Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New strain of ransomware evades detection by AV apps

06 Aug 2013   #1
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 
New strain of ransomware evades detection by AV apps

Quote:
I first learned about HTML ransomware from Jerome Segura, Senior Security Researcher at Malwarebytes, and his blog post, "FBI Ransomware Now Targeting Apple’s Mac OS X Users." Initially, I was suspicious; OS X is not vulnerable in the same way Windows operating systems are, so what’s up?

As I continued reading, I learned the only requirements for HTML ransomware to work are JavaScript must be enabled, and the victim’s web browser incorporates the “Recover browser session after a crash” feature, which is part and parcel to all major web browsers -- including Chrome, Firefox, Internet Explorer, and Safari.
Source

A Guy


My System SpecsSystem Spec
.

08 Aug 2013   #2
lehnerus2000

Windows 7 Ultimate SP1 (64 bit), Linux Mint 17.1 MATE (64 bit)
 
 

Very sneaky.
My System SpecsSystem Spec
08 Aug 2013   #3
sygnus21

Windows 8.1 Pro
 
 

So much for the great white lie that Mac OS can't get viruses or Trojans.

Must be a mistake

Anyway seem this thing has been going on for a while as I reported on it last year - 'Ransomware' tricks victims into paying hefty fines
My System SpecsSystem Spec
.


09 Aug 2013   #4
lehnerus2000

Windows 7 Ultimate SP1 (64 bit), Linux Mint 17.1 MATE (64 bit)
 
 
Trick Web Page

Quote   Quote: Originally Posted by sygnus21 View Post
So much for the great white lie that Mac OS can't get viruses or Trojans.

Must be a mistake

Anyway seem this thing has been going on for a while as I reported on it last year - 'Ransomware' tricks victims into paying hefty fines
The trick with this is, there isn't any malware.

It's just a trick web page, so it should "run" on any OS (Linux, Mac and Windows).

From the link:
Quote:
Here’s what HTML ransomware has going for it:
  • Does not require installation.
  • Disabling JavaScript breaks many popular websites; so people aren’t willing to turn off JavaScript, something the bad guys are relying on.
  • AV applications, even with current malware signature sets, are of no use against HTML ransomware.
My System SpecsSystem Spec
09 Aug 2013   #5
sygnus21

Windows 8.1 Pro
 
 

Quote   Quote: Originally Posted by lehnerus2000 View Post
Quote   Quote: Originally Posted by sygnus21 View Post
So much for the great white lie that Mac OS can't get viruses or Trojans.

Must be a mistake

Anyway seem this thing has been going on for a while as I reported on it last year - 'Ransomware' tricks victims into paying hefty fines
The trick with this is, there isn't any malware.

It's just a trick web page, so it should "run" on any OS (Linux, Mac and Windows).

From the link:
Quote:
Here’s what HTML ransomware has going for it:
  • Does not require installation.
  • Disabling JavaScript breaks many popular websites; so people aren’t willing to turn off JavaScript, something the bad guys are relying on.
  • AV applications, even with current malware signature sets, are of no use against HTML ransomware.
Yes I understand that. My general statement is that, if you listen to Mac fans, they aren't prone to anything other OS's are. This simply isn't true. If it's computer code, it's prone, just like any other code, or in this case, OS.

Yes I know this isn't a virus. My point is both sarcastic, and general in nature
My System SpecsSystem Spec
09 Aug 2013   #6
ThrashZone

Win-7 H-Premium 64-bit sp1
 
 

It's probably past time to hold domain host responsible for not overseeing the content they host.
Yet another good reason to delete as much as possible on exit and disable webpage recovery ?
My System SpecsSystem Spec
10 Aug 2013   #7
lehnerus2000

Windows 7 Ultimate SP1 (64 bit), Linux Mint 17.1 MATE (64 bit)
 
 

Quote   Quote: Originally Posted by sygnus21 View Post
Yes I understand that. My general statement is that, if you listen to Mac fans, they aren't prone to anything other OS's are. This simply isn't true. If it's computer code, it's prone, just like any other code, or in this case, OS.

Yes I know this isn't a virus. My point is both sarcastic, and general in nature
I see.
My bad.
My System SpecsSystem Spec
Reply

 New strain of ransomware evades detection by AV apps




Thread Tools





Similar help and support threads
Thread Forum
Low Quality Notebook Screen Causing Eye Strain?
I recently bought an ASUS G75VW-TH71 from TigerDirect. Afterwards I found out that this model is exclusive to that vendor and as such it may have a lower-quality screen than other models. (For one thing it is max 1600x900 res as opposed to 1920x1080 of the other models.) I have also read poor...
Hardware & Devices
[NOD32] How to disable unwanted apps detection?
When I was installing nod32 I had enable unwanted app detection. Now I want to turn it off. How can I do that?
System Security
Zeus malware strain infecting 1 in 50 PCs
Source A Guy
Security News
Brand new build, 4 BSOD in first couple days, no OC or computer strain
Running Windows 7 Ultimate x64. Don't have much installed yet other than Windows and some drivers and essential programs. Two of them occurred after about 15 minutes of prime95, but since then I've run prime95 for hours with no issue (temps have never gone about 60 degrees - isn't OCed yet, and...
BSOD Help and Support
Malware Evades AV
Internet Storm Center posted an article about how malware use modularization to evade Anti-Virus and Anti-Malware products. Malware modularization and AV detection evasion
System Security
Windows 7 endless reboot answer evades Microsoft
More at: Windows 7 endless reboot answer evades Microsoft
News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 23:58.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App