Overclock.net › Forums › Industry News › Software News › [PW] Vicious New Ransomware Takes Your Money and Still Deletes Your Files.
New Posts  All Forums:Forum Nav:

[PW] Vicious New Ransomware Takes Your Money and Still Deletes Your Files. - Page 2

post #11 of 44

"All your files are crypted"

>crypted
Edited by aweir - 7/13/16 at 3:22pm
post #12 of 44
Quote:
Originally Posted by aweir View Post


"All your files are crypted"

>crypted

Glad to see I'm not the only one bothered by mistakes in spelling and grammar in these malwares.

EDIT: How coincidental, made a mistake myself.

Quote:
Originally Posted by Jack13 View Post

I do a full clone of my operating SSD about every two weeks or so. It lives in a safe in the meantime. If something happens (corruption, etc) I can, and have, just swap it and I'm off to the races. No programs to reinstall and configure to my liking. Any important stuff on my storage drive is copied to a drive that lives in another computer.
My question is, how long does ransomware typically reside on a drive before it takes control? Is it immediate or is it triggered? Would it be prudent to have a second clone that gets updated at longer intervals? I'm a bit of a belt and suspenders kind of guy, so I'm not adverse to that, but is it too extreme?

If you have the hard drive space to do it, it is never too extreme. I'm also the kind of guy that chooses extra safety over the 1% chance of something going wrong.
If the ransomware is triggered a while after initial infection, you'll be glad to have that other backup. And who knows, if the developers aren't doing this already, maybe they will in the future.
Edited by TTheuns - 7/13/16 at 3:56pm
The Regulator
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 5930K MSI X99S SLI Plus MSI GeForce GTX 780Ti G.Skill Ripjaws 4 16GB 
Hard DriveCoolingOSMonitor
Crucial MX100 Corsair Hydro Series H105 Windows 10 Pro 64 bit AOC i2369Vm 
KeyboardPowerCaseMouse
Ducky Shine 3 DK9087 Cherry MX Blue White LED EVGA SuperNOVA 1300 G2 Corsair Graphite 230T Logitech G600 
AudioAudio
Labtec Arena 485 2.1 Beyerdynamic DT 990 Pro 
  hide details  
Reply
The Regulator
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 5930K MSI X99S SLI Plus MSI GeForce GTX 780Ti G.Skill Ripjaws 4 16GB 
Hard DriveCoolingOSMonitor
Crucial MX100 Corsair Hydro Series H105 Windows 10 Pro 64 bit AOC i2369Vm 
KeyboardPowerCaseMouse
Ducky Shine 3 DK9087 Cherry MX Blue White LED EVGA SuperNOVA 1300 G2 Corsair Graphite 230T Logitech G600 
AudioAudio
Labtec Arena 485 2.1 Beyerdynamic DT 990 Pro 
  hide details  
Reply
post #13 of 44
How exactly does one end up with such randomware on their PC? I haven't installed an antivirus or antispyware program for years, just Chrome extensions (ublock + scriptsafe) are enough to preemptively stop everything.
Butter
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 7700K Asus Strix Z270F Gaming Gigabyte GTX 1080 Ti Aorus G.Skill 16GB @ 3200mhz CL14 
Hard DriveCoolingMonitorKeyboard
Samsung 960 Evo NVMe m.2 Noctua D15 + NF-A14 case fans x3 BenQ XL2730Z - 144hz 1440p CM Storm Quickfire XT (cherry brown) 
PowerCaseMouseAudio
Seasonic X-760 Fractal Define R5 Logitech G400S Xonar STX / HD558 / Mackie CR4 / Audioengine S8 
  hide details  
Reply
Butter
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 7700K Asus Strix Z270F Gaming Gigabyte GTX 1080 Ti Aorus G.Skill 16GB @ 3200mhz CL14 
Hard DriveCoolingMonitorKeyboard
Samsung 960 Evo NVMe m.2 Noctua D15 + NF-A14 case fans x3 BenQ XL2730Z - 144hz 1440p CM Storm Quickfire XT (cherry brown) 
PowerCaseMouseAudio
Seasonic X-760 Fractal Define R5 Logitech G400S Xonar STX / HD558 / Mackie CR4 / Audioengine S8 
  hide details  
Reply
post #14 of 44
Quote:
Originally Posted by Xuvial View Post

How exactly does one end up with such randomware on their PC? I haven't installed an antivirus or antispyware program for years, just Chrome extensions (ublock + scriptsafe) are enough to preemptively stop everything.

