Posted on 11/10/2015 6:00:08 AM PST by Utilizer
The fourth version of the CryptoWall ransomware has landed in the wild, equipped with better evasion techniques and tactics to thwart antivirus protection and detection.
Ransomware attacks computers and encrypts user files and folders via infected email attachments, with attackers demanding ransom payments to unlock the scrambled documents.
Users are told to make the payment by a specific deadline or risk having the private key to unlock the files deleted.
The active CryptoWall ransomware spawned from CryptoLocker, which is thought to have extorted more than $3 million from victims before the botnet used to distribute it - Gameover Zeus - was taken down last year.
(Excerpt) Read more at itnews.com.au ...
TechRepublic also has some info in a related article;
http://www.techrepublic.com/article/cryptowall-what-it-is-and-how-to-protect-your-systems/
I want the people that create such programs to suffer a miserable, painful, humiliating death that takes years.
I want the people that create such programs to suffer a miserable, painful, humiliating death that takes years.
There are myriad prevention mechanisms, both computer-based and self-education, that can keep you from contracting this nastiness. Do a search for cryptolocker prevention and get educated.
If you are using the Professional version of Windows (7, 8, 10), you can edit either AppLocker or security policy settings to prevent applications from running in your appdata space. This restriction is VERY effective but can be a bit of a pain when installing some products that unload their installers to the appdata part of your local profile.
You’re much too nice. I would want worse.
As a software engineer I take what these {expletives} do personally. It is an insult to all us software types. I ever meet one of these guys, they had better hope and pray there are witnesses around. If there are not... What happens to them is going to violate the Geneva Convention. They had better have voice recognition on their computers, they are never typing again.
Wow, these b*stards should be nuked from orbit.
That's not nice - to the rest of us. It leaves them alive to create newer and better programs of this sort until the very end. Much better if they have an "accident" which cuts off their criminal behavior. Frankly, I'm surprised that no person or organization that's been victimized by this has, uh, taken care of business.
This is apparently the price people pay for not backing up their data.
I just purchased a new set of tires.
Thanks to ShadowAce for the Tech ping!!
Why should they have to die? Just have “large” gay men sodomize them for all eternity.
I’d like to see a one penny tax per email to fund an internet police force to track down such perps.
we blocked it at my work using a custom rule in Mcafee. We discovered all of the variants want to use the base appdata folder from the user’s logged in profile to execute. Well, usually no one programs their apps to execute just from the root directory they usually create a folder to run from. So we stop this thing by preventing .exe’s from running from that root \\users\user profile\appdata folder. Now, this isn’t an option for everyone as some apps with sloppy programming might get blocked but this does work.
Be sure to have a good backup that is not on line with the PC that can be infected.
Keep backups up to date.
Rebuild and restore is hit.
Do not pay these scum a dime.
These guys will help and you can save on another drive locally if you like:
http://www.code42.com/crashplan/
Free backup:
http://www.veeam.com/endpoint-backup-free.html
Creates an Boot ISO for restores.
Don’t get caught by these $#*!!-heads.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.