New
#1
From Technibble ...
CryptoPrevent - Protect Windows from Cryptolocker Infections - Technibble
Read more at: Backup the best defense against (Cri)locked files - Microsoft Malware Protection Center - Site Home - TechNet BlogsCrilock – also known as CryptoLocker – is one notorious ransomware that's been making the rounds since early September. Its primary payload is to target and encrypt your files, such as your pictures and Office documents. All of the file types that can be encrypted are listed in our Trojan:Win32/Crilock.A and Trojan:Win32/Crilock.B descriptions.
Crilock affected about 34,000 machines between September and early November 2013.
Once Crilock encrypts your file types, they are rendered unusable. The malware shows a message that covers your desktop and demands you pay a ransom to have access to your files again. The ransom can be paid with various online currencies such as BitCoin, CashU, MoneyPak, Paysafecard, and Ukash. Once you pay, the malware author will supposedly give you back the private keys used in encryption. However, we don't recommend doing this as there is no guarantee that paying will lead to recovering your documents and, in effect, you're giving criminals some of your hard-earned money.
From Technibble ...
CryptoPrevent - Protect Windows from Cryptolocker Infections - Technibble
I'm wondering why they can't track the money trail to catch who is doing this.
The good guy's know the methods of payment so their must be an account registered to somebody or some company to receive the funds. Follow the money as they say. When caught have a Sunday after church hanging. Make sure CNN and Alcazar has reporter there.
That should slow down this kind of thing being done so often.
That would be a useful job for the NSA - rather than snooping on th pope and other dignitaries.
I believe you got a great idea whs.
They could do it with no problem if directed to do it.
In my opinion NSA is needed but it needs to be controlled.
To the best of my knowledge NSA is under the guidance of the White House and the NSC. NSA's directives can change in a heart beat.
Some one gave orders to NSA to snoop on lets say the Pope.
I don't believe that NSA does things on a whim.
I really don't know how they operate. But they sure stirred up a bee's nest in Europe. People are appalled and disgusted about their practices. But our goverments are in one boat with them. They even have offices at our airports and ports with boots on the ground. How could they be there without our goverment letting them.
I wonder what the the US public would say if our secret services were snooping on the US president and members of congress and had people screened (and often rejected to fly) by our services in US airports.
The payment by Bitcoin and/or MoneyPack aren't easy to track, these are basically cash based transactions. At the current time NSA has no authority/capability to follow the money trace, either in the US and/or foreign countries.
They can eavesdrop on the chancellor, check airlines passenger lists in foreign countries, but believe it or not, the financial transactions aren't that easy to trace. Mainly for the reason that financial institutions do not cooperate without a court order, even then they'll challenge the court order first. They also encrypt their data, both locally and over the wire that pretty much useless for the NSA, even if it is captured. No, it's not a simple SSL based encryption...
The better option for people is to have NSA take down the command and control servers for CryLock and/or block access to them, if they are in foreign countries. Grabbing the hackers would even be better, but it is not always possible when these people are in foreign countries. Sending in the drones would be overdoing it...
While backups are good to have the files accessible, if Crylock hits, choose the backup options carefully. It will encrypt the data on the local and network drives as well. Depending on the settings for the system restore, it could be a viable option. The system restore files, by default, cannot be modified. But then again, Crylock is downloaded by a root kit on the system, that in theory could modify the ACL for the system restore files. If you want to get technical...
At the current time NSA has no authority/capability to follow the money trace, either in the US and/or foreign countries.
The way to go is to put your images on an external disk that is disconnected when no imaging activity takes place.While backups are good to have the files accessible, if Crylock hits, choose the backup options carefully. It will encrypt the data on the local and network drives as well. Depending on the settings for the system restore, it could be a viable option. The system restore files, by default, cannot be modified. But then again, Crylock is downloaded by a root kit on the system, that in theory could modify the ACL for the system restore files. If you want to get technical...