Usually not being careful enough. Especially in cases of non-tech savvy people. I've had my parents call me over to check out suspicious emails multiple times a month lately. All of the supposed PDF extensions for bills of companies they hadn't order from, or even a bank they aren't registered at, turned out to be .EXEs. May not have been ransomware, but I'd rather not take the risk.

There's also the people that are tech savvy, but don't take the time/effort to install any kind of safety measures and only complain after infection.


EDIT: Warning: Spoiler! (Click to show)
Accidentally had some of my previous post left in the text editor.
The Regulator
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 5930K MSI X99S SLI Plus MSI GeForce GTX 780Ti G.Skill Ripjaws 4 16GB 
Hard DriveCoolingOSMonitor
Crucial MX100 Corsair Hydro Series H105 Windows 10 Pro 64 bit AOC i2369Vm 
KeyboardPowerCaseMouse
Ducky Shine 3 DK9087 Cherry MX Blue White LED EVGA SuperNOVA 1300 G2 Corsair Graphite 230T Logitech G600 
AudioAudio
Labtec Arena 485 2.1 Beyerdynamic DT 990 Pro 
  hide details  
Reply
The Regulator
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 5930K MSI X99S SLI Plus MSI GeForce GTX 780Ti G.Skill Ripjaws 4 16GB 
Hard DriveCoolingOSMonitor
Crucial MX100 Corsair Hydro Series H105 Windows 10 Pro 64 bit AOC i2369Vm 
KeyboardPowerCaseMouse
Ducky Shine 3 DK9087 Cherry MX Blue White LED EVGA SuperNOVA 1300 G2 Corsair Graphite 230T Logitech G600 
AudioAudio
Labtec Arena 485 2.1 Beyerdynamic DT 990 Pro 
  hide details  
Reply
post #15 of 44
Quote:
Originally Posted by Xuvial View Post

How exactly does one end up with such randomware on their PC? I haven't installed an antivirus or antispyware program for years, just Chrome extensions (ublock + scriptsafe) are enough to preemptively stop everything.

99% of the time this malware comes from P2P software in the form of malicious codecs, cracks and keygens, with malware as the .exe

Users almost certainly download them while performing clandestine activities. Occasionally a legitimate site will become infected and give you a drive-by-download, but it's rare.
Edited by aweir - 7/13/16 at 4:17pm
post #16 of 44
Quote:
Originally Posted by aweir View Post

99% of the time this malware comes from P2P software in the form of malicious codecs, cracks and keygens, with malware as the .exe

Users almost certainly download them while performing clandestine activities. Occasionally a legitimate site will become infected and give you a drive-by-download, but it's rare.
i don't want to promote piracy or anything, but that's a common misconception about piracy. most cracks and keygens are false positives and private p2p trackers are very secure because only few trusted people can upload.
post #17 of 44
I have had to help both my lawyer and my accountant remove this stuff.

I now keep all my personal files on both a usb and an external backup. I do not leave a single file on my computers.
Murder Box II
(18 items)
 
Home PC
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel 8700k Gigabyte Aorus Z370 Gaming 7 Zotac 1080Ti AMP Extreme Edition G. Skill Trident Z - 32GB/ 3200Hz/CL14/Dual 
Hard DriveCoolingOSMonitor
Sandisk Extreme Pro 480GB Corsair H100i V2 - w/ML120 Pro Fans  Windows 10 Home 64 Bit Acer Z35P 1440P G-Sync 
KeyboardPowerCaseMouse
Delux T9 Pro / Logitech K360 EVGA Supernova G2 1000W Corsair 750D Airflow Mionix Naos 7000 
Mouse PadAudioAudioOther
Perixx DX-3000LAL Aluminum Sound Blaster Z Logitech Z906 - 5.1 Maxnomic Commander S-III Gaming Chair 
CPUMotherboardGraphicsRAM
Intel G3440 Asus B85M-E/CSM EVGA GTX 950 Patriot Viper 3 - 2x8GB 1600hz 
Hard DriveOptical DriveCoolingOS
Samsung EVO 850 - 500GB + 4TB/3TB x 2/2TB WD Green LG CH12LS28 Bluray Scythe Big Shuriken 2 w/Corsair SP120 Fan Windows 10 64 Bit 
MonitorKeyboardPowerCase
Samsung 75" TV.... GooBang Doo MX3 Corsair CX430 V2 NMEDIAPC HTPC 6000B w/ Pro LCD Module 
Mouse
GooBang Doo MX3 
  hide details  
Reply
Murder Box II
(18 items)
 
Home PC
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel 8700k Gigabyte Aorus Z370 Gaming 7 Zotac 1080Ti AMP Extreme Edition G. Skill Trident Z - 32GB/ 3200Hz/CL14/Dual 
Hard DriveCoolingOSMonitor
Sandisk Extreme Pro 480GB Corsair H100i V2 - w/ML120 Pro Fans  Windows 10 Home 64 Bit Acer Z35P 1440P G-Sync 
KeyboardPowerCaseMouse
Delux T9 Pro / Logitech K360 EVGA Supernova G2 1000W Corsair 750D Airflow Mionix Naos 7000 
Mouse PadAudioAudioOther
Perixx DX-3000LAL Aluminum Sound Blaster Z Logitech Z906 - 5.1 Maxnomic Commander S-III Gaming Chair 
CPUMotherboardGraphicsRAM
Intel G3440 Asus B85M-E/CSM EVGA GTX 950 Patriot Viper 3 - 2x8GB 1600hz 
Hard DriveOptical DriveCoolingOS
Samsung EVO 850 - 500GB + 4TB/3TB x 2/2TB WD Green LG CH12LS28 Bluray Scythe Big Shuriken 2 w/Corsair SP120 Fan Windows 10 64 Bit 
MonitorKeyboardPowerCase
Samsung 75" TV.... GooBang Doo MX3 Corsair CX430 V2 NMEDIAPC HTPC 6000B w/ Pro LCD Module 
Mouse
GooBang Doo MX3 
  hide details  
Reply
post #18 of 44
Quote:
Originally Posted by nvidiaftw12 View Post

Quote:
Originally Posted by TTheuns View Post

Good in the long run, not very good in the short-term, self-centered way of thinking that most people have. I'd love to help take down an industry of ransomware, but I'd prefer to keep my files in the progress.


Then as Lord Xeb would say, "Backup, Backup, Backup!"

Exactly!
     
CPUMotherboardGraphicsRAM
i7-5930K Haswell-e Asus X99-E WS/USB 3.1 Visiontek Radeon 7870 2GB with 6 miniDisplayports G-Skill Ripjaws 64GB (8x8GB) DDR4 2133 
Hard DriveHard DriveCoolingOS
Samsung 850 EVO 4TB SSDs Samsung 950 Pro 512GB m.2 SSD boot drive Noctua NH-D15S Cpu cooler Win 7 Ultimate 
PowerCaseMouseMouse Pad
Corsair AX760 Scratch built. Currently under construction at ... Logitech M525 El Cheapo Allsop hard plastic 
CPUMotherboardGraphicsGraphics
i7-3930k ASUS P9X79 WS MSI R7850 Twin Frozr 2GD5/OC Radeon HD 7850 2GB... Monoprice 1x2 powered HDMI Splitter 
RAMHard DriveHard DriveHard Drive
Kingston HyperX 32GB (8 x 4GB) 240-Pin DDR3 SDR... 128GB Samsung 840 Pro SSD 4TB Samsung 850 EVO SSD 4TB Samsung 850 EVO SSD 
Hard DriveHard DriveOptical DriveCooling
4TB Samsung 850 EVO SSD 4TB Samsung 850 EVO SSD LG 12X BD-ROM 16X DVD-ROM 48X CD-ROM SATA Inter... COOLER MASTER GeminII S524 120mm Long Life Slee... 
OSMonitorMonitorKeyboard
Windows 7 Ultimate 3 x Asus VG248QE Vizio VO320E 32" TV Logitech G510s 
PowerCaseMouseAudio
Corsair HX750W Antec Two Hundred v2 Logitech M525 with Unifying Receiving Corsair SP2500 2.1 Speakers 
AudioOtherOtherOther
ASUS Xonar Essence STX Virtual 7.1 Channels 24-... LSI 9211-8i HBA card HooToo® HT-CR001 3.5" PCI-E to USB 3.0 Multi-in... StarTech HSB220SAT25B 2 Drive 2.5in Trayless Ho... 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
i7-5930K Haswell-e Asus X99-E WS/USB 3.1 Visiontek Radeon 7870 2GB with 6 miniDisplayports G-Skill Ripjaws 64GB (8x8GB) DDR4 2133 
Hard DriveHard DriveCoolingOS
Samsung 850 EVO 4TB SSDs Samsung 950 Pro 512GB m.2 SSD boot drive Noctua NH-D15S Cpu cooler Win 7 Ultimate 
PowerCaseMouseMouse Pad
Corsair AX760 Scratch built. Currently under construction at ... Logitech M525 El Cheapo Allsop hard plastic 
CPUMotherboardGraphicsGraphics
i7-3930k ASUS P9X79 WS MSI R7850 Twin Frozr 2GD5/OC Radeon HD 7850 2GB... Monoprice 1x2 powered HDMI Splitter 
RAMHard DriveHard DriveHard Drive
Kingston HyperX 32GB (8 x 4GB) 240-Pin DDR3 SDR... 128GB Samsung 840 Pro SSD 4TB Samsung 850 EVO SSD 4TB Samsung 850 EVO SSD 
Hard DriveHard DriveOptical DriveCooling
4TB Samsung 850 EVO SSD 4TB Samsung 850 EVO SSD LG 12X BD-ROM 16X DVD-ROM 48X CD-ROM SATA Inter... COOLER MASTER GeminII S524 120mm Long Life Slee... 
OSMonitorMonitorKeyboard
Windows 7 Ultimate 3 x Asus VG248QE Vizio VO320E 32" TV Logitech G510s 
PowerCaseMouseAudio
Corsair HX750W Antec Two Hundred v2 Logitech M525 with Unifying Receiving Corsair SP2500 2.1 Speakers 
AudioOtherOtherOther
ASUS Xonar Essence STX Virtual 7.1 Channels 24-... LSI 9211-8i HBA card HooToo® HT-CR001 3.5" PCI-E to USB 3.0 Multi-in... StarTech HSB220SAT25B 2 Drive 2.5in Trayless Ho... 
  hide details  
Reply
post #19 of 44
Quote:
Originally Posted by aweir View Post

