Posted on 06/28/2017 9:51:49 PM PDT by TigerLikesRooster
Tuesdays massive ransomware outbreak was, in fact, something much worse
Payload delivered in mass attack destroys data, with no hope of recovery.
DAN GOODIN - 6/29/2017, 5:30 AM
Tuesday's massive outbreak of malware that shut down computers around the world has been almost universally blamed on ransomware, which by definition seeks to make money by unlocking data held hostage only if victims pay a hefty fee. Now, some researchers are drawing an even bleaker assessmentthat the malware was a wiper with the objective of permanently destroying data.
Initially, researchers said the malware was a new version of the Petya ransomware that first struck in early 2016. Later, researchers said it was a new, never-before-seen ransomware package that mimicked some of Petya's behaviors. With more time to analyze the malware, researchers on Wednesday are highlighting some curious behavior for a piece of malware that was nearly perfect in almost all other respects: its code is so aggressive that it's impossible for victims to recover their data.
In other words, the researchers said, the payload delivered in Tuesday's outbreak wasn't ransomware at all. Instead, its true objective was to permanently wipe as many hard drives as possible on infected networks, in much the way the Shamoon disk wiper left a wake of destruction in Saudi Arabia. Some researchers have said Shamoon is likely the work of developers sponsored by an as-yet unidentified country. Researchers analyzing Tuesday's malwarealternatively dubbed PetyaWrap, NotPetya, and ExPetrare speculating the ransom note left behind in Tuesday's attack was, in fact, a hoax intended to capitalize on media interest sparked by last month's massive WCry outbreak.
(Excerpt) Read more at arstechnica.com ...
“Yep. I back mine up to an external every day.”
If your external is connected to your machine, it gets ransomed as well.
If my machine gets ransomed, I won’t connect it.
I mean you have to disconnect it after every backup
Yes. It is only connected a few minutes for the backup. I also shut the machine down every night.
I suspect our own NSA-CIA with one of their cyber-children having been developed by contractors and it “escaped”.
Its a little more complicated than that.
What it would require is for me to go into some sports events and tag individual photos for players or teams. Then create the index that would give me “John Jones” from “UConn basketball.”
For the events where I was shooting future NBA stars, I did do that. I can pull up images of Kevin Durant from when he was 17 years old among other NBA players.
I have all of the folders named for easy access. But when some folders have 1500-2000 photos, getting them loaded up and moved back onto a faster system can be tedious.
The great part, you can allow Java scripts for a single account at whatever level you want. I use the minimal allowable for the specific site.
Very good program.
The Taliban put a halt to the opium trade once the Soviets were out and, badda bing, badda boom, they're our enemies.
It's easy to understand that when agencies and departments within the government get used to having billions of dollars at their disposal that they don't have to rely on the legitimate government to give them that they'll act accordingly.
What's that old saying, "You don't change them, they change you" or something like that?
It's a batch file, which means it is basically a text file. You can view its contents in a text editor such as Windows Notepad, though you may lose paragraph formatting.
I've looked at it. There's nothing fishy in there, at least at the time I posted this.
All this little program does is to create a file, "perfc", in the Windows folder, and make the file read-only.
If you still don't want to run that batch file, you can accomplish the same thing by opening an administrator command prompt and entering the following two command lines:
echo Petya vaccination file - Do not remove. > C:\Windows\perfcJust copy and paste one line at a time into the window, then hit Enter. If you don't see an error message, the command probably worked.
attrib +R C:\Windows\perfc
If you don't know how to start an administrator command prompt, that information is easy to find in an Internet search.
Use Windows Explorer/File Explorer to verify that the new file "perfc" has been created in the Windows folder. Right click the file to verify that it is read-only.
Should be: Right click the file and select Properties to verify that it is read-only.
Thank you.
“. I also have a program that views all email in non-HTML mode so I can delete anything questionable before loading my mail program”
-—<>-—<>-—<>-—<>-—<>-—
Please reveal the name and operating system needed for this non-HTML program you cite. I am going to be updating my system soon.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.