New ransomware threat

Exfso (Peter) · #1 01-03-2016, 01:47 PM

Please be careful, this one like other ransomware can cause big grief.

http://techtalk.pcpitstop.com/2016/0...ockyransomware=

killswitch (Edison) · #2 01-03-2016, 02:53 PM

Thanks for the heads up.

Our company got hit by one last year, some butthead opened 'auspost' spam and it slowly ate through the local drive and then the network drives.

I was able to restore from backups after spending a day. We considered paying the ransom as well.

multiweb (Marc) · #3 01-03-2016, 03:03 PM

Quote:

Originally Posted by killswitch

We considered paying the ransom as well.

Unfortunately with low-life like these people it doesn't work. They'll only be encouraged to ask for more.

AstralTraveller (David) · #4 01-03-2016, 04:01 PM

Am I right in thinking (hoping) that this only affects Windows machines and Macs and Linux are immune?

killswitch (Edison) · #5 01-03-2016, 04:35 PM

Quote:

Originally Posted by multiweb

Unfortunately with low-life like these people it doesn't work. They'll only be encouraged to ask for more.

I've heard of companies just paying the ransom as its not worth their time.

In my instance, they asked for bitcoins equivalent to $600, which is nothing compared to downtime it caused the company. We would have had to pay if we didnt have backups or if the backup restorations failed.

Obviously once the files are decrypted, it needs to be copied off and everything be sterilized.

Quote:

Originally Posted by AstralTraveller

Am I right in thinking (hoping) that this only affects Windows machines and Macs and Linux are immune?

Highly likely since the code is written in VB which is designed for a Microsoft environment. Even if you had Word for Mac, i can see it having a hard time encrypting files in a Mac file system.

ZeroID (Brent) · #6 01-03-2016, 07:09 PM

It's a bugga that one, I've had to rebuild a few systems because of it. Fortunately all our data is on servers and backed up so it's just new OS and apps to install. Those and the eternal updates !!

killswitch (Edison) · #7 07-03-2016, 02:53 PM

Looks like they've now developed ransomware for macs.

http://www.reuters.com/article/us-ap...-idUSKCN0W80VX

billdan (Bill) · #8 09-03-2016, 11:50 PM

My wife got an email from Hong Kong yesterday telling her she had just won a million dollars and could she fill out the attached form with her bank details for a direct deposit. She promptly deleted it, but I am sure others would be tempted.

Bill

Exfso (Peter) · #9 10-03-2016, 02:08 AM

Just for information Malwarebytes are working on a version of their program to stop these in their tracks. It is in beta at present. I downloaded and tried it but got immediate BSOD, so gave it a miss for now. Here is the forum:

https://forums.malwarebytes.org/index.php?/forum/172-malwarebytes-anti-ransomware-beta/

hamiland (Anders) · #10 24-03-2016, 11:08 PM

One thing to note is that the ransomware servers (where the decryption key is stored) are being targeted by law enforcement agencies. So if you do decide to pay a ransom, the key may have already been destroyed even if the mongrels who distribute this had the best of intentions *ahem* to decrypt your data it may not be possible. So you'd be left with a whole heap of useless files, be $$$ out of pocket, and have funded the development of a better version of ransomware.