99% of the time this malware comes from P2P software in the form of malicious codecs, cracks and keygens, with malware as the .exe

Users almost certainly download them while performing clandestine activities. Occasionally a legitimate site will become infected and give you a drive-by-download, but it's rare.

P2p downloads are extremely safe as long as they are well-seeded and upvoted. If it truly contains anything malicious, it is reported/flagged by the community and nobody bothers seeding it (i.e. it dies). It has worked this way for over a decade now. I trust an .exe file from p2p 1000x more than I trust an .exe downloaded from any website.

Anything that is based on large widespread user communities = I consider it safe wink.gif
Edited by Xuvial - 7/13/16 at 6:18pm
Butter
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 7700K Asus Strix Z270F Gaming Gigabyte GTX 1080 Ti Aorus G.Skill 16GB @ 3200mhz CL14 
Hard DriveCoolingMonitorKeyboard
Samsung 960 Evo NVMe m.2 Noctua D15 + NF-A14 case fans x3 BenQ XL2730Z - 144hz 1440p CM Storm Quickfire XT (cherry brown) 
PowerCaseMouseAudio
Seasonic X-760 Fractal Define R5 Logitech G400S Xonar STX / HD558 / Mackie CR4 / Audioengine S8 
  hide details  
Reply
Butter
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 7700K Asus Strix Z270F Gaming Gigabyte GTX 1080 Ti Aorus G.Skill 16GB @ 3200mhz CL14 
Hard DriveCoolingMonitorKeyboard
Samsung 960 Evo NVMe m.2 Noctua D15 + NF-A14 case fans x3 BenQ XL2730Z - 144hz 1440p CM Storm Quickfire XT (cherry brown) 
PowerCaseMouseAudio
Seasonic X-760 Fractal Define R5 Logitech G400S Xonar STX / HD558 / Mackie CR4 / Audioengine S8 
  hide details  
Reply
post #20 of 44
I hate it when criminals don't keep their word. The jerks.

I don't have much important information on my computer period, but the little bit I have is backed up at least 3 times. I lost a drive a few months ago and while I didn't lose anything necessarily important, there was information on there that I will never be able to reproduce. In the age of everything digital, I don't know how people can't do something as simple as backing up their digital photos or other personal information. If my computer ever goes south I have everything I need backed up.
Bessy
(13 items)
 
  
CPUMotherboardGraphicsRAM
I7-950  Gigabyte x58a-ud3r Asus Strix RX480 Kingston Hyper X Fury Black 
Hard DriveHard DriveOptical DriveCooling
Western Digital Caviar Black Sandisk Extreme SSD DVD-RW Fractal Celsius S36 
OSMonitorKeyboardPower
W10 LG 29UM59 Logitech G15 Corsair HX-1000 
Case
Corsair Air 540 
  hide details  
Reply
Bessy
(13 items)
 
  
CPUMotherboardGraphicsRAM
I7-950  Gigabyte x58a-ud3r Asus Strix RX480 Kingston Hyper X Fury Black 
Hard DriveHard DriveOptical DriveCooling
Western Digital Caviar Black Sandisk Extreme SSD DVD-RW Fractal Celsius S36 
OSMonitorKeyboardPower
W10 LG 29UM59 Logitech G15 Corsair HX-1000 
Case
Corsair Air 540 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [PW] Vicious New Ransomware Takes Your Money and Still Deletes Your Files.