Search the Community
Showing results for tags 'ransomware'.
-
If you dont know, Norsk Hydro (Norweigan Hydro translated) is one of the worlds biggest aluminium producers, with 35 000 people in 40 countries. Its 34,26% owned by Norwegian Goverment. -PCMag The result is that they had to run factories in higher degree of manual operation, and ditch their worksations for smarphones and tablets, as they werent affected. -BBC With manual, They actually just mean automatic communication between different places and factories to make it more efficent probably, because the PLCs and stuff was not affected. That probably means those doing it did not aim or did not have the expertise to do more damage, they most likely just wanted to get some money. They did choose to keep some of the (smaller) factories offline instead of running them in "manual" tho. From what I can find, it affected their factories in US and Europe, but not those other countries. -PCMag Their website also went down. The attack orginated in their systems in the US. At this time, as far as I know, their systems and website is back up and running. They did not pay the ransom, they where able to restore the systems from backups because "good backup systems and routines" Norway's state cyber-security agency was/is helping them deal with it. It is now under investigation by PST (Police Security Service), Kripos (National Criminal Investigation Service), E-tjenesten (intelligence Service) and Europool. My Opinion. I wish things like this wouldnt happen, but it does, thats the world we live in. Its really good that they had good backup systems they used to restore the systems without paying the ransom, but maybe their systems, routines and teaching of employees wasnt good enough to stop it. (it would never be good enough for every possible situation, but still). Maybe someone there opened the wrong email or whatever? Edit: See Update marked as answer Sources: (keep in mind that some of them was written yesterday when it was still ongoing) https://www.pcmag.com/news/367274/ransomware-attack-disrupts-major-aluminum-producer https://www.bbc.com/news/technology-47624207 (And Some Norwegian:) https://www.digi.no/artikler/hydro-jobber-med-a-noytralisere-angrepet-bekrefter-at-pc-parken-er-slatt-ut-av-kryptovirus/460820 https://www.digi.no/artikler/pst-europol-kripos-nsm-og-e-tjenesten-jobber-pa-spreng-for-a-finne-de-skyldige-etter-hydro-angrepet/460859
- 16 replies
-
Hello. I would appreciate it if anyone can help I have a virtual machine on a vmware player 12 my data got hit by a ransomware ryuk and the vmdk file was encrypted .ryk extension added and all data for the virtual machine profile was deleted. I was wondering if anyone has any idea about recovering the vmdk file. I read something about recreating the virtual machine disk discriptor file using esxi host. If anyone can help me if this can or might work or worth trying Note that I have a copy of vmdk file same machine and a copy of the virtual machine configuration if this might help (backed up years ago). Appreciate your help Thank you
- 4 replies
-
- vmware
- virtual mahine
-
(and 2 more)
Tagged with:
-
Hey guys, I tried to pirate a game and got ransomware lol I know pathetic, I got most of my files already backed up before but is this something I should worry about?? and can you guys link me to article or videos to get rid of that shit?? And is there anyway I can get back my files? Thank you!!!?
- 3 replies
-
- tech support
- ransomware
-
(and 2 more)
Tagged with:
-
Source: Infosecurity Magazine Marine Safety Information Bulletin BBC Summary: In mid-December a US maritime facility was successfully attacked by a ransomware called "Ryuk." The facility was crippled "for over 30 hours" while efforts to regain control of the port's systems and network took place. The following is the Coast Guard's suggestions for improving security: Here is an advisory and description of the Ryuk ransomware by the UK's National Cyber Security Center My Thoughts: I find it interesting how in 2019, and probably still in 2020, U.S. critical infrastructure (assuming this was either a government or commercial facility) is still easily susceptible to cyber attacks. Despite the adoption of the NIST Cybersecurity Framework by the U.S. government and the general popularization of cybersecurity awareness over the last few years, we still have boomers in significant positions opening emails and unleashing sophisticated ransomwares and more on critical networks.
- 12 replies
-
- ransomware
- coast guard
-
(and 1 more)
Tagged with:
-
is there any possible way to recover my infected files by the .msop extension ransomware? my pendrive that has my work files and also my school work projects i would appreciate any reply from the community thank you.
-
Ok so i was downloading stuff and somehow i got myself into this mess. All of my files got encrypted, tried to clean my Laptop..... reinstall windows and etc.... No solution so far Is there anything that can be done or i should accept the painful fact that my pictures and all sort of important files are gone.
- 17 replies
-
- virus
- laptop malware
-
(and 4 more)
Tagged with:
-
Hey guys, I need help if anyone knows the gandcrab 5.0.3 decryptor or how to decrypt this ransomware my whole pc is infected i have removed this virus but my files are still encrypted.
- 8 replies
-
- ransomware
- virus
-
(and 2 more)
Tagged with:
-
So i found out I'm infected with this GandCrab Ransomware. How can i remove it?
- 1 reply
-
- malware
- ransomware
-
(and 1 more)
Tagged with:
-
so short story, a friend of mine asking me for a favor. He show me a pic of his pc and he asking "why my files can't open and what is .geno ?", i said "that is a virus" he asked again "can you fix that ?" in my case of troubleshooting i never have a problem with ransomware before. question 1 : is there any way to decrypt the file ? question 2 : is fixing ransomware hard ? question 3 : will the file survive from the virus ? i will meet him in the end of this week, i hope someone can help me, thank you in advanced !
-
Act 1: The long explanation. I installed a ransomware virus on my main Windows partition. I lost everything. Hundreds of Gigabytes of information encrypted beyond recognition and repair and it was all my fault. It was karma for an elevated praise to the Windows operating system and its unparalleled compatibility. In that text, I present myself as an experienced Windows, OSX and Linux user by skillfully editing out the bits that reveal my true self: an old loser who would infect his own computer. Disclosure: I do not, I repeat, I do not live in my mother’s basement. I, of course, use the “I lost everything” statement rather lightly since -as most users of this forum- I backup frequently, dance awkwardly and repel females with phrases such as: “I love Star Wars” or “I backup frequently”. Act 2: The questions Here is my current predicament (see image): Will i lose my Fedora boot if I install windows in a new sda2? I will delete the infected partition, create it again, format it with NTFS and install windows 7. Will that erase references to my current boot partition? I know an installation disk or a Windows 7 recovery disk can fix a broken Windows boot record. How do you fix the MBR for a Fedora 28 boot in case it’s overwritten? Act 3: Your turn
- 6 replies
-
- ransomware
- mbr
-
(and 3 more)
Tagged with:
-
Ok, does anyone have any idea if an Enterprise type ransomware backup solutions that uses hardware not sofware exsists for personal/commercial use and does not require additional software. I know it's sounds a bit stupid but I'm just wondering
-
Heya guys, First post just thought of dropin a message here. Anyone of you bumped with *.bip ransomware?
-
- ransomware
- bip
-
(and 1 more)
Tagged with:
-
Boeing Response: Twitter Text: ~~~~ ORIGINAL POST: It seems that even though patches were pushed out immediately for Wannacry it looks like Boeing (NYSE:BA) has been hit with the ransomware on critical systems. ~~~~ From TechCrunch: ~~~~ Opinion: Its interesting to see that such a large and critical portion of Boeings manufacturing process was hit even though patches have been available for nearly 9 months. I would have thought that something of this importance would have been airgapped or stripped to the absolute bare minimum requirements for usage in order to mitigate any threats like Wannacry that could occur. With Boeing being a major defense contractor it will be interesting to see how this plays out in the near future with current and upcoming contracts. ~~~~ Main Source: https://www.seattletimes.com/business/boeing-aerospace/boeing-hit-by-wannacry-virus-fears-it-could-cripple-some-jet-production/ Non paywall Source: https://techcrunch.com/2018/03/28/boeing-reportedly-hit-by-wannacry-ransomware/
- 3 replies
-
- wannacry
- ransomware
-
(and 1 more)
Tagged with:
-
From Kotaku: https://kotaku.com/theres-a-new-malware-that-locks-your-files-unless-you-p-1825148822 [clip] "PUBG Ransomeware’s note reads “Your files is encrypred [sic] by PUBG Ransomeware! But don’t worry! It is not that hard to unlock it. I don’t want money! Just play PUBG 1Hours [sic]!” Malware experts have confirmed to me that PUBG Ransomeware actually does lock down computers’ files, but it’s pretty easy to get around. The ransomware only encrypts users’ desktop files and unlocks them after three minutes of a game of Battlegrounds as opposed to the stated hour." Apparently it doesn't seem like a serious effort to lock computers down since there are apparently simple workarounds. Maybe sounds like a script kiddie who's more invested in PUBG rather than Fortnite that wanted to tilt the scales a bit. Additional Reporting: Bleeping Computer: https://www.bleepingcomputer.com/news/security/pubg-ransomware-decrypts-your-files-if-you-play-playerunknowns-battlegrounds/
- 31 replies
-
- pubg
- ransomware
-
(and 1 more)
Tagged with:
-
Hi I'm new here just wanting to find out if you encrypt your files with Windows bitlocker, can cyber criminals use a ransomeware such wannacry to lock your data. I mean it's already encrypted how can they access it
- 7 replies
-
- ransomware
- asus
-
(and 1 more)
Tagged with:
-
This is one of those threads that could get very political so I wouldn't mind if mods locked this thread right after five to ten responses. Source: Reuters Just so everyone knows, the Lazarus Group is responsible for Sony hack in 2014 where they said it was a thin-skinned response from North Korea as retaliation for releasing the movie "The Interview" starring James Franco and Seth Rogen as well as a heist in the Bangladesh Central Bank [more info about the Lazarus group here] Anti-virus companies like Symantec, Kaspersky, and even Microsoft linked Lazarus to North Korea as they found IP addresses from North Korea. The same cybersecurity companies also found the same connections linking WannaCry and Lazarus group saying: From Symantec: Kaspersky: *It's a good thing that none of the banks I have money on got infected by WannaCry. I guess the lack of red color to the New Zealand map suggest that PC in New Zealand has installed Windows Updates. Obviously North Korea will deny this but for a country with so many economic sanctions imposed, it all makes sense why they'll engage in state sponsored cyberattacks especially ransomware attacks where they can hold PCs hostage until people pay up via Bitcoin. Even though the payout for WannaCry ransomware wasn't that lucrative, there are reports especially from North Korean defectors saying that the regime are currently training and employing hackers in order to offset the effects of the UN economic sanctions and to show everyone that they're as powerful if not better than everyone when it comes to cyberespionage. But we can also put the blame on businesses and corporations for using out of date computers. Prior to the WannaCry pandemic, Microsoft has already released a patch for SMBv1 but so many won't even bothered to deploy security updates. As per this NYT article, "The big question is whether Mr. Kim, fearful that his nuclear program is becoming too large and obvious a target, is focusing instead on how to shut down the United States without ever lighting off a missile. “Everyone is focused on mushroom clouds,” Mr. Silvers said, “but there is far more potential for another kind of disastrous escalation.” The US and everyone else should put more focus on ensuring nationwide cybersecurity as massive cyberattacks can lead to global economic crisis. It's such a shame that the US response to the Sony hack is launching a DDOS attack on North Korea which means nothing. In my opinion, since North Korea has fewer computers connected to the real internet they are at an advantage over US as the likes of NSA and DHS will find it useless to create a cyberespionage malware against North Korea since only a few IP addresses from North Korea can be found. 2017 is indeed the year of cybersecurity woes and I think in 2018 it will get much worse. I'm just curious as to what took the DHS so long to declare that WannaCry came from North Korea when major anti-virus companies have been saying that there's a link between Lazarus Group (DPRK) and WannaCry for months. I can't help but bring back these related threads
- 30 replies
-
- wannacry
- ransomware
-
(and 2 more)
Tagged with:
-
Guys I need help, my computer got hit by a ransomware virus and all of my files have been encrypted into this .HETS format. I cannot open my files and I searched all over the internet to find any sort of decryption software. I am in serious help as I cannot afford to lose of my data over the past few years. Any help or any tool regarding to break the decryption would be appreciated!
- 8 replies
-
- virus
- ransomware
- (and 4 more)
-
sources http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/ http://blog.trendmicro.com/trendlabs-security-intelligence/malvertising-campaign-in-us-leads-to-angler-exploit-kitbedep/ https://www.trustwave.com/Resources/SpiderLabs-Blog/Angler-Takes-Malvertising-to-New-Heights/ https://blog.malwarebytes.org/malvertising-2/2016/03/large-angler-malvertising-campaign-hits-top-publishers/ --- I have no words ... just last week Adobe released a security update for Flash that included 32 critical vulnerabilities: I have ADBlock Plus and Element Blocker installed since "forever" and I won't disable them for anything if and when it becomes obsolete, I will jump to another one, uBlock Origin seems like a valid alternative update your Java, or remove it update your Flash player, or remove it update your Silverlight, or remove it update your fucking browsers, or you risk losing it all
-
source: http://www.engadget.com/2016/05/19/teslacrypt-ransomware-creators-hand-over-key/ So the original developers of the teslacrypt, a version of the cryptovirus ransomware family have just handed out the 'master key' as they 'wrap up operations. Turns out asking nicely works for many things... This is kinda of cool in a way, i mean it sucks for the amount of people and businesses that had no choice but to fork out the money to get their data back. This seems to mean either; they have given up because there are so many ways to get around it (if you know what youre doing) Or they got very close to being caught. This is something that worries me though, seeing as it was posted online, this could mean that they are moving onto bigger things. Still kinda neat though.
-
Hey, guys recently there has been some pretty nasty ransomeware going around by the name of "Petya", that would lock down your system unless you paid. But it has been cracked: http://arstechnica.com/security/2016/04/experts-crack-nasty-ransomware-that-took-crypto-extortion-to-new-heights/ If you know someone or have been personally affect by this wave of ransomware there is a fix!
- 10 replies
-
- ransomware
- opsec
-
(and 3 more)
Tagged with:
-
https://www.grahamcluley.com/2016/04/pirate-bay-hit-malvertising-attack-drops-cerber-ransomware/ malwarevertising campaign recently struck popular torrent site The Pirate Bay and redirected users to landing pages for the Magnitude exploit kit, where they were infected with the notorious Cerber ransomware. Over the past few weeks, Segura and his fellow researchers have observed Magnitude blitzing its way past other exploit kits and distribution methods, such as compromised websites, in order to prey upon vulnerable users. Each campaign has leveraged the Magnitude exploit kit, and each has dropped the Cerber ransomware as its ultimate payload. As regular readers of might recall, Cerber made headlines back in March for its ability to "Talk" to its victims and announce it had encrypted their files before demanding US $500 in ransom. Edit in progress
- 5 replies
-
- ransomware
- virus
-
(and 4 more)
Tagged with:
-
Hey all, I just got a call from an acquaintance about hes PC being locked down. I thought it was your usual virus/trojan and I'd just do a PC scan and clean it. Oh boy, was I WRONG! Apparently it's some new type of ransomware (February 2015 was as old as I could find it online). It locks up all the files on the PC, changes their format to .XTBL and creates readme's everywhere with the attackers email address. I haven't tried going that way but once contacted (he contacted them) they requested 200e for the unlock. From my research online it turns out once you pay them, they will send a decrypter specific for your key (which is in the readme) and it will unlock the files. Removing the virus does not help at all, the files remain encrypted and no decrypter has been made. People have tried bruteforcing it and failed miserably due to the unknown key length. The files on hes PC are important, he is a photographer and the infection spread to EVERYTHING. So he no longer has access to any of hes files which he needs. There are no backups on other drives/external hdd. Using a shadow copy helps with this particular virus, but there aren't any shadow copies on the PC. Any ideas? Any suggestions? Any help is appreciated. Kind regards and keep your eyes open against this type of ransomware. Cheers, Bogica
- 2 replies
-
- virus
- ransomware
-
(and 3 more)
Tagged with:
-
Cryptolocker-like malware maliciously encrypts savegames and other data for a number of popular titlesIf you're a gamer, be on the lookout for a nasty new piece of malware that will make your mods, savegames, and other game data inaccessible via encryption. The cybercriminals behind the scheme are seeking to extort users by forcing those unlucky enough to be infected to make a large payment in Bitcoin in order to receive an unlock key. Source:http://arstechnica.com/security/2015/03/cryptolocker-look-alike-searches-for-and-encrypts-pc-game-files/]http://arstechnica.com/security/2015/03/cryptolocker-look-alike-searches-for-and-encrypts-pc-game-filesOther Sources: Click here to view the article
-
Source: http://www.bbc.co.uk/news/technology-25506020 Cryptolocker, the virus which encrypts your hard drive and demands a payment to get the encryption key, is now believed to have infected about 250,000 PCs, and the article says that The ransom demand is 0.5 bitcoins (wikipedia), so the criminals have made a lot of money from this (500 BTC if 0.4% of 250,000 paid!).
- 19 replies
-
- cryptolocker
- ransomware
-
(and 2 more)
Tagged with:
-
Summary A student unknowingly infected the Covid-19 research facility by installing a pirated copy of data visualization software that was unfortunately rigged with the Ryuk ransomware. Quotes My thoughts It's quite disappointing to see how a large research institution focused on Covid-19 allows BYOD to access such critical files via RDP. It is also stupid for the student to ignore Windows Defender's warnings just to save some bucks. But this made me think, why would a well funded research institution not issue company owned laptops and devices? Windows 10 has Windows Autopilot, macOS has zero-touch deployment and provide a legit copy of the data virtualization software. They have backups but aren't up to date? Makes me wonder how frequent their backups are. I know that many in this forum have posted things like "How to get a lifetime Office 365 for free?" or "Keygen crack for Adobe CC" and it's nice that such posts are deleted. Another question I have is how can a student have such clearance with the institution? Is he/she an undergrad intern? or a post-doc candidate? As far as I know, sensitive and confidential data is usually hands-off to students unless they are directly part of the research program. Sources Zdnet