Ransomware

rags · Feb 7, 2023

Has anyone here had problems with ransomware?

John813 · Feb 8, 2023

Our office server got hit with it a year ago. Forget how much they wanted to send back all our data.

Luckily, kept everything on an offline backup, so only lost a few items. Never responded to their request.

triplets_93 · Feb 14, 2023

I was entering a new email for a site on the internet, and it said that I should change my password on file with them, because it had been reported as a pw that had been part of a breach. My Browser Firefox highlighted that password for the same reason.

So I changed several passwords today because of that.

https://haveibeenpwned.com/

Reverend Conehead · Feb 15, 2023

rags said:
Has anyone here had problems with ransomware?

Not personally, but I used to work for a computer store that could decontaminate PCs that had been invaded with ransomware. Back then if we removed that crap, we were done. Nowadays, the ransomware criminals encrypt people's files. There are now some companies that figure out how to make kegens to help people decrypt that crap and get their files without paying the ransomware crooks.

The best thing you can do is back up all your important files in a way that the ransomware dirtbags can't get to them. For example, if you backup to an external hard drive and leave that plugged in, they might be able to get to that and encrypt it too. But if you back up you system to an external hard drive and unplug it when done, they can't get to it. So if you got ransomware, you could just format your hard drive, reinstall everything, and then restore your files.

I run a PC that's extremely unlikely to get attacked. It's a Kubuntu Linux PC. It doesn't mean it's totally impossible to infect it. It's just very unlikely. I do all my work onto thumb drives. None of my work files are on the PC itself. Then I back up from one thumb drive to another, and then keep the backup one unplugged. That way, if at any time I wanted to format my hard drive and reinstall everything, I could do it and lose no data.

But whether you're on Linux, Mac, or Windows, that's the best thing you can do. Back up all your files in a way that the crooks can't get to them. In other words, do it in a way in which your backup is disconnected from the computer when not in use. If you back up to cloud services, you have to make sure the dirtbags can't access those devices. Don't use software that automatically puts in your password. Keep your password safe so that you know it and no one else does, and you just type it in when you backup to a cloud.

In short, if you've got your stuff backed up, and it doesn't get encrypted by the crooks, you can always just format your computer and reinstall the OS and all programs.

And, of course, stay away from suspicious web sites. It's not worth it to check out sexy Russian babes online or to download pirated software. Stay away from suspicious-looking sites, and if anything pops up trying to get you to agree to install some browser plug-in, don't do it unless you're certain you know what it is and that it's harmless. In general, avoid browser plug-ins unless you're certain the plug-in has a great reputation. If some web site pops crap up that says something like, "Need to install Java," don't trust them. Get out of there. Don't trust anything unless you're certain what it is.

Them · Feb 20, 2023

..In the past , at least a couple of times, a page would pop up on my computer screen. Loud screetching whistles, and large red letters aross my screen reading "Your Computer is locked." usually a female's voice would come on saying something like..."Do not attempt to adjust, free, or turnoff your computer or your files will be corrupted!"..."Immediately call the number at the bottom of your screen to UNLOCK your computer!"...LOL...So the first thing you want to do is not panic, right along with shut down all that freaking noise!...But your volumn controls do not work. You hit ESAPE...but nada...you try to force the power off...again nothing....All you have left in the arsenal is a simple Windows comand! CNTR-ALT_DELETE. Yes that got me out to where I could shut down the system, and clean it.....None of my files at the time were ever messed up afterward either...So it must of been an elaborate BLUFF I suppose!..but weird!

The Fonz · Feb 20, 2023

One client of mine had them it encrypted all the files on the server
It took a while to recover the files from early backups and data recovery
Now the entire network consist of BSD servers and Linux workstations ( with daily backups)
( never open an attachment before scanning it)

triplets_93 · Jul 5, 2023

Ransomware criminals are dumping kids’ private files online after school hacks

https://apnews.com/article/schools-ransomware-data-breach-40ebeda010158f04a1ef14607bfed9b0

During the COVID-19 pandemic, districts prioritized spending on internet connectivity and remote learning. Security got short shrift as IT departments invested in software to track student engagement and performance, often at the expense of privacy and safety, University of Chicago and New York University researchers found.

In a 2023 survey, the Consortium for School Networking, a tech-oriented nonprofit, found just 16% of districts had full-time network security staff, with nearly nearly half devoting 2% or less of their IT budgets to security.

Rockport · Jul 5, 2023

rags said:
Has anyone here had problems with ransomware?

Reverend Conehead said:
Not personally, but I used to work for a computer store that could decontaminate PCs that had been invaded with ransomware. Back then if we removed that crap, we were done. Nowadays, the ransomware criminals encrypt people's files. There are now some companies that figure out how to make kegens to help people decrypt that crap and get their files without paying the ransomware crooks.

The best thing you can do is back up all your important files in a way that the ransomware dirtbags can't get to them. For example, if you backup to an external hard drive and leave that plugged in, they might be able to get to that and encrypt it too. But if you back up you system to an external hard drive and unplug it when done, they can't get to it. So if you got ransomware, you could just format your hard drive, reinstall everything, and then restore your files.

I run a PC that's extremely unlikely to get attacked. It's a Kubuntu Linux PC. It doesn't mean it's totally impossible to infect it. It's just very unlikely. I do all my work onto thumb drives. None of my work files are on the PC itself. Then I back up from one thumb drive to another, and then keep the backup one unplugged. That way, if at any time I wanted to format my hard drive and reinstall everything, I could do it and lose no data.

But whether you're on Linux, Mac, or Windows, that's the best thing you can do. Back up all your files in a way that the crooks can't get to them. In other words, do it in a way in which your backup is disconnected from the computer when not in use. If you back up to cloud services, you have to make sure the dirtbags can't access those devices. Don't use software that automatically puts in your password. Keep your password safe so that you know it and no one else does, and you just type it in when you backup to a cloud.

In short, if you've got your stuff backed up, and it doesn't get encrypted by the crooks, you can always just format your computer and reinstall the OS and all programs.

And, of course, stay away from suspicious web sites. It's not worth it to check out sexy Russian babes online or to download pirated software. Stay away from suspicious-looking sites, and if anything pops up trying to get you to agree to install some browser plug-in, don't do it unless you're certain you know what it is and that it's harmless. In general, avoid browser plug-ins unless you're certain the plug-in has a great reputation. If some web site pops crap up that says something like, "Need to install Java," don't trust them. Get out of there. Don't trust anything unless you're certain what it is.

In the past you can’t fix a system that’s been hijacked by ransomware. Not sure about on July 5th.

Creeper · Jul 6, 2023

I backup my files regularly in a way I can selectively restore them. If I get hit with ransomware I will simply format my hard drive, if I can, and reinstall the OS then recover my files from backups. If the HDD is shot I will just get a new one and do the same thing. There is not much on my hard drive I really need. Super important files I backup to thumb drives so I always have them just in case.

T-RO · Jul 6, 2023

With AI-based hacking and de-encryption, the Internet is poised to go bananas real soon.

We all need to be thinking 10x more and 10x smarter about our personal security...bank log-ins, etc.

Reverend Conehead · Jul 9, 2023

T-RO said:
With AI-based hacking and de-encryption, the Internet is poised to go bananas real soon.

We all need to be thinking 10x more and 10x smarter about our personal security...bank log-ins, etc.

Yeah, most banks offer 2-factor authentication now where you get a code texted to your phone. That way your user name and password by themselves aren't enough to get logged in. But be careful. If you leave the country, your phone service probably won't work in the other country. You therefore won't be able to get your 2-factor code if you need to log into your bank account. Therefore, if you're going on a trip to another country, talk with your bank first. I personally haven't left the country since 2017, but plan to soon. Maybe there's some kind of dongle you could use for your bank's code that works outside of the country. I haven't talked with my bank yet, but I'm sure there's some kind of solution. If you're just going to Canada, maybe there's a way to extend your phone service up to there.

Praxit · Jul 10, 2023

Reverend Conehead said:
Not personally, but I used to work for a computer store that could decontaminate PCs that had been invaded with ransomware. Back then if we removed that crap, we were done. Nowadays, the ransomware criminals encrypt people's files. There are now some companies that figure out how to make kegens to help people decrypt that crap and get their files without paying the ransomware crooks.

The best thing you can do is back up all your important files in a way that the ransomware dirtbags can't get to them. For example, if you backup to an external hard drive and leave that plugged in, they might be able to get to that and encrypt it too. But if you back up you system to an external hard drive and unplug it when done, they can't get to it. So if you got ransomware, you could just format your hard drive, reinstall everything, and then restore your files.

I run a PC that's extremely unlikely to get attacked. It's a Kubuntu Linux PC. It doesn't mean it's totally impossible to infect it. It's just very unlikely. I do all my work onto thumb drives. None of my work files are on the PC itself. Then I back up from one thumb drive to another, and then keep the backup one unplugged. That way, if at any time I wanted to format my hard drive and reinstall everything, I could do it and lose no data.

But whether you're on Linux, Mac, or Windows, that's the best thing you can do. Back up all your files in a way that the crooks can't get to them. In other words, do it in a way in which your backup is disconnected from the computer when not in use. If you back up to cloud services, you have to make sure the dirtbags can't access those devices. Don't use software that automatically puts in your password. Keep your password safe so that you know it and no one else does, and you just type it in when you backup to a cloud.

In short, if you've got your stuff backed up, and it doesn't get encrypted by the crooks, you can always just format your computer and reinstall the OS and all programs.

