Latest topics
» Belated Happy New Year!
Thu Jan 31, 2019 10:49 pm by Mojo

» Happy Thanksgiving . . .
Sat Nov 24, 2018 12:02 am by Wyz

» Newest Kindle Fire Tablets Are Android-Based .. . . . .
Thu Mar 29, 2018 6:40 pm by Wyz

» I'm Looking To Buy A New PC
Thu Nov 23, 2017 1:25 am by Wyz

» Resonant Chamber
Sat Feb 25, 2017 6:51 pm by Wyz

» Another Year and We're Still Here
Thu Dec 08, 2016 3:27 am by Wyz

» Amazon Tap
Mon Jul 11, 2016 4:29 pm by Wyz

» URL Typos Can Put Your PC or Mac At Risk For Malware
Fri Mar 18, 2016 1:20 am by Wyz

February 2019

Calendar Calendar

Top posters
Mojo (105)
Wyz (80)
nquale (8)
BluFyre (7)
Moo (1)

Paltalk Room

Radio---Click Square To Open In New Window
radio app
Social bookmarking

Social bookmarking digg  Social bookmarking delicious  Social bookmarking reddit  Social bookmarking stumbleupon  Social bookmarking slashdot  Social bookmarking yahoo  Social bookmarking google  Social bookmarking blogmarks  Social bookmarking live      

Bookmark and share the address of Webtroopers Forum on your social bookmarking website

RSS feeds



Go down


Post by Mojo on Fri Nov 15, 2013 7:34 pm

There is a new exploit in the wild that encrypts the data on your hard drives and prevents you from using the data unless you pay a ransom to the people that infected you.  The name of this exploit is called Crypto Locker  and basically it encrypts all of your files such as documents, pictures, video, and music and so forth.  Once you're infected, you get a popup giving you 48 hours to pay the ransom ware developers a fee ranging from 300 dollars to upwards of 4000 dollars and more.  Failure to pay them will result in they destroying the encryption keys.  Once this happens, your files are toast because they use very sophisticated encryption protocols that can't be broken without the encryption keys (Not even the government can crack it).

Folks, this is very serious and should be addressed very seriously.  The trick here is to ensure you don't get it and there are ways to safeguard getting it.  As of this writing, the predominate way this is spreading is through e-mail attachments.  The user opens the attachment and boom you're infected.

The bottom line here is NEVER OPEN ATTACHMENTS! unless and until you have verified that the sender actually sent the attachment to you.  It's not enough to just trust who the sender is without asking because criminals use a technique called spoofing to make the emails look legit.  One company got the exploit opening an attachment that looked like it was a shipping invoice from the U.S. Post Office.  Crooks can easily use your friends email address to send you this exploit.   Also most anti-virus programs can't detect it so scanning attachments will usually do no good.

Another way to combat this is keeping a backup of all your files and programs in case you get this either by backing data on a separate hard drive or via the cloud.  That way if you get it, you can just reinstall the back up and be done with it.  If you backup via a spare hard drive, it's very important to disconnect the back up drive and store it in a safe place until you need it.  Leaving it attached to the PC will likely end up with the backup drive encrypted also.  If you opt for cloud backups, remember to not use a service that incrementally backs up as you go but rather a site where you can store files offsite that isn't connected like a physical network drive.  Also, just to be safe, I would recommend you reinstall Windows before you try reinstalling the backup to ensure the exploit is gone and won't re-infect you.

Finally, there  is a website called Foolish IT that has a program called Crypto Prevent that has had success in blocking this type of exploit.  This will likely change as the exploit will be modified soon to bypass Crypto Prevent so make sure you have your backup in any case.  They have a free version and a paid version that updates automatically with the newest preventive definitions.

Again let me impress upon you the importance of backing up often and keeping the backup disconnected from your PC.  This likely will not be the last of this type of exploit ware and I fully expect more exploits of this type to show up in the coming months.  The criminals behind this are organized and should be considered a serious threat to any computer device on the Internet.  Please, please, please heed this warning and make the necessary steps to prevent this from spreading.

Finally, if you are infected, I implore you to not pay the ransom.  By doing so, you're helping a criminal organization thrive off of this crap and showing other would be cyberpunks that this is a legitimate way to make money, thus encouraging them to pursue similar methods.  Also paying them doesn't necessarily mean they will unlock your files.  They could just string you along for more money like a vulture or take your money and still not decrypt your files.  It's a leap of faith to bottom feeders that don't deserve your trust or faith.  

For more information on this exploit there are 2 great articles I used to base this story on from The Today Show's website.  You can find them HERE and HERE.

The Bleeping Computer forums also have information on variations of the ransom ware with ways to prevent and treat it and you can go to their site HERE.

Stay tuned to further developments in this ongoing story.
Head Trooper
Head Trooper

Posts : 105
Join date : 2013-08-24
Age : 51
Location : Texas

Back to top Go down


Post by Mojo on Fri Nov 15, 2013 8:25 pm

Bleeping Computer Forums owner Lawrence Abrams has put together a very nice FAQ section about Crypto Locker.  You can read this FAQ HERE.
Head Trooper
Head Trooper

Posts : 105
Join date : 2013-08-24
Age : 51
Location : Texas

Back to top Go down

Cryptolocker Decrypted

Post by Mojo on Wed Aug 06, 2014 4:08 pm

CryptoLocker decrypted: Researchers reveal website that frees your files from ransomware

Source:  PC World

The CryptoLocker ransomware is as simple as it is devastating: Once it worms its way onto your system, it encrypts all of your precious files using strong AES-256-bit cryptography, which is virtually impossible to break if you don’t know the private key (read: secret code) required to unlock it. Pay the attackers $300, and they’ll give you the key. Don’t pay, and your files stay scrambled forever.

Until now.

Researchers from FireEye and Fox-IT have managed to recover the private encryption keys used by CryptoLocker’s authors, as well as reverse-engineer the code powering the malware itself—meaning the firms can unlock your files. And while they could no doubt make a pretty penny selling that service to victims at a price far less than CryptoLocker’s $300 Bitcoin ransom, the security firms are taking the high road, and providing the private key details for free via the just-launched Decrypt CryptoLocker website.

The process couldn’t be easier: Simply send the site one of the CryptoLocker-encrypted files on your PC, along with an email address. It’ll scan the file to figure out the encryption specifics, then send you a recovery program and master key that can be used to rescue your ransomed data.

FireEye warns that some data might not be recoverable, particularly if you’ve been infected by a CryptoLocker variant rather than CryptoLocker itself.

BBC reports that 500,000 people fell victim to CryptoLocker, with 1.3 percent forking over cash to free their files. In other words, the malware earned its makers around $3 million before the criminal network was smashed by authorities and security researchers in May.

Variants are still scuttling around the web, however. Beyond using security software and safe browsing practices, the best offense against ransomware is a strong defense. Making regular backups will let you easily recover your data if your PC ever falls prey to an encryption-based attack.

Score 1 for the good guys Smile
Head Trooper
Head Trooper

Posts : 105
Join date : 2013-08-24
Age : 51
Location : Texas

Back to top Go down


Post by Sponsored content

Sponsored content

Back to top Go down

Back to top

Permissions in this forum:
You cannot reply to topics in this forum