
    Philquad's Avatar
    Join Date
    Jan 2008
    Location
    nelson bay
    Age
    55
    Posts
    3,872
    Thanks
    192
    Thanked 1,305 Times in 783 Posts
    Rep Power
    665
    Reputation
    16938

    Default

    they no hack me no more, i infected all my file 1st before they can



    https://www.facebook.com/philquad68

  • #18
    Administrator
    admin's Avatar
    Join Date
    Jan 2008
    Location
    Victoria
    Age
    56
    Posts
    31,150
    Thanks
    2,238
    Thanked 13,731 Times in 5,823 Posts
    Rep Power
    4552
    Reputation
    165805

    Default

    Its pretty simple how to avoid it and its not a case of "dont use windows"

    Its a case of stop using old unsupported operating systems and you wont have a problem.

    Windows XP came out in 2001, 16 years ago. Support for Windows XP ended on April 8, 2014, Microsoft advised well in advance that after this time there would not be support or security updates. As of November 2016, Windows XP desktop market share makes it the fourth most popular Windows version after Windows 7, Windows 10 and Windows 8.1. Astounding.

    Do people seriously think that Microsoft has to keep supporting every version for eternity ? Shit, you are doing well to get 5 years warranty on a car, they gave you 14 odd years on it.


    PS....Oceanboy, I would be a bit concerned.......no, I didnt get an email.

  • The Following 2 Users Say Thank You to admin For This Useful Post:

    ol' boy (15-05-17),Tiny (15-05-17)

  • #19
    Senior Member
    Uncle Fester's Avatar
    Join Date
    Jan 2008
    Location
    Commonly found in a pantry or the bottom of a fridge, searching for grains, fermented or distilled
    Posts
    6,405
    Thanks
    2,289
    Thanked 4,414 Times in 2,517 Posts
    Rep Power
    2046
    Reputation
    81778

    Default

    No, as long as Windows is the most targeted (practically only targeted) OS on an enduser PC (not talking about gadgets) you will ALWAYS have a problem.
    Keeping it updated reduces the risk but will never elimate it.

    ... and then we have notorious plugins like Flash that websites still force us to use, which is actually how these Ramsomware attacks work by tricking people into 'updating' their version for 'security' reasons but using a cloned site.
    Some of us here can identify that immediatly but there is only so much you can expect from an average computer user, who for example in a hospital, has a lot more to worry about than constant updates:

    Sorry our Windows 10 computers in the emergency department are just doing a forced automated update, please come back later in 3 hours if you are still alive.

    Ok that might have been a candiate for the joke thread, but it is all not that back and white as you think.

    Windows is still a botched OS if it constantly requires 'security' updates.
    There is no logic in using it if security is the main issue.
    Last edited by Uncle Fester; 15-05-17 at 06:07 PM.
    Update: A deletion of features that work well and ain't broke but are deemed outdated in order to add things that are up to date and broken.
    Compatibility: A word soon to be deleted from our dictionaries as it is outdated.
    Humans: Entities that are not only outdated but broken... AI-self-learning-update-error...terminate...terminate...

  • #20
    Premium Member
    hoe's Avatar
    Join Date
    Jan 2008
    Age
    60
    Posts
    6,367
    Thanks
    266
    Thanked 4,596 Times in 1,948 Posts
    Rep Power
    1820
    Reputation
    70528

    Default

    Err, Linux has pretty regular security updates too....
    The only reason it's not targeted is there is no money to be made hacking a free o/s.....
    Nerds and students have no ransom money......

    Sent from my LON-L29 using Tapatalk

  • The Following 5 Users Say Thank You to hoe For This Useful Post:

    irritant (15-05-17),Landytrack (16-05-17),lsemmens (15-05-17),SS Dave (15-05-17),Tiny (15-05-17)

  • Page 1 of 2 12 LastLast

    Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •