Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Help! I'm being held to ransom!!

  1. #11
    Dinosaur Excalibur's Avatar
    Join Date
    Jul 2006
    Location
    East Yorkshire
    Age
    64
    Posts
    25,579

    Default

    Everyone seems to be on target or thereabouts. It suggests going somewhere, and using Bitcoins to unlock it. Since there's only one file I'd desperately like to save, I'll try what folks suggested, and if I have no joy, I'll just bin the machine.

    Juski, it's a lot like my day job, when folks ask you to mend/alter/rebuild something. Starting from scratch is almost always a better bet.

    Nobody has yet offered protection programmes likely to keep people safe in future. I know we've had this before, but things change, so I'm sure it would be worthwhile. Thanks folks, I'll keep you posted.

    Forgot to add: My recent browsing habits have not been anything out of the ordinary, except I was searching in the forum, and Chrome flagged up pages with things from planet smilies.net as being dangerous. We've had this before, and I ignored it. Coincidence, or cause and effect?
    Last edited by Excalibur; 17-05-2015 at 01:55 PM.
    Excalibur. Older than the average DJ.

    www.excaliburmobiledisco.co.uk


  2. #12
    MDD Supporter Nakatomi's Avatar
    Join Date
    Nov 2014
    Location
    Durham, Co Durham
    Posts
    2,807

    Default

    As far as antivirus solutions go, I've always ended up being disappointed one way or another. These days I just have Microsoft Security Essentials installed - my computer isn't noticably slower because of it, and all seems to be well. I've used any number of 'free' antivirus programs in the past & got tired of their nagging me to buy stuff. I've used paid for antivirus software too, and when I was running NOD32 my PC got owned in ways I'd never even imagined possible. Norton & Symantec (now one in the same) would slow my machine to a crawl for no apparent reason.

    For a long time I went 'bareback' on the internet, used only webmail, never downloaded programs from sources I didn't trust.. and I was utterly fine. But then, I wasn't relying on opening MS Office attachments either. I don't recommend anybody does this, but I was incredibly careful.

    The biggest difference you can make to your computer security is to stop using MS Outlook or Outlook Express (if that still exists). Webmail outlets are pretty good at screening malicious attachments (I think) which offers another layer of protection.

    Edit:

    Re planetsmilies.net:

    you can always find & edit your local 'hosts' file (in your 'windows' system32/drivers/etc folder somewhere) and create an entry for planetsmilies.net like this:

    planetsmilies.net 127.0.0.1

    which will effectively block it for you.

    See google's advisory about it here:
    http://www.google.com/safebrowsing/d...etsmilies.net/
    Last edited by Nakatomi; 17-05-2015 at 02:19 PM.

  3. #13
    Senior Member yourdj's Avatar
    Join Date
    Jan 2008
    Location
    The New Forest
    Age
    38
    Posts
    7,112

    Default

    Always makes me glad I went Apple 15 years back.

    Hope you get it sorted.
    Your DJ - Mobile DJ The New Forest, Southampton & Hampshire. Toby
    http://www.yourdj.co.uk/ | http://www.phatdiscos.co.uk/ | http://bogfrog.co.uk | http://newforestwedding.co.uk

  4. #14
    King Of Cheese Moderator DazzyD's Avatar
    Join Date
    Feb 2008
    Location
    Between Sunderland & Durham
    Age
    44
    Posts
    5,063

    Default

    Quote Originally Posted by yourdj View Post
    Always makes me glad I went Apple 15 years back.

    Hope you get it sorted.
    And there it is! I just knew someone was going to bring up Apple!

    Toby, Apple is not immune to virus attacks. I said before, one of the biggest banking trojans to hit the UK affected over half a million UK Mac owners not even a couple of years ago. The Flashback trojan hit Mac owners hard, stealing more money than any other banking attack of recent years, and it was because of the "I'm a Mac owner so I'm safe" mentality. You're not safe! The only reason malware writers didn't bother with Macs in the past was because there weren't enough domestic Mac owners to make it a worthwhile venture. Now there are a lot more Mac owners when you look at the PC-Mac ratio, it's now viable for cyber-criminals to attack Macs. Fact! Looking at stats from the anti-virus companies, it even looks like Malware is more of a problem on Macs because they are still not being made secure by their owners. PC owners know about malware attacks and, generally, keep their machines safe (although there is no such thing at 100% totally safe because the malware writers are always one step ahead and the AV/Anti Malware companies are always reactive - it's not possible for them to be proactive because they don't know what's coming next). But, despite the attacks on Apple, Macs, iTunes, iCloud, etc it still doesn't seem like the message is getting through to Apple/Mac users - you are not safe! No-one is. It's time to start doing something about it!