And, of course, stay away from suspicious web sites. It's not worth it to check out sexy Russian babes online or to download pirated software. Stay away from suspicious-looking sites, and if anything pops up trying to get you to agree to install some browser plug-in, don't do it unless you're certain you know what it is and that it's harmless. In general, avoid browser plug-ins unless you're certain the plug-in has a great reputation. If some web site pops crap up that says something like, "Need to install Java," don't trust them. Get out of there. Don't trust anything unless you're certain what it is.

..they dont target Linux Distros, because no money is there. MS is primarily main target. Has been for decades, that I can remember.

As for suspicious sites. Yer right. Stay away from Russian babes territory. I prefer Polish babe's instead.. lol.. JK..

..

If it helps. Running two firewalls, aides great deal. Set everyting to command mode. Nothing gets through unless your cued.

Reverend Conehead · Jul 12, 2023

Praxit said:
..they dont target Linux Distros, because no money is there. MS is primarily main target. Has been for decades, that I can remember.

As for suspicious sites. Yer right. Stay away from Russian babes territory. I prefer Polish babe's instead.. lol.. JK.. ..

If it helps. Running two firewalls, aides great deal. Set everyting to command mode. Nothing gets through unless your cued.

Ransomware infecting a Linux distro is still possible, so I exercise prudent caution. It's much less likely, of course, but you never know. Fortunately, any Linux distro is set up so that no app can install without you actively typing in your password. But it would be possible to get ransomware on Linux if they somehow duped you into entering your password. You're right that they're way more likely to target Windows, but I'm still not taking any chances. Linux has excellent security, but you still have to exercise proper caution. Don't be reckless. Another thing to be really careful of are browser plugins. There are some rotten, crooked ones, and they will install under Linux (or Mac or Windows).
..
Another thing, it actually is possible to set up a Windows PC so that you can't install anything without the administrator's password, and then you do all your normal every day computing on a restricted login that cannot install anything. It's possible to set it up that way, but most people don't. Windows security has greatly improved since the Win 95 days, but a lot of people don't take advantage of that because they use reckless computing practices like going to disreputable web sites and installing apps and browser plug-ins without checking them out first.
...
Mac users claim that Mac OS is more secure than Windows. That was definitely true at one point. I'm not sure if it still is, and I've never used Mac, so I'm not sure. Regardless, the main issue is to use safe computing practices, whether you're on Windows, Mac, or Linux. We have no way of knowing which dirty trick the criminals will play next. I wouldn't put past them to decide to attack Linux systems, especially since much of the government of the Federal Republic of Germany uses Linux. Fun fact: the government of North Korea also uses Linux, as does much of its population. They have a ridiculous North Korean distro that implements ultra censorship.

Praxit · Jul 12, 2023

...hey Rev, thanks for interesting reply.

..

Wow, didnt know Linux has that much influence, especially abroad. I can see why though. Its like the lesser of the evils but kicked up a notch.

I never took to Linux because of command line contexts. Im just to lazy to infer doing so. I loved the clean look, though. hahaha.. This was back in early millennia.

I agree, you can fortknox windows from the get go. Get real in depth with administrative procedures and prevention methods. I cant say much here. But was a PIRATE professionaire. ..lol..
Not to much any more. But in that time. I had my fair share of getting deep in-trouble with foreign sites. Which then taught me how to reverse engineer some, to get out of hot spots.
Its a rabbit hole, that goes deep for sure.
IT was fun, I can say looking back. Dont do, much of that anymore.

At one point, I employed my severices as local tech. I remember dealing with Mac users'... and what a PAIN in the arse they were to fix.

So when you mentioned Mac. Couldnt help remembering the days back then.

I will say, OS's today have bettered themselves, in terms of protection from many exploits. Compared to XP days. OH, man that was something.

Rockport · Jul 12, 2023

Praxit said:
..they dont target Linux Distros, because no money is there. MS is primarily main target. Has been for decades, that I can remember.

As for suspicious sites. Yer right. Stay away from Russian babes territory. I prefer Polish babe's instead.. lol.. JK.. ..

If it helps. Running two firewalls, aides great deal. Set everyting to command mode. Nothing gets through unless you’re cued.

They’re starting to attack all OS’s

Ransomware

rags

Well-Known Member

John813

Well-Known Member

triplets_93

Well-Known Member

Reverend Conehead

Well-Known Member

Them

Well-Known Member

The Fonz

Correctamundo

triplets_93

Well-Known Member

Rockport

AmberBeer

Creeper

Well-Known Member

T-RO

Well-Known Member

Reverend Conehead

Well-Known Member

Praxit

Well-Known Member

Reverend Conehead

Well-Known Member

Praxit

Well-Known Member

Rockport

AmberBeer