Schtask

Limp Gawd
Joined
Nov 29, 2011
Messages
436
Ransomware attacks have increased over 300% between 2015 and 2016 as it exploded into a billion dollar industry. Luckily, Europol is taking steps to reduce the flow of money to these groups. The No More Ransom Project is a joint effort between Europol and various AV Vendors with the goal of releasing decryption software to the masses. This will give end users the ability to decrypt ransomware infections on their own without paying out hundreds of dollars in bitcoin to get their data back. Europol released a progress report today stating that since December 2016, the projects decryption library has gained 15 new decryption tools and saved over 10,000 users from paying out to evil malwarians.
 
Last edited:

arentol

2[H]4U
Joined
Jun 15, 2004
Messages
2,712
Guaranteed solution that everyone should be doing anyway:

Depending no how much data you generate, once a day/week/month/year:
Verify your data is accessible (not encrypted).
Plug in external HDD, and run an incremental backup on said data.
Disconnect external HDD as soon as completed.

If you get hit with ransomware, verify it isn't one that has a method to remain resident on a wiped system, reinstall OS, and restore data from external HDD.

Not. That. Hard.
 
Joined
Mar 18, 2013
Messages
3,842
I wish Europol would start arresting the miscreants.

Close to 80% of this shit comes from Russia, I know we aren't allowed to say bad things about mother Russia because we were told not to and all, but it's more than a bit of a source of pride for their hacking "community". The Yurpinians can't do much about it.
 
D

Deleted member 88301

Guest
Vee must not offend Muther Russia. Our dear leader, Vladibuster Trump would not be happy. Vee must keep him happy, lest we get fired.
 

CRaschNet

Limp Gawd
Joined
Dec 20, 2010
Messages
189
And people wonder why I used Carbon Black Protect and Response on my home computers.
 

Schtask

Limp Gawd
Joined
Nov 29, 2011
Messages
436
Vee must not offend Muther Russia. Our dear leader, Vladibuster Trump would not be happy. Vee must keep him happy, lest we get fired.

Well ya know.... Ted Kennedy started our political ties with Russia when he was caught colluding with the Kremlin. Something about influencing the election to keep Reagan from being elected. The precedent was set long ago.
 

Cyraxx

Supreme [H]ardness
Joined
Feb 21, 2005
Messages
4,121
Guaranteed solution that everyone should be doing anyway:

Depending no how much data you generate, once a day/week/month/year:
Verify your data is accessible (not encrypted).
Plug in external HDD, and run an incremental backup on said data.
Disconnect external HDD as soon as completed.

If you get hit with ransomware, verify it isn't one that has a method to remain resident on a wiped system, reinstall OS, and restore data from external HDD.

Not. That. Hard.

But... That's too much pr0n to backup! No but seriously, I would need a 10TB+ hard drive to backup all my data unless there is a backup that can compress the files by a good chunk in the backup.
 
D

Deleted member 93354

Guest
I wish Europol would start arresting the miscreants.
Easier said than done with hijacked servers using proxies and crypto currency as payment.

And oh yeah, Russia not giving a flying Fook if western countries get screwed. In fact they secretly like that idea.
 

ZeqOBpf6

Gawd
Joined
Aug 24, 2014
Messages
843
How are they able to decrypt this stuff? Aren't we talking about high level encryption? The kind we think nobody, except for major governments can crack?
 

relapse808

[H]ard|Gawd
Joined
Apr 11, 2005
Messages
1,465
Also create group policys that stop any kind of archive file from being extracted in appdata. I also set all exe files to not be executed if in the appdata folder or any subfolder.
 
D

Deleted member 93354

Guest
How are they able to decrypt this stuff? Aren't we talking about high level encryption? The kind we think nobody, except for major governments can crack?

They capture command and control servers.

Plus a few of these idiots are dumb enough to write it in .NET using standard encryption libs which is easily reversible as all .NET code gets written into a .il which is a pseudo language that can be decompiled.
 
D

Deleted member 93354

Guest
Also create group policys that stop any kind of archive file from being extracted in appdata. I also set all exe files to not be executed if in the appdata folder or any subfolder.

This could also cripple VALID programs for distributed apps....like net delivered WPF apps, or windows packagers apps. For a home user this isn't a problem. But I would not recommend it on a corporate network.
 

Schtask

Limp Gawd
Joined
Nov 29, 2011
Messages
436
This could also cripple VALID programs for distributed apps....like net delivered WPF apps, or windows packagers apps. For a home user this isn't a problem. But I would not recommend it on a corporate network.

Canary Files that replicate on file changes combined with process PID kill for open handles (BE CAREFUL and know that better solutions exist)

Nest canary files inside $ files mounted in a recursive loop...In some cases this can work wonders for delaying RW infection....depending on how it parses directories and picks a starting point. Sometimes they start randomly in a tree and move from there.

Adding VMWare and Virtual Box registry keys works on occasion. RW thinks it could be in a VM so loops sleep or self destructs. This is done to prevent analysis / reverse engineering.

Russian language packs work sometimes as well.

There are AVs that will halt or hinder a RW infection... for awhile at least.

Last ditch effort! Detonate a fork bomb on canary file change to consume all resources and slow encryption to a crawl until system crash. Evil minds....No seriously...it's fun and works but don't do this.

The very best prevention involves the end user not getting all clicky in a phishing email. Good luck with that.
 

whateverer

[H]ard|Gawd
Joined
Nov 2, 2016
Messages
1,810
But... That's too much pr0n to backup! No but seriously, I would need a 10TB+ hard drive to backup all my data unless there is a backup that can compress the files by a good chunk in the backup.


How much of that do you really need?

I'm an old fart with a TON of data, and I still haven't topped 750GB. That's thousands of my own 10MP photos, well over a thousand downloaded and ripped videos, hundreds of thousands of downloaded pictures, a 400-album music collection, and tons of other crap.

I can't imagine you need more than 2TB of that. The rest is just crap. Unless you're the laziest fuck on earth and insist that everything be ripped, unconverted Blu-Ray, and your entire music collection be FLAC just because. Or that all those movies of your kid must be in unadulterated 4k glory :rolleyes:

It's time to go on a spring cleaning binge. Anything not-family-related you haven't touched in three years goes into the garbage. And no, you WON'T notice the difference if you recompress those Blu-Ray rips to save more space. OR cut those family videos in quality, because you sure can tell the difference between 4k and 720p?

If the data really is important to you, you'll grow enough backbone to learn how to better manage and protect it. And that STARTS with being able to compromise on quality OR learn to throw it away. Unless you're IN THE CONTENT CREATION/MANAGEMENT BUSINESS, you don't need a whole lot of space.
 
Last edited:

Quartz-1

Supreme [H]ardness
Joined
May 20, 2011
Messages
4,257
Some people scan every single document they receive. Letters, bank statements, tax, insurance, the lot. That'll consume space real fast, and HMRC demand records be kept for 6 years.
 

whateverer

[H]ard|Gawd
Joined
Nov 2, 2016
Messages
1,810
Some people scan every single document they receive. Letters, bank statements, tax, insurance, the lot. That'll consume space real fast, and HMRC demand records be kept for 6 years.

Cyraxx was talking PORN here, not a fucking business. I made the distinction VERY CLEARLY above.

And fully-legible JPEG document scans are not that large. I have over two thousand full-resolution JPEG photos on my Canon G11's 8GB card, and it's JUST OVER halfway full. 2MB-average-per-photo is enough detail to capture CANVAS DETAIL on this picture of an oil painting, so I'd call that overkill for a document that just has to be LEGIBLE.
IMG_0287.JPG


Full zoom of canvas detail is included below!


It's VIDEO or massive porn picture sets that takes up space, not your average person's captured still images, or scanned documents.

Those two thousand photos are eight years worth, so no, a prolific document scanner or picture taker won't need much storage, unless they're shooting in RAW for pay, or throwing that document into a content management system for a company.
 

Attachments

  • Clipboard011.png
    Clipboard011.png
    529.6 KB · Views: 15
Last edited:
Top