'Accidental hero' halts ransomware attack and warns: this is not over

The Guardian ^ | May 13, 2017 | Nadia Khomami and Olivia Solon

[Leaning Right]

The “accidental hero” who halted the global spread of an unprecedented ransomware attack by registering a garbled domain name hidden in the malware has warned the attack could be rebooted.

*snip*

...the spread of the attack was brought to a sudden halt when one UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and inadvertently activated a “kill switch” in the malicious software.

[Chickensoup]

Add me please,
chickensoup

[thoughtomator]

I’m not buying it. Smells like Deep State trying to trick people into accepting surveillance malware delivery.

Those who turn Windows Update on and let Microsoft steer deserve what they get.

[null and void]

I kept receiving “tech support” phone calls and emails, I guess so they could recoup their losses. I don’t answer or if I do, hang up when I identify them (by the Indian accents).

I just act horrified that my computer is compromised and whatever shall I do???

String them along as long as I can before saying, oh wait, I have a Mac!!! Go to perdition and stop trying to scare little old ladies and gullible youths out of their stuff!

Last time I did this my kid was in stitches listening to my half of the conversation.

The big thing is string them along, waste the one resource they can't replace, their time.

They don't call me anymore *sniff*

[sparklite2]

wow- soundsl iek your day has been ruined-

---

You’re going to like spelling,
once you get the hang of it.

[familyop]

They said that the discovery by the man was “accidental,” that he didn’t have “any real qualifications” for his lack of a university degree and publicly noted his residence in his parents’ basement. Many technically capable men are slandered that way now by “professionals” who couldn’t properly build or fix any complicated thing to save their useless lives.

He does continuing study, which makes him a professional. Most degreed individuals do not.

[Chickensoup]

Could it be Microsoft simply isn’t doing automatic updates on some computers or failed to include certain updates? I have a Vista and really quite surprised the improvement just by running the updater .......

_____________

IIRC from my time in Vista-Hell, anything would be an improvement over the original Vista.

[Chickensoup]

THANK YOU! I’ve been yelling into the wind about this since March. MS17-010 is the main update. Do NOT think you are safe if you have Windows update turned off. Everyone thinks they’re “giving it” to Microsoft by turning off Windows update, when in reality, you’re part of the problem.

_____________

Does this count for my WIN 7?

how would it get in my computer?

And why don’t these hackers do something useful like take down Facebook?

I miss Black ICE. It made you invisible to the internet. Is there anything like it today?

[pas]

The exploit not the encryption was the NSA. The NSA informed MS and MS patched it.

[catnipman]

“when in reality it’s the user base that’s the problem in a majority of cases.”

perfect. blame it on the folks who buy the product. and that really sums it up nicely. and it’s pretty much why people are fleeing windows by the millions. the average person just wants a product that works to do a few simple tasks, which is why they’re using Android and iOS, i.e., pretty much ANYTHING BUT MICROSOFT products.

[ConservativeMind]

XP and Vista both are out of normal support, so there is not a patch for at least XP.

If you leave them off for a while, it may be possible to have your antivirus update and start preventing this problem.

I would suggest using Linux Mint for your Internet and email and continue using Windows XP or Vista for non-connected work or minimally-Internet connected work (outside of email or Internet browsing).

[ConservativeMind]

Consider using a bootable partition of Linux Mint or USB drive with it. You can run Firefox, Brave, Opera, or Chrome just fine and get email from Thunderbird or some other free email client.

Linux has far fewer problems with viruses and you can get security updates every few days, if you want.

If you want to try something similar that is easy to get going, download a DVD image of Knoppix and burn that to disk. You then boot from the DVR and don't need to worry about any installation, because it interactively installs every time it's booted on its own. You will need to configure your network card if it's not wired, though.

Trying that out made me next install Linux Mint in a dual-boot mode. By the way, Linux Mint will configure and install almost all on its own, even setting aside a portion of your available free hard drive space, based on your preferences.

[scrabblehack]

No - e-mail headers can be hacked also. So it can appear that the e-mail came from his brother but it didn’t.

[rarestia]

It’s difficult to have a conversation with someone who is irrationally anti-Microsoft. Good day to you.

[rarestia]

Black Ice didn’t obfuscate your presence. It was just a firewall program with a heuristics engine. Modern operating Systems are better than black ice ever was.

If you have automatic updates turned on in Windows, you have the path already. It was pushed back in March.

[zeestephen]

Re: “No - e-mail headers can be hacked also.”

Thanks. I had no idea.

But, how would they know the email address of the hackee’s brother, or friends, without breaking into the address book of the account in the fake header?

Also, that seems like an incredible vulnerability for established companies.

Millions of customers might block your email address because it has been falsely posted on spam or ransomware.

[Mad Dawgg]

You are already on it.

[Mad Dawgg]

"So let it be written. So let it be done."

[scrabblehack]

I took a PHP class some years ago - the instructor alluded to hacking e-mail headers.

I have gotten spam from addresses I think I know and they say their e-mail accounts haven’t been directly hacked (password not stolen, say).

I don’t know if they (or I) have spyware, or just that an e-mail blast to several people got forwarded to the wrong person who decided to spoof addresses.

Hmm....so why isn’t spoofing more common? Maybe the ISP can put some checks in to see if the header has been hacked.

[Chickensoup]

If you have automatic updates turned on in Windows, you have the path already. It was pushed back in March

__________________

Well that is why I turned it off, I didn’t want a path into my computer.

[Bob434]

sO if one gets an email, one htat doesn’t have an attachemnt, and clicks a link in it- that goes to a site that doesn’t have autmatic download that runs- one can’t be infected with anything?

Going back to my original post that was deleted- we got an email from a friend that said simply ‘thanks- got the message, please check out such and such a site- and it had a link- clicked the link, and it brought us to a Ukrainian website (didn’t notice the .ua in the link- apparently it was from Ukraine site- the page was blank except for some random stupid message on top that would update to a new one l ine random message if the page was refreshed-

Is there any need to be worried about a page like that? nothign was autodownloaded- no warnigns popped up- and i’ve run the link through basic online link scanners that showed htere was nothing nefarious on the site uspposedly