Jump to content


Photo

Ransomware Alert


  • Please log in to reply
33 replies to this topic

#1 Peter Creasey

Peter Creasey

    Advanced Member

  • Members
  • PipPipPip
  • 3,918 posts

Posted 12 May 2017 - 09:23 PM

I

 

In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.
 

 

 
 
 
 

_________________
. . . . . . . . . . . . . Pete/Houston
SOAC . . .
. . "for the discreet and refined enjoyment of uncommon wine . .
. . . . and victuals and the companionship accruing thereto" . . . .

#2 Rail Paul

Rail Paul

    Advanced Member

  • Admin
  • PipPipPip
  • 23,679 posts

Posted 12 May 2017 - 11:29 PM

Hospitals in the UK held hostage. Not good.
Dreams come in all sizes, shapes, and colors.

#3 mongo_jones

mongo_jones

    Advanced Member

  • Members
  • PipPipPip
  • 24,689 posts

Posted 13 May 2017 - 12:43 PM

careful what kind of porn sites you visit, peter!


my annoying opinions: whisky, food and occasional cultural commentary

 

current restaurant review: house of curry (sri lankan in rosemount, mn)

 

current whisky review: glen ord 28

 

current recipe: white bean curry with green peppers

 

 

facts are meaningless. you could use facts to prove anything that's even remotely true!
~homer simpson


 


#4 hollywood

hollywood

    Advanced Member

  • Members
  • PipPipPip
  • 27,998 posts

Posted 13 May 2017 - 04:00 PM

More details.  https://lawfareblog....nsomware-attack


Then that happened.

 

I traveled to Tijuana to smack the federali

Who packing avocado toast like Mario Batali--Black Thought


#5 taion

taion

    Advanced Member

  • Members
  • PipPipPip
  • 7,693 posts

Posted 13 May 2017 - 08:27 PM

This writeup on how it was accidentally stopped is really great: https://www.malwaret...er-attacks.html

 

Way better than the reporting about that in the popular tech press, anyway.


I didn't tip at Per Se either.

#6 Orik

Orik

    Advanced Member

  • Technocrat
  • PipPipPip
  • 21,850 posts

Posted 13 May 2017 - 11:57 PM

Whoever put in that lazy, single-anchor kill switch code must be feeling pretty bad right now. 


sandwiches that are large and filling and do not contain tuna or prawns

#7 taion

taion

    Advanced Member

  • Members
  • PipPipPip
  • 7,693 posts

Posted 13 May 2017 - 11:58 PM

Wasn't intended as a kill switch, yah?
I didn't tip at Per Se either.

#8 Orik

Orik

    Advanced Member

  • Technocrat
  • PipPipPip
  • 21,850 posts

Posted 14 May 2017 - 12:36 AM

Hard to say if it was a stub for a c&c server or a lazy way to avoid infection in the lab, but in any event it must have cost them.

 

 

6393e7f6db1ecd0a3dd988cc9a3ec41b_dr-evil


sandwiches that are large and filling and do not contain tuna or prawns

#9 Peter Creasey

Peter Creasey

    Advanced Member

  • Members
  • PipPipPip
  • 3,918 posts

Posted 17 May 2017 - 09:48 PM

Another large-scale cyberattack underway: experts


_________________
. . . . . . . . . . . . . Pete/Houston
SOAC . . .
. . "for the discreet and refined enjoyment of uncommon wine . .
. . . . and victuals and the companionship accruing thereto" . . . .

#10 Lex

Lex

    Advanced Member

  • Members
  • PipPipPip
  • 23,868 posts

Posted 17 May 2017 - 11:40 PM

I am very concerned about another ransomware scheme launched by Albanian hackers.  It works by reversing the output of the built in graphics chip in laptops and desktops.  (Handheld devices like iPhones and Blackberrys seem to be immune so far.)  The virus can take over a computer in seconds.
 
33882371554_e388b299e9_c.jpg
 
 


"I don't understand what's wrong with thinking of correlation as a pricing convention the way one thinks of Black-Scholes vol. I mean, vol curves aren't "real" anyway, but nobody uses local vol models to price vanilla options." - Taion
 
"But this is blatant ultracrepidarianism on my part." - Taion

I have a dream of a multiplicity of pastramis.

"once the penis came out, there was discussions as to why we didn't order the testicles" - Daniel describing a meal in China

#11 Nathan

Nathan

    Advanced Member

  • Members
  • PipPipPip
  • 7,018 posts

Posted 18 May 2017 - 03:26 PM

seriously though, this was an SMB exploit that only affected people running Windows XP (which isn't even supported anymore) and Windows 7 (if they weren't running updates/installing patches).  None of you should still be using those OS' at home.  (As I type this on a government computer running Windows 7 (at least it's patched albeit half the internet doesn't work)).

 

keep your operating systems up to date and use two factor authentication on your accounts.  That will protect you the vast vast majority of the time.


Blatantly Obvious Disclaimer:

My opinions are obviously my personal opinions. Not yours. Not universal.


#12 Peter Creasey

Peter Creasey

    Advanced Member

  • Members
  • PipPipPip
  • 3,918 posts

Posted 18 May 2017 - 03:42 PM

Nathan,  "seriously" some of our home PCs still use XP and 7 (and also Vista).  Such is true of MANY people.

 

I haven't seen anything that says the ransomware was only exploiting XP and 7, but perhaps I missed it.  The patches are being provided for all of the OSes.


_________________
. . . . . . . . . . . . . Pete/Houston
SOAC . . .
. . "for the discreet and refined enjoyment of uncommon wine . .
. . . . and victuals and the companionship accruing thereto" . . . .

#13 Orik

Orik

    Advanced Member

  • Technocrat
  • PipPipPip
  • 21,850 posts

Posted 18 May 2017 - 11:26 PM

seriously though, this was an SMB exploit that only affected people running Windows XP (which isn't even supported anymore) and Windows 7 (if they weren't running updates/installing patches).  

 

I thought the exploit was written this way (because of when it was written?), but the theoretical vulnerability also exists in Windows 10 not patched since March. 


sandwiches that are large and filling and do not contain tuna or prawns

#14 Rail Paul

Rail Paul

    Advanced Member

  • Admin
  • PipPipPip
  • 23,679 posts

Posted 19 May 2017 - 01:03 AM

I can remember being told by Charles Schwab and Fidelity Investments years ago that they wouldn't support Windows XP for trading, even account checking. Easily 6 years ago.  Also Vista, which I no longer used.


Dreams come in all sizes, shapes, and colors.

#15 Orik

Orik

    Advanced Member

  • Technocrat
  • PipPipPip
  • 21,850 posts

Posted 19 May 2017 - 01:08 AM

Yeah but windows 7 is still the most common desktop os by far.
sandwiches that are large and filling and do not contain tuna or prawns