Breaking Bad themed Cryptolocker ransomware discovered

[zlolslavez]

Security researchers at Symantec recently discovered a new piece of malware that, believe it or not, incorporates a number of themes from the hit TV show Breaking Bad. The malware itself primarily affects users in Australia and represents a new strain of an existing ransomware trojan dubbed Trojan.Cryptolocker.S.

this is a picture

 

 

This ransomware is generally only in the Australian area, but this is quite interesting, especially due to the recent talk about these things, and this shows the kinds of people that are creating these types of things. I am quite interested in "themed" viruses that may show up in the future.

 

Source of article : http://bgr.com/2015/05/11/breaking-bad-malware-gus-los-pollos-hermanos/

virustotal scan of article if you really think it's the actual malware : https://www.virustotal.com/en/url/7221d6154f6bb002a3285d31f0694ed676af211a64dbc6f6698d6f7d4e7fbfb4/analysis/1431399856/

[Trik'Stari]

How exactly does one get around one of those? Seriously. I'm taking networking security classes, and after 7 semesters all we have covered is basically setup and prevention (plus english, math, and useless business and humanities classes). Nothing of any actual substance on how to get around or remove a malware.

[Sam Z Man]

Not sure the link called source is a news article or the malware.

[zlolslavez]

Not sure the link called source is a news article or the malware.

Cleared up in the post if that was a legitimate post.

[desertcomputer]

Not sure the link called source is a news article or the malware.

It both

[Sam Z Man]

Cleared up in the post if that was a legitimate post.

No I was joking.

[zlolslavez]

No I was joking.

Well now there's a virustotal link for anyone that thinks it is.

[mrswagbhinav]

You does this work without them getting caught. What do you pay them through

[Sam Z Man]

You does this work without them getting caught. What do you pay them through

The same way you pay for the 5 start hotel trips you win over the phone, just do a simple identity check using you credit card information.

[mrswagbhinav]

The same way you pay for the 5 start hotel trips you win over the phone, just do a simple identity check using you credit card information.

Why don't they get caught easily?

[Kamina]

The one who knocks. LMAO.  :lol:

[RuecanOnRails]

How exactly does one get around one of those? Seriously. I'm taking networking security classes, and after 7 semesters all we have covered is basically setup and prevention (plus english, math, and useless business and humanities classes). Nothing of any actual substance on how to get around or remove a malware.

 

 

Add a cryptography course to that work load if you want to understand various ransomware and the encryption methods used. There is no getting around or removing it; the only solutions are to cut your loss and wipe everything, pay up, or hope the creator of that particular one was sloppy with his keys and they will eventually be leaked.

https://www.coursera.org/course/crypto

[Guest]

How exactly does one get around one of those? Seriously. I'm taking networking security classes, and after 7 semesters all we have covered is basically setup and prevention (plus english, math, and useless business and humanities classes). Nothing of any actual substance on how to get around or remove a malware.

1. Make fire

2. Put HDD in fire

3. Sing 'kumbayah' around the fire and roast marshmellows

4. Buy new HDD

[StareX]

1. Make fire

2. Put HDD in fire

3. Sing 'kumbayah' around the fire and roast marshmellows

4. Buy new HDD

Hahahahahahaha you just made my day.

[techguru]

How exactly does one get around one of those? Seriously. I'm taking networking security classes, and after 7 semesters all we have covered is basically setup and prevention (plus english, math, and useless business and humanities classes). Nothing of any actual substance on how to get around or remove a malware.

you can't...if your files are encrypted..they are basically gone

unless the governement intervens and take control over the hackers software...then they can learn how it works and make a program to remove the passwords on the encrypted files

[techguru]

I recent got a client who got a randsomware virus..basically encryprted the whole hard drive ....and basically had to wipe the drive...and they lost a few things

thankfully they had a backup of 90% of there important stuff

[Opcode]

[Albatross]

Damn, I am hearing about this all over the place now.

 

How can people protect themselves against this? Like any other virus, like the obviously "don't click strange links, ads or downloads", right?

[techguru]

Damn, I am hearing about this all over the place now.

 

How can people protect themselves against this? Like any other virus, like the obviously "don't click strange links, ads or downloads", right?

you could sandbox your browser...and any files you open from the net....

or use a vm windows on top of your real OS

[Albatross]

you could sandbox your browser...and any files you open from the net....

or use a vm windows on top of your real OS

 

Sandbox? What do you mean?

 

A simple VM install could really prevent this from happening? Wow.

[Opcode]

you could sandbox your browser...and any files you open from the net....

or use a vm windows on top of your real OS

It's less likely this type of infection will coexist among the web. This type of infection usually comes in the form of x86 and is binded to other software that you might presume to be "legit". Browsers like Chrome run entirely in userspace so such malware would never be effective running from a browser. You need to fool the user into giving the software administrator rights otherwise you'll never successfully hijack the system.

[techguru]

Sandbox? What do you mean?

 

A simple VM install could really prevent this from happening? Wow.

I use this program to sandbox my browsers and files I open from the net

 

http://www.sandboxie.com/

[ItsAFeature]

How exactly does one get around one of those? Seriously. I'm taking networking security classes, and after 7 semesters all we have covered is basically setup and prevention (plus english, math, and useless business and humanities classes). Nothing of any actual substance on how to get around or remove a malware.

 

If they implemented it properly, there really is no way without brute forcing the encrypted drive and with modern encryption, that's not very feasible. Just back up important files and be prepared to reformat.

 

 

Damn, I am hearing about this all over the place now.

 

How can people protect themselves against this? Like any other virus, like the obviously "don't click strange links, ads or downloads", right?

 

Be careful with what you download for the most part. But the best way is really to back up everything important to an external drive or cloud storage. Then reformat your drive and reinstall anything important if this ever happens to you.

[Opcode]

How exactly does one get around one of those? Seriously. I'm taking networking security classes, and after 7 semesters all we have covered is basically setup and prevention (plus english, math, and useless business and humanities classes). Nothing of any actual substance on how to get around or remove a malware.

You don't, you can't break the encryption algorithms typically used with these types of infections. Per example a 2048-bit RSA key (both a public and private) is something that's actually impossible to break with modern technology. So it's one of them things you need to protect yourself from because once you get hit with it there is no going back. You might be able to kill off the infection itself and remove it to prevent any future harm although all of your data will sit there and remain encrypted (unusable). This is why they try hitting you for like $500 to get your data back because without that private key you're up shit creek without a paddle.

[Albatross]

I use this program to sandbox my browsers and files I open from the net

 

http://www.sandboxie.com/

 

Oh now that sounds like a neat program! 35$ is a great price, too. Thank you!

 

Be careful with what you download for the most part. But the best way is really to back up everything important to an external drive or cloud storage. Then reformat your drive and reinstall anything important if this ever happens to you.

 

Thanks. I guess I need another drive to do this with for extra precaution. I would hate to lose all that I have with no option of even paying for the content back. haha