|
Ransomware
I just read this on the BBC news website...
http://news.bbc.co.uk/2/hi/uk_news/e...er/5034384.stm It's quite a scary thought, but what could you do about it? does spybot adaware detect this sort of thing and stop it even getting to the machine? Though it seems like someone just gets access to the machine and puts a password on that folder, a complete pain in the royal. Other than backing up frequently and stop using the directory "My documents" how would anyone suggest that we protect against this? It doesn't say how it happened to her, maybe opened an email attachment? any educated guesses? |
As always, make sure your OS patches are installed and invest in a decent antivir package.
Actually, it seems the file ownership is reversible if you know the virus code, at least in some cases: http://www.f-secure.com/v-descs/mayarchive_b.shtml It appears the trojan is a rather rudimentary one, but it seems to be somewhat effective nevertheless. |
http://news.bbc.co.uk/1/hi/technology/5038330.stm
Analysis of Archiveus has revealed that the password to unlock the file containing all the hijacked files is contained within the code of the virus itself.
The 30-digit password locking the files is "mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw". Using the password should restore all the hijacked files. Now the password has been uncovered, there should be no reason for anyone hit by this ransomware attack to have to make any payments to the criminals behind it. |
So there's now a later development from the 1st version whose password was just plaintext in the code. Since the original trojan was written in Visual Basic and left uncompressed, adding new "features" is relatively easy.
|
| All times are GMT. The time now is 07:42. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.