Posted on 06/20/2016 7:31:04 PM PDT by Swordmaker
Named RAA, the malware is disguised as a document and starts encrypting files immediately when opened.
One security expert said the approach was likely to fool many victims. "It's an interesting approach to ransomware," said Ken Munro of security company Pen Test Partners.
(Excerpt) Read more at bbc.com ...
“It starts encrypting files as soon as it is opened.”
One of a number of reasons I moved to Linux.
Windows should be trashed into the dustbin of history.
if you let it
Is Google protecting me?
You can disable Windows Script Host or modify the registry to require a .js attachment be double clicked before it can run.
That should prevent malware from being silently installed without user permission.
The company I work at has had several pc’s these past 3 months with ransomware. The caller loses all files as the pc is re-imaged.
In my building we have a network drive we can back up all files to which are backed up everyday. I have done this just in case. thos ein other field offices do not all have access. they need to these days.
Back up your files as your personal photos and other files either online or using an external drive then unplug the drive until the next back up.
The files could all be lost in an instant.
Article here on bleeping computer
easy to do
I created a “test.js” in a text editor to verify the fix worked and windows said it blocked it from running
no because it is jscript
you need to disable the windows script host
Good Lord. Thank you!
Bump for later
Thanks to Swordmaker for the ping!!
Windows Script Host is enabled by default in Windows.
Shut it down. If you do mistakenly open a .js attachment it can’t execute.
Ransomware authors are looking for new vulnerabilities to take a computer and its data hostage.
.js execution is ideal because an infected file doesn’t need user permission to run and antivirus or antimalware software usually doesn’t detect it.
Make it a habit not to allow unknown file extensions to execute in the first place.
Simple reg key fix. Took me all of two minutes, including a restart for “good luck”.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.