backstreetboy
Honorary Master
- Joined
- Jun 15, 2011
- Messages
- 49,397
- Reaction score
- 56,417
That's like asking a hooker where she got the STD from...OP: what site/file did you get this from.
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
That's like asking a hooker where she got the STD from...OP: what site/file did you get this from.
if encrypts everything into a "zip" file with an extension something like .cxc or something
That would be a major failure of the crypto implementation. They have more brains than that.![]()
Hmm, ok that makes senseWas sure I read it on MyBB somewhere. Maybe not...
My 2c:
Most, if not all malware infections come from:
1) Visiting smut sites
2) Visiting sites looking for keygens/cracks for illicit software/warez
Let's see ... if I was a malware developer where would I put my stuff?
In pirate games and keygens, of course!
But I don't want to give the game away and lose that infection vector, so let it count down for a few months before being activated. That way the victims will never know where it came from. And in addition it can spread via flash drives and the LAN.
Brilliant!
PROFIT
PS: there is so much malware released each day that the anti virus companies have no chance of keeping up.
#2 for sure, but how do you figure #1?
Well, the best option is to do a clean OS reinstallation. Sorry
EDIT:
Install a Linux distro (I recommend Debian 8 Testing/Ubuntu 15.04) alongside your Windows OS and use it for browsing the interwebs only! Play games/watch videos on Windows. That's it!
says the site is undergoing maintenance
We reported almost two years ago about the nasty little program called Cryptolocker, which holds your files hostage, and demands expensive bitcoins in exchange for the decryption key. The malware has been evolving, with a new variant caught in the wild a couple of months ago.
According to a report by KnowBe4, a similar ransomware program has recently been activated, and is now making the rounds on the internet. Named "Locker," the program was originally quiescent, but was activated on May 25th, wreaking its havoc on hundreds of computers.
How the ransomware is installed is not exactly known. However, it was reported that Windows services will apparently be used to install Locker to a victim's computer. During installation, the program will check if the system is running on a virtual machine, and then terminate if this is confirmed. Once it installs, it will start to encrypt files using 2048-bit RSA encryption, though it will not modify file extensions. It will delete shadow volume copies of the C:\ drive, to prevent restoring files from a backup, and then display its interface, asking for ransom. Locker encrypts the following file types: .doc, .docx, .xlsx, .ppt, .wmdb, .ai, .jpg, .psd, .nef, .odf, .raw, .pem, .rtf, .raf, .dbf, .header, .wmdb, .odb, and .dbf, among others.
Like Cryptolocker, it displays a message saying, "Warning any attempt to remove damage or even investigate the Locker software will lead to immediate destruction of your private key on our server!" Locker will demand 0.1 bitcoin (roughly $23), which is unusually lower than other ransoms that are sometimes as high as $500.
As of this moment, hundreds are reportedly infected, but it is not known if anyone has paid the ransom. Bleeping Computer's forums are currently flooded with posts regarding the issue, and the website has stated that the strain has a large install base, only worsening the news for those who are infected. This should be another reminder on why everyone should make sure they have backups of their data available in multiple places.
How do you become infected with the Locker Ransomware?
At this time the only known vector for this ransomware is the Trojan.Downloader that is installed through a cracked version of Minecraft. As some people have stated that they do not, and never had, Minecraft installed on their computer there are mostly likely other vectors that are unknown at this time. The known Minecraft related Trojans are: