Major Ransomware Campaign Disrupted

HardOCP News · Oct 8, 2015

I'm not saying these guys are stupid...BUT...buying over eight hundred servers with stolen credit cards wasn't the smartest thing to do.

Cisco's researchers thwarted the activity of a single group of cyber-criminals responsible for 50% of all deployments of ransomware via the Angler exploit kit. The group conducted operations on such a large scale that by the end of the year they would have potentially earned more than $34 million / €30 million.

Deleted member 126051 · Oct 8, 2015

Oh yes.

The DERP is STRONG in this one!

KazeoHin · Oct 8, 2015

Back when I worked in consumer-level IT, I got TONS of ransomware victims needing their windows installations cleaned up. In australia, we had the 'AFP Virus' (Australian Federal Police lockout virus) That actually acessed the PC's webcam and snapped a picture, saying that the Federal Police would persue charges for pirating media unless you paid a 'fine'. Pretty clever, seing as how 90% of the victims of this virus acquired it through downloading movies.

Safemode>combofix>malwarebites.

nutzo · Oct 9, 2015

KazeoHin said:
Back when I worked in consumer-level IT, I got TONS of ransomware victims needing their windows installations cleaned up. In australia, we had the 'AFP Virus' (Australian Federal Police lockout virus) That actually acessed the PC's webcam and snapped a picture, saying that the Federal Police would persue charges for pirating media unless you paid a 'fine'. Pretty clever, seing as how 90% of the victims of this virus acquired it through downloading movies.

I wish web cameras (especially on laptops) would come with a manual slid lever that turns off the camera and covers the lens. Would be much easier than sticking a piece of tape over it.

KazeoHin · Oct 9, 2015

nutzo said:
I wish web cameras (especially on laptops) would come with a manual slid lever that turns off the camera and covers the lens. Would be much easier than sticking a piece of tape over it.

I would like that as well, it makes secretly shopping for birthday presents much less awkward.

lollerwaffle · Oct 9, 2015

I know that it's not HardOCP's content but..

"would have potentially earned..."

Would have potentially stolen!
Since when is thievery 'earning'?

And yeah laptop cameras in particular.. I have never used any of them. People do not LIKE video calls, period.

roflmywaffle · Oct 9, 2015

lollerwaffle said:
I know that it's not HardOCP's content but..

"would have potentially earned..."

Would have potentially stolen!
Since when is thievery 'earning'?

And yeah laptop cameras in particular.. I have never used any of them. People do not LIKE video calls, period.

Military member overseas, here. My family makes and receives video calls daily. We don't like them, we love them.

scojer · Oct 9, 2015

lollerwaffle said:
I know that it's not HardOCP's content but..

"would have potentially earned..."

Would have potentially stolen!
Since when is thievery 'earning'?

The point of any kind of work is to earn money. Though the work is illegal, they still put in time and effort to "earn" that money. Though, they were not very smart.

Dekoth-E- · Oct 9, 2015

To be fair..dirtbags like this have made me a bunch of money over the years removing their crap.

Something only a PC tech would say.

Methadras · Oct 9, 2015

Someone needs to start a company that explicitly finds these scumbags and kills them on the spot. No questions asked. You might get an oopsy now and then, but in the case of these sub-humans, even a guilt by association is doing a world a great service.

Exavior · Oct 9, 2015

nutzo said:
I wish web cameras (especially on laptops) would come with a manual slid lever that turns off the camera and covers the lens. Would be much easier than sticking a piece of tape over it.

Some do have that. they either have a shutter or the lens flips down. But that is not a very common thing that is true.

lollerwaffle said:
I know that it's not HardOCP's content but..

"would have potentially earned..."

Would have potentially stolen!
Since when is thievery 'earning'?

And yeah laptop cameras in particular.. I have never used any of them. People do not LIKE video calls, period.

Not true, I have been on hundreds if not over a thousand video skype calls.

rezerekted · Oct 9, 2015

There is this free version of CryptoPrevent software to help stop Ransomware from infecting you. I don't know how effective it is though.

https://www.foolishit.com/cryptoprevent-malware-prevention/

MrGuvernment · Oct 9, 2015

check out spiceworks, pretty simple really, do not allow exe's to run in the AppData folders which you really shouldnt need anyways.

drakken · Oct 10, 2015

ummm a little common sense prevents a virus from infecting your system. treat the internet as full of sleezy people and trust nothing you have not verified. Not stop using the net just treat the data you get as potentially a problem and if you are going to site in a grey area then expect to have to wash the sleeze off everything it touches. grin. If you simply buy your movies from someone who benefits more from selling clean data then if it is usually safe. Just never assume and life is easier.

There are couple ways to test, if you are just checking a trusted file, the thirty secs it take to verify an MD5 as per the request for comments RFC 1321 standard and it tells you if the file changed from the legit original version.

If the file is sketchy maybe you want to use a safer file but SHA-3 is the most current version of the hashing system to check enough of the bits to make sure the file is the same as the author posted to file service or site to save on bandwidth. If you are getting the file directly from the author no point to checking the hash since the author could put anything in a compiled file. So again it is really do you trust the file source and if you do not why in the world are you using the file?

drakken · Oct 10, 2015

oh no edit for front page so I'll just add this as a second post there is a utility built into windows apparently I was wondering if there was an non-self built version when I came across a ms article

You can use the File Checksum Integrity Verifier (FCIV) utility to compute the MD5 or SHA-1 cryptographic hash values of a file. For additional information about the File Checksum Integrity Verifier (FCIV) utility, click the following article number to view the article in the Microsoft Knowledge Base:
841290 Availability and description of the File Checksum Integrity Verifier utility
To compute the MD5 and the SHA-1 hash values for a file, type the following command at a command line:
FCIV -md5 -sha1 path\filename.ext
For example, to compute the MD5 and SHA-1 hash values for the Shdocvw.dll file in your %Systemroot%\System32 folder, type the following command:
FCIV -md5 -sha1 c:\windows\system32\shdocvw.dll

Major Ransomware Campaign Disrupted

HardOCP News

[H] News

Deleted member 126051

Guest

KazeoHin

[H]F Junkie

nutzo

Supreme [H]ardness

KazeoHin

[H]F Junkie

lollerwaffle

Gawd

roflmywaffle

Weaksauce

scojer

[H]F Junkie

Dekoth-E-

Supreme [H]ardness

Methadras

Supreme [H]ardness

Exavior

[H]F Junkie

rezerekted

2[H]4U

MrGuvernment

Fully [H]

drakken

[H]ard|Gawd

drakken

[H]ard|Gawd