    There has been improvement in the last 2 years but, personally, I don't think it's good enough. In fact, I agree with France (there's a first time for everything!). France wanted to make it an offence to spread malware by not securing your own internet-connected devices. The punishment was compulsory disconnection from the internet. I agree with this because it's those people who are very nonchalent about internet security that allow malware attacks to spread and it's folk like Peter, who I know had secured his PC as we've discussed this before, who end up inadvertantly clicking a wrong button or opening a bad email who end up suffering. It's not right.

    Now, I make no apologies about my comments here. I strongly believe internet security is the responsibility of every single person who has an internet-connect device. And it really bugs me when people don't take that responsibility seriously. Peter is not alone in being caught out. Some of the most internet-savvy peoply I know have become victims of malware infections. We are finding it very hard to shut down the malware writers but we can help by not letting our devices assist in the spread of the infection. And comments like "I'm fine - I've got a Mac" simply don't cut it anymore.
    Dazzy D
    Lightning Disco & Entertainment

    Born to make you party!


  5. #15
    MDD Supporter Imagine's Avatar
    Join Date
    Feb 2014
    Location
    Ely, Cambridgeshire
    Age
    48
    Posts
    1,650

    Default



    I've worked in IT for the past 20 years and I've heard the repeated claims from Mac owners that viruses can't touch them. I also agree that Mac owners are a victim of Apples own success. There's now more and more people following the crowd and buying these shiny machines (style over content) and thinking they're safe. Because the ownership of Macs has increased, it has become a lot more viable for the script kiddies to work out exploits in the OS and take advantage.

    You are NOT safe as an Apple owner, end of story.

    It's now a sad fact of life that the internet really isn't a safe place to be, and that's a shame because there's so much useful information out there that could really help everyone in the world. Unfortunately there's also those out there looking for easy ways to make money, and malware/viruses are only the tip of the iceberg.

    Slightly off topic, but I'm getting a lot of non-delivery reports for some nasty emails I've never sent out (around 40-50 every single day). Somebody's spoofing my email address and there's absolutely nothing I can do about it. Luckily it's not getting me blacklisted at the moment (I've got all the SPF records etc. set up correctly), but because some people do silly things like run without any sort of protection (and yes, these emails ARE originating from Apple OS), I'm completely unable to do anything about it.

    Did you know there's something like 183 BILLION spam emails sent every day?! That's 70% of email traffic, a lot of it originating from spoofed email addresses such as I'm getting at the moment.

  6. #16
    King Of Cheese Moderator DazzyD's Avatar
    Join Date
    Feb 2008
    Location
    Between Sunderland & Durham
    Age
    44
    Posts
    5,063

    Default

    Quote Originally Posted by Imagine View Post


    I've worked in IT for the past 20 years and I've heard the repeated claims from Mac owners that viruses can't touch them. I also agree that Mac owners are a victim of Apples own success. There's now more and more people following the crowd and buying these shiny machines (style over content) and thinking they're safe. Because the ownership of Macs has increased, it has become a lot more viable for the script kiddies to work out exploits in the OS and take advantage.

    You are NOT safe as an Apple owner, end of story.

    It's now a sad fact of life that the internet really isn't a safe place to be, and that's a shame because there's so much useful information out there that could really help everyone in the world. Unfortunately there's also those out there looking for easy ways to make money, and malware/viruses are only the tip of the iceberg.

    Slightly off topic, but I'm getting a lot of non-delivery reports for some nasty emails I've never sent out (around 40-50 every single day). Somebody's spoofing my email address and there's absolutely nothing I can do about it. Luckily it's not getting me blacklisted at the moment (I've got all the SPF records etc. set up correctly), but because some people do silly things like run without any sort of protection (and yes, these emails ARE originating from Apple OS), I'm completely unable to do anything about it.

    Did you know there's something like 183 BILLION spam emails sent every day?! That's 70% of email traffic, a lot of it originating from spoofed email addresses such as I'm getting at the moment.
    I think the term "script kiddies" is seriously underestimating the vast network of organised criminal gangs who making millions from their malware. This is serious organised crime. In fact, I do believe it's an extension of SOCA (Serious Organised Crime Agency) that operate the National Cyber Crime Unit which investigates these attacks.

