Really Nasty Virus 'CryptoLocker' Heads Up

[bchampion96]

Hi guys,

 

Dunno if you've heard about this one, but just keep you common sense sharp and don't do dodgy stuff because even big name antiviruses can't stop it. The only way of getting rid of it is a hard drive wipe, so get back ups going.

 

 

http://www.switchfast.com/switchfast-blog/2013/10/2/virus-alert-cryptolocker-ransomware.aspx

[KieranThePCGuy]

I always play it cautiously when online anyway, I never ever go on a website that I think is dodgy. As you stated, common sense.

[bchampion96]

I always play it cautiously when online anyway, I never ever go on a website that I think is dodgy. As you stated, common sense.

 

Tis the best antivirus 

[KieranThePCGuy]

Tis the best antivirus 

Indeed so. What types of files is this virus on, do you know? Installers? Webpages?

[forgefilip]

I had a simillar virus to this that locked down the computer, and I removed it by jsut disconnecting myself from the internet and then used windows restore (i Think(could be revert or something simillar)) to go back four 4 hour to when i didnt have this virus. I did this on windows 7

sorry for bad English, my computer wants to correct everything to swedish

 

[bchampion96]

Indeed so. What types of files is this virus on, do you know? Installers? Webpages?

 

Mostly email transmitted, it seems.

[Coombzy]

I asked Avast UK and they said they have got it in their virus database already

[KieranThePCGuy]

Mostly email transmitted, it seems.

That's okay then, I don't really e-mail that much

[KieranThePCGuy]

I asked Avast UK and they said they have got it in their virus database already

I don't think it will be long before most AV's have it in their databases; wonder if Anti-MalwareBytes can find it. Highly recommend it, my friends used it and got rid of virus/malware on their computers.

[brownninja97]

Btw this is a stupid noob questions but ive never got a virus via email before, how do you get a virus from emails. do you just click the email and get a virus or is it when you click on an attachment.

[Guest Gazzer96]

I have super anti-spyware, Malwarebtyes and bitdefender anti-virus on my PC, so this is going to have to be quite stealthy.

[KieranThePCGuy]

Btw this is a stupid noob questions but ive never got a virus via email before, how do you get a virus from emails. do you just click the email and get a virus or is it when you click on an attachment.

You can open attachments which contain them. If I recall, I think you can get them via opening the e-mail itself. But never open an e-mail that looks dodgy to you, again it's all common sense; just delete it and forget about it!

[Fetzie]

Don't have HTML activated by default and never open an email or an attachment if you don't know exactly what it is and who sent it.

[GoodBytes]

Btw this is a stupid noob questions but ive never got a virus via email before, how do you get a virus from emails. do you just click the email and get a virus or is it when you click on an attachment.

 

It happens when people open: image.jpg.exe, and don't have an anti-virus. Or they do, they it's a trial when they bought the computer, and it's expired.

[James_AJ]

Already posted

http://linustechtips.com/main/topic/67636-worst-virus-demands-bitcoin-ransom/

[Tranquility]

AntiVirus' can't do anything to this. Sure they can remove the virus itself, but it can't decrypt the files.

 

As said by OP the only way to deal with after you have it is to do a restore to before you had it.

 

And please for the love of god if you get this, don't pay the ransom.

[Jack.EXE]

Someone is really messed up to do this.

 

 

anyway, I dont really have anything on my PC that cant be restored in a day.

 

Steam games, Free programs (fraps, Paint.NET, Notepad++), account based games (Minecraft, 2142, Planetside 2)

 

Documents & images are my only concern, but I have 10 GB of cloud storage, so I should start uploading that.

[GoodBytes]

If you have Windows 8, and a second internal or external HDD, you can use File History.

I have mine doing backups every 10min, and I can go back in time. If I format and re-install Windows, turning on File History feature will re3deect everything and resume backup operation where it left of.

[martinrox1568]

Lol. My dad's boss just got this virus. Not only did he get it, but he infected the shared servers for the entire business

[orangecat]

I don't need to worry about a virus but my favorite one is the one that replaces your wallpaper with a background saying the government needs to get paid 50k or whatever because you have child porn or something illegal on your pc that or it calls you a terrorist.

[YellowDragon]

Good luck on breaking that encryption RSA 2048 is one hell of an encryption algorithm to use. The RSA 2048 keys are 2^32 stronger then  1024 bit  keys.

 

2^32 = 4,294,967,296 or almost 4.3 billion, therefore breaking a  2048-bit SSL certificate would take about 4.3 billion times longer. So using a standard desktop level processor you can expect the runtime to take 4,294,967,296 x 1.5 million years to break a  2048-bit SSL certificate.

 

Or in "smaller" terms a little over 6.4 quadrillion years.

 

Makes that $300 dollars look like a bargain. If you got this virus its over, there is no way to crack it. If you do a little research on Cryptography you will find that typically encryption is only broken when average level computing power is able to surmount it. 

[Lays]

if the website looks fishy, don't click it.

 

if the picture looks fishy, don't click it

 

 

on the interwebs, fish are bad. do not go near dem and you will be ok

[Equlix]

kaspersky has some tools available to decrypt the files on the drive as well if you find that they are still locked after removal.

[martinrox1568]

So what are they going to do now? How did he go about getting it?

They paid $300. What could they do really? The server had hundreds of PDF files and each of them had a256 bit encryption

[GoodBytes]

They paid $300. What could they do really? The server had hundreds of PDF files and each of them had a256 bit encryption

 

Yea, it's call having an hourly backup. Any server should have this. PLUS, have daily backup on seperate drive or be old school cassets.

Also, why the authorities was not informed? Why the virus got installed on the server in the first place? Who accessed the server (I mean someone had to install it)? Why would someone use the server as his or hers own computer, let alone be admin? Was it made on purpose? Was the server running on legacy Windows?

 

Basic IT guys.. basic IT. I don't think you even need a degree to even know this.