Question About The Latest Ransomware Attack

Thread Starter

Glenn Holland

Joined Dec 26, 2014
703
I've heard about the latest malware/ransomware attack that encrypts files and demands payment to restore them.

According to the news, the majority of the attacks are on business and large organizations in Europe, but there have also been many in America.

Are these attacks aimed at just business computers and networks or are they hitting personal computers -IE- the ones in private homes? I've got Windows 7 which is vulnerable so where can I get an update for the security?
 
This is likely based on the MicroSoft Technical Support Scam. there's plenty of examples on Youtube.
Some guy from India (usually) calls you; then convinces you that the computer is "infected" by showing you the "error logs" which also show "bad things". Then they convince you to download an application that allows remote control of your computer. Then they change the Password with disc encryption and then demand payment.
 

Thread Starter

Glenn Holland

Joined Dec 26, 2014
703
This is likely based on the MicroSoft Technical Support Scam. there's plenty of examples on Youtube.
Some guy from India (usually) calls you; then convinces you that the computer is "infected" by showing you the "error logs" which also show "bad things". Then they convince you to download an application that allows remote control of your computer. Then they change the Password with disc encryption and then demand payment.
I'm all too familiar with someone from Microsoft Technical Support calling me and trying to trick me into having them run a diagnosis of my computer and telling me that I need to install un upgrade. I traced one of the companies that was posing as representative of Microsoft Technical Support and they were located in eastern Canada.

I believe Microsoft and a bunch of other U.S. businesses have sold the country down the river by outsourcing to India and other countries.
 

crutschow

Joined Mar 14, 2008
34,284
In this scam they actually directly access computers from the internet that don't have the latest Windows upgrade (some are still running XP which is not being updated anymore) and then they encrypt all the files on the computer.
The only way to get access to the files (if there's no protected backup) is to pay a ransom to obtain the decipher key.

No one needs to call you to get access to your computer.
But they are not likely to bother to do this to personal computers since they know individuals are not likely to be able to pay much money to get the decipher key, so they typically go after the big organizations, such as hospitals.
(I have all my files backed up to the cloud with a commercial backup system, but that's more for a possible computer failure than concern about malware).
 

joeyd999

Joined Jun 6, 2011
5,237
But they are not likely to bother to do this to personal computers since they know individuals are not likely to be able to pay much money to get the decipher key, so they typically go after the big organizations, such as hospitals.
I don't see why they would care who they infect.

The marginal cost of each additional infection is effectively zero, and the likelihood of a big payday increases with the number of systems infected.

I think they likely shotgun everything they can. Or will, eventually.
 

DickCappels

Joined Aug 21, 2008
10,152
My brother's personal laptop was infected while traveling overseas. The bad guys wanted US$1,000 to decrypt the files so he just had the hard drive reformatted. Lost years of records. Now he backs up to off-line storage. Probably the only way to be truly safe.
 

joeyd999

Joined Jun 6, 2011
5,237
Now he backs up to off-line storage. Probably the only way to be truly safe.
That brings up additional privacy and security issues -- you must trust a third party.

An alternative is to use an OS that has demonstrated its continued resistance to malware attacks. Why I get so many angry verbal attacks when I say such sacrilege is beyond me.
 

shteii01

Joined Feb 19, 2010
4,644
I am too lazy to research... How strong an encryption is it in this current case? Something that a few hours on super computer can break?
 

nsaspook

Joined Aug 27, 2009
13,086
But Microsoft should bear it.
It's an MS bug but our NSA hackers knew about the leaked exploit for a year before they were hacked and the method released to the wild for the attack vector of a Ransomware malware.

"To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it"

http://thehackernews.com/2017/05/wannacry-ransomware-windows.html
In the wake of the largest ransomware attack in the history that had already infected over 114,000 Windows systems worldwide since last 24 hours, Microsoft just took an unusual step to protect its customers with out-of-date computers.

Microsoft has just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions.
Now it's possible this emergency patch update could have been released before the massive attack if NSA had warned MS about it in secret instead of after the cat was out of the bag. It's also possible MS just didn't care obsolete products would get infected by it.
 
Last edited:

joeyd999

Joined Jun 6, 2011
5,237
It's an MS bug but our NSA hackers knew about the leaked exploit for a year before they were hacked and the method released to the wild for the attack vector of a Ransomware malware.

"To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it"

http://thehackernews.com/2017/05/wannacry-ransomware-windows.html


Now it's possible this patch update could have been released before the massive attack if NSA had warned MS about it in secret instead of after the cat was out of the bag.
Microsoft was negligent years ago when it refused to continue to support its OS with the most installations (XP). And just because they wanted to churn the cash by forcing an upgrade. They are responsible.
 

nsaspook

Joined Aug 27, 2009
13,086
Microsoft was negligent years ago when it refused to continue to support its OS with the most installations (XP). And just because the wanted to churn the cash by forcing an upgrade. They are responsible.
They provided the gun (that can be used for good and bad), the criminals committed the crime with that 'gun'. The criminals are responsible for using it.
 
Top