Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Ransomware, Extortionware, Malvertising Exploit Defensive Measures

28 Apr 2015   #1

Windows XP Pro SP3, Windows 7 Pro 32-bit, Windows 7 Ultimate 64bit, Windows XP Home SP3
Ransomware, Extortionware, Malvertising Exploit Defensive Measures

I have not seen a persistent thread on this most important topic so wanted to begin.

Anyone that spends even a little time keeping up with IT Security knows how ugly this new world of Organized CyberCrime can be. Not only is invasive web-extortion becoming common, but the new battlefield has professional white hats reeling. IT bosses have few answers to their bosses and cients.
With ransomware on the rise, cryptographers take it personally | InfoWorld

Growth in extortion malware continues, finds F-Secure report - SC Magazine UK

Millions of WordPress sites at risk of hijack after zero-day released | ZDNet

Increasingly, victims are finding it more palatable to pay the Extortion Fee than to vainly hunt for affordable remedies, post-crime. That constitutes blood-in-the-water for the well-heeled cybercrime syndicates. Current $$ ransoms being paid range from mid-hundreds to several thousand $$$USD. Tragically, the price can also be "priceless" : Police ransomware scam drives UK teen to suicide

Those who make it our business to try to help people with IT issues hear the common question: "Is there ANY way to keep myself safe onine...?", and the only honest answer is "No - not safe, but yes a little less vulnerable". Situation depending, what ensues is a long difficult conversation to determine: "how hard are you willing to work to gain incremental, but breachable, defense?"

Please, you who are in the thick of the battle, post here your best resources, links, forums, alert mechanisms, twitter feeds, etc so that at the least, we who need to stay on top of the issue have more tools to work with. Part of the equation is for those who will to build a "rapid alert & response" methodology.

My System SpecsSystem Spec
28 Apr 2015   #2

Windows 7 Professional 64-bit

Generally speaking, according to some sources -- a well-balanced, well-configured, well-maintained, multi-layered defense is best. I add: "battleship" or "carrier" booting [set up via bcdedit & msconfig] helps alert me very early if something has changed, ie, session looks & feels different from the norm. Firewall, anti-virus [1 w/real time shields; both w/non-overlapping scheduled scans]; anti-spyware, anti-malware [real time shields & scheduled scans]; a couple of systems & environs monitoring programs; bi-monthly OS & data partition backup onto external media; several rescue usb sticks & DVDs; safe & sane browsing; extra cooling fans; UPS -- all of which make computer usage by wifey and I, not iron-clad, rather a healthy balance of functionality [what we want to do with computer] and security.
My System SpecsSystem Spec
28 Apr 2015   #3
Microsoft MVP

Windows 7 Ultimate 32bit SP1

This is an interesting article you might want to read Threat Spotlight: TeslaCrypt
My System SpecsSystem Spec

28 Apr 2015   #4

Windows XP Pro SP3, Windows 7 Pro 32-bit, Windows 7 Ultimate 64bit, Windows XP Home SP3

exactly what we need in this thread, Jacee.
i'm sending that one to my IT buddies.
A friend in the trade that has a multimillion$$ budget got hit several ways in recent months, one attack of which took an appliance and loaded a different FIRMWARE on the system, which rendered all the automated snapshots/backups of the data neuter. no recovery. it became a pawn/slave
in another instance more recent, workstation in the domain was simply used for ordinary browser work and was Ransomware-attacked, leaving all the local files locked with no decryption possible. fortunately, that one had a backup that could be immediately deployed so the loss was negligible in relation to the scope of this shop. an interesting feature was that every attached device for which the user had authentication was also encrypted.

Cloud-reliant backups are not safe. basically when the credentials are overcome, the sync'd/sync'ing resources become the property of the Criminal.

What's in your Twitter Following folder? Mine in no particular order:
- Threatpost
- Krebs
- Malwarebytes unpacked blog
- Andy Greenberg
- @kaspersky
My System SpecsSystem Spec
29 Apr 2015   #5

Windows XP Pro SP3, Windows 7 Pro 32-bit, Windows 7 Ultimate 64bit, Windows XP Home SP3

Does a garden-variety "AV" package protect against such? NO.
Well-meaning advisors will tell users: "just don't do anything dumb on the web and you'll avoid infection. Don't do this, don't go there".... Ever bumped into Doubleclick on the web? YES you have... every stinking day. Ever visit a website for news, or tech news, or tech support? You're exposed.

Faked Flash-based ads on HuffPo, other sites downloaded extortionware | Ars Technica

Flash EK leveraged in potentially widespread malvertising attack - SC Magazine

IT friends: arrogance is not an effective defensive policy.
My System SpecsSystem Spec
29 Apr 2015   #6
Microsoft MVP

Windows 7 Ultimate 32bit SP1

One very good application to use, is SpywareBlaster. SpywareBlaster® | Prevent spyware and malware. Free download.

Attached Thumbnails
Ransomware, Extortionware, Malvertising Exploit Defensive Measures-spywblaster.jpg  
My System SpecsSystem Spec

 Ransomware, Extortionware, Malvertising Exploit Defensive Measures

Thread Tools

Similar help and support threads
Thread Forum
FBI Ransomware/ZeroAccess Preventative Measures
Hello Forum, I have been seeing a ton of posts about this FBI Ransomware and Zeroaccess Viruses or whatever they are, and for the first time in as long as I can remember, I am really concerned about my PC's safety, as two of my closest friends just contracted these viruses. They seem really...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:11.
Twitter Facebook Google+