    As for the spoofed emails, that's happened to me before and it's really quite scary. And it did get me blacklisted by SpamHaus. And this was the reason I joined up to Project Honeypot as I wanted to help do whatever I could to take these criminals down. The scariest part of the emails that my computer was supposedly sending was that, when you looked in to the code of the emails (I looked to see if I could identify where they really came from), imbedded in the code was some very nasty, vile anti-West propaganda. It wasn't very pleasant at all. And, as you said, there was nothing I could do other than wait a few days until the use of my email address stopped and I could regain control of my emails again.
    Dazzy D
    Lightning Disco & Entertainment

    Born to make you party!


  7. #17
    Senior Member
    Join Date
    Feb 2014
    Location
    basingstoke hampshire
    Posts
    129

    Default

    I have ran avast for a long time, done some research recently and everything is pointing to Kaspersky as the best viable option at the moment, open a Barclays account and get it free. I have had my battles with getting "owned" by certain things, but have managed to remove the vast majority and if not just wiped it ad rebuilt a fresh install .
    I agree with the webmail, stopped using outlook and the like years ago. always be wary of where you go, Norton used to be ok, but like mentioned before its like someone hitting the brakes when your trying to drive, no idea why, the wife used it and it soon got binned off, well ok soon is a slight understatement, have you ever tried to remove Symantec, ugghhhh luckily it was only a few weeks old so did a recovery on it and back to fresh install and did not loose anything.
    good luck with your recovery, hope you get them all back .

  8. #18
    Web Guru Marc J's Avatar
    Join Date
    Feb 2007
    Location
    Edinburgh
    Posts
    3,032

    Default

    Ransomware is pretty much the worst these days. Without the decryption key you are well and truly screwed.

    The general advice if you do get infected is not to pay the ransom, but even police departments have been known to pay up (https://nakedsecurity.sophos.com/201...locker-ransom/).

    Apparently TeslaCrypt (if that's what you're dealing with) specifically targets gamers....anyone playing any games on the PC?

    The clock is ticking, and if you really, really need to recover the file(s) and it's not certain versions of Crytolocker (http://www.bbc.co.uk/news/technology-28661463) or TeslaCrypt (http://blogs.cisco.com/security/talos/teslacrypt) then your only option may be to pay the ransom. They'll only accept bitcoins, and it can be a lengthy process to purchase your first bitcoins (theres a post on here about them somewhere). I have a few, so if you need any quickly I can let you have them at the current rate, just get in touch.

    Finally, some advice and what I use: -

    MalwarebytesAntiMalware (free version - keep updated and scan regularly)
    Spybot S&D (free version - keep updated and scan regularly)
    SpywareBlaster (free version - keep updated and scan regularly)
    ESET NOD32 Antivirus (pay for this - it's well worth it. I've seen infections on machines running Ad-Aware, AVG, Microsoft Security Essentials and most other free antivrus tools)
    And, obviously, keep your operating system up-to-date as well.

    And finally (again) - if you're backing up to an external hard drive, MAKE SURE it's not permanently connected. These ransomware infections look for external storage and encrypt that as well. Connect it, make your backup, and then disconnect it.

    Also, think about putting vital stuff in Dropbox, Google Drive or some other online storage. Free options may have some version control, so even if their copy gets encrypted you can roll it back (but perhaps only on a file by file basis). The paid version of Dropbox has better version control, I think. If you're fussy about privacy you can always encrypt it yourself before sticking it on the online storage, either manually or using something like Boxcryptor.
    It's finished, just need to test.


  9. #19
    Dinosaur Excalibur's Avatar
    Join Date
    Jul 2006
    Location
    East Yorkshire
    Age
    64
    Posts
    25,579

    Default

    Thanks for all that Marc, helpful and informative as ever. Appreciated.

    Re gaming, unless Solitaire and Minesweeper are the sort of ones you're referring to, no, not at all.

    Reassuring to see that I'm on the right lines re protection and practice. Granted, the stable door is firmly bolted, and there's no sign of any equine quadruped, but it could have been a lot lot worse. Thanks Marc, especially for the offers of help with the coins. Two reasons why I won't be taking you up on the kind offer, 1) it's against my principles to reward activities like this, even if it damages me. Just the way I work. 2) From what they said, I'm way outside the time limit. Hey ho.
    Excalibur. Older than the average DJ.

    www.excaliburmobiledisco.co.uk


  10. #20
    Web Guru Marc J's Avatar
    Join Date
    Feb 2007
    Location
    Edinburgh
    Posts
    3,032

    Default

    Peter, did you try the tool at https://github.com/vrtadmin/TeslaDec...master/Windows (use at your own risk!)?
    It's finished, just need to test.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •