Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
spartaman64

Hacking victim hacks the hackers and releases their encryption keys

Recommended Posts

20 hours ago, Euchre said:

How? What vector? Malicious ads? This is a big part of why ad blocking is so popular. Email? There's your safe practices right there. Software? Be careful and mindful of where you get software, another safe practice.

 

I haven't seen a story about a worm (self propagating software) in a very long time, and never one that brings ransomware. Every single example I've ever seen or heard of, of someone getting ransomware, was from something they had to take action to install. Windows Update hasn't delivered it yet (and heaven help them if they did), and it is extremely unlikely it will.

 

The one most consistent way that malware has to get into a system isn't exploiting a machine passively, it relies on social engineering - hacking the human - to get the malicious code in place. Contravention of malware that can propagate itself directly (worms) is far too easy to block at the infrastructural level, and the whole of the IT industry is heavily invested in doing so. Those malicious ads I spoke of before? Major, reputable ad services are constantly on the lookout for malicious ads, so they can remove them and block the advertisers from using their services. If they didn't, they'd be prime targets for something scarier than malware - lawyers.

The vast majority of ransomware comes from Phishing emails. You can pretend like you'll never get caught by one - and by using common sense and safe practices, you can mitigate (but not eliminate) the risks.

 

But Phishing emails are evolving daily. Sure it's easy to catch the stupid ones with misspelled words, etc - but some are out there are are indistinguishable from legit emails. As @Lady Fitzgerald said, we can all make mistakes.

 

Common Sense is no longer a sufficient protection against malware. It is now only one key component among other defenses as well. Anyone purely relying on common sense is simply lucky, and it's only a matter of time before that defense proves inadequate.

 

In the case of ransomware, a good backup system is worth more than common sense, if you're doing one or the other. Ideally, you do both.


For Sale - iPhone SE 32GB - Unlocked - Rose GoldSold

Spoiler

 

 

* Intel i7-4770K * ASRock Z97 Anniversary * 16GB RAM * 750w Seasonic Modular PSU *

* Crucial M4 128GB SSD (Primary) * Hitachi 500GB HDD (Secondary) *

* Gigabyte HD 7950 WF3 * SATA Blu-Ray Writer * Logitech g710+ * Windows 10 Pro x64 *

 

Link to post
Share on other sites
24 minutes ago, dalekphalm said:

In the case of ransomware, a good backup system is worth more than common sense, if you're doing one or the other. Ideally, you do both.

A good offline backup.

Too bad hot swap caddies are not the thing anymore like them old days, except for servers.


Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64

HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64

 

HP Envy x360 BP series Intel 8th gen

AMD ThreadRipper 2!

5820K & 6800K 3-way SLI mobo support list

 

Link to post
Share on other sites
2 minutes ago, NumLock21 said:

A good offline backup.

Too bad hot swap caddies are not the thing anymore like them old days, except for servers.

The backup doesn't inherently have to be offline. Most ransomware will simply look at available HDD's or drive letters (basically anything directly accessible). If you're using a server or NAS based backup system, as long as the backups themselves are stored in a folder not accessible by the client computer, you're totally fine.

 

Ideally you'd incorporate offline backups into your larger system though.


For Sale - iPhone SE 32GB - Unlocked - Rose GoldSold

Spoiler

 

 

* Intel i7-4770K * ASRock Z97 Anniversary * 16GB RAM * 750w Seasonic Modular PSU *

* Crucial M4 128GB SSD (Primary) * Hitachi 500GB HDD (Secondary) *

* Gigabyte HD 7950 WF3 * SATA Blu-Ray Writer * Logitech g710+ * Windows 10 Pro x64 *

 

Link to post
Share on other sites
29 minutes ago, dalekphalm said:

The backup doesn't inherently have to be offline. Most ransomware will simply look at available HDD's or drive letters (basically anything directly accessible). If you're using a server or NAS based backup system, as long as the backups themselves are stored in a folder not accessible by the client computer, you're totally fine.

 

Ideally you'd incorporate offline backups into your larger system though.

Sometimes they encrypted networks drives too, so an offline backup is good to have.


Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64

HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64

 

HP Envy x360 BP series Intel 8th gen

AMD ThreadRipper 2!

5820K & 6800K 3-way SLI mobo support list

 

Link to post
Share on other sites
2 hours ago, NumLock21 said:

Sometimes they encrypted networks drives too, so an offline backup is good to have.

Yeah but typically only ones that are mapped to a drive letter. Offline backups are a useful addition to a full backup system - but they are not necessary by themselves.


For Sale - iPhone SE 32GB - Unlocked - Rose GoldSold

Spoiler

 

 

* Intel i7-4770K * ASRock Z97 Anniversary * 16GB RAM * 750w Seasonic Modular PSU *

* Crucial M4 128GB SSD (Primary) * Hitachi 500GB HDD (Secondary) *

* Gigabyte HD 7950 WF3 * SATA Blu-Ray Writer * Logitech g710+ * Windows 10 Pro x64 *

 

Link to post
Share on other sites
2 hours ago, Caroline said:

Hang on if he was a hacker why did he paid the other hackers? It looks like he could've just stolen the keys without paying a cent, seems weird.

Likely it was the delivery method of the decryption key for himself that allowed him to crack into the database.


For Sale - iPhone SE 32GB - Unlocked - Rose GoldSold

Spoiler

 

 

* Intel i7-4770K * ASRock Z97 Anniversary * 16GB RAM * 750w Seasonic Modular PSU *

* Crucial M4 128GB SSD (Primary) * Hitachi 500GB HDD (Secondary) *

* Gigabyte HD 7950 WF3 * SATA Blu-Ray Writer * Logitech g710+ * Windows 10 Pro x64 *

 

Link to post
Share on other sites
11 minutes ago, dalekphalm said:

Yeah but typically only ones that are mapped to a drive letter. Offline backups are a useful addition to a full backup system - but they are not necessary by themselves.

So only mapped network drives get encrypted and not other systems on the network. I heard some ransom wares encrypts other systems on the network too, not just mapped drives. Offline backup can also be a full backup, it's physically disconnected, the only downside is, there is no real time backup. Have to backup in intervals like every night, every few days, or week.

Basically it's better to have more than 1 backup just in case if one of them fails physically.


Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64

HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64

 

HP Envy x360 BP series Intel 8th gen

AMD ThreadRipper 2!

5820K & 6800K 3-way SLI mobo support list

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Buy VPN

×