Posted on 06/28/2017 9:51:49 PM PDT by TigerLikesRooster
Tuesdays massive ransomware outbreak was, in fact, something much worse
Payload delivered in mass attack destroys data, with no hope of recovery.
DAN GOODIN - 6/29/2017, 5:30 AM
Tuesday's massive outbreak of malware that shut down computers around the world has been almost universally blamed on ransomware, which by definition seeks to make money by unlocking data held hostage only if victims pay a hefty fee. Now, some researchers are drawing an even bleaker assessmentthat the malware was a wiper with the objective of permanently destroying data.
Initially, researchers said the malware was a new version of the Petya ransomware that first struck in early 2016. Later, researchers said it was a new, never-before-seen ransomware package that mimicked some of Petya's behaviors. With more time to analyze the malware, researchers on Wednesday are highlighting some curious behavior for a piece of malware that was nearly perfect in almost all other respects: its code is so aggressive that it's impossible for victims to recover their data.
In other words, the researchers said, the payload delivered in Tuesday's outbreak wasn't ransomware at all. Instead, its true objective was to permanently wipe as many hard drives as possible on infected networks, in much the way the Shamoon disk wiper left a wake of destruction in Saudi Arabia. Some researchers have said Shamoon is likely the work of developers sponsored by an as-yet unidentified country. Researchers analyzing Tuesday's malwarealternatively dubbed PetyaWrap, NotPetya, and ExPetrare speculating the ransom note left behind in Tuesday's attack was, in fact, a hoax intended to capitalize on media interest sparked by last month's massive WCry outbreak.
(Excerpt) Read more at arstechnica.com ...
Hillary Clinton on line 2....
Can they just target Mueller and his minions?
I swear, for decades it’s always those darn DO Looops that allow one to Bigly enhance one’s ability to make mistakes.
That page contains a link to this short batch file program:
https://download.bleepingcomputer.com/bats/nopetyavac.bat
Download it, right click the downloaded program, and run it as administrator.
Don't be surprised if a later version of Petya is not blocked by this technique.
Ping
If you use Firefox (mine’s Linux version, Iceweasel) there is a plugin called No Script. I’ve used it for several years.
That and task manager is how I combat Java script attacks. I commonly get them. I only enable the minimum number of Java scripts for a specific site. It has helped.
It may not be protection from this attack.
But all of what you said is true and valid advice.
So how does one know this is safe?
Fie on the cloud! Why anyone would want ANY of their stuff “out there” in cyberspace is beyond me.
In almost all other aspects, Tuesday's malware was impressive. It used two exploits developed by and later stolen from the National Security Agency. It combined those exploits with custom code that stole network credentials so the malware could infect fully patched Windows computers. And it was seeded by compromising the update mechanism for M.E.Doc, a tax-filing application that is almost mandatory for companies that do business in Ukraine.
I remember looking in awe at a 1GB drive.
“You may dodge cloud onslaught for now, but all big IT companies will force people to use cloud.”
That’s fine, I guess. I’m almost 70 and retired, and I don’t really have/do anything important. I’ll just continue to use my 2T external for now.
Actually, I think it was a 2.1GB drive. Might have been a Seagate drive.
I paid nearly $800 for a 20 MB SCSI hard drive. Hard to believe...
Clinton Foundation has a lot of cash to help pay for such work around the globe to meet their ends.
If you want them for purely backup purpose, Japanese drives could be better choices. They are purely external storage devices, not trying to be close substitutes for internal hard drives, which have to handle constant data transfer. My experience shows that they are more durable. I used to use Seagate but switched to Toshiba. So far they are doing well.
I have a hard drive dock and several hard drives in a box in my closet. At least once a week I take the oldest backup and overwrite it with a new full image backup. I also have a program that views all email in non-HTML mode so I can delete anything questionable before loading my mail program.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.