| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 141874 | 2016-03-14 13:06:00 | Ransomware- Scary ****. | baabits (15242) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 1417497 | 2016-03-16 08:16:00 | In the end we contacted the email address, replied, paid the ransom, got the decryption key and an assurance that all files will be deleted in an email christened with the subject "Thanks for your business". F*** them. We had backups, but still.. nuts >_<. Exposing people's files online? That's a step waaaay too far. |
baabits (15242) | ||
| 1417498 | 2016-03-16 09:18:00 | In the end we contacted the email address, replied, paid the ransom,:( got ... an assurance that all files will be deletedNot likely, if there is anything of interest in them. Exposing people's files online? That's a step waaaay too far.Indeed, however it was your client that allowed it to happen. Has he contacted his clients yet to let them know what has happened? He could find there might be serious consequences if it comes out later and he is found to have covered it up. One might imagine professional legal bodies taking a dim view of such (in)actions. |
fred_fish (15241) | ||
| 1417499 | 2016-03-16 09:35:00 | :(Not likely, if there is anything of interest in them.Indeed, however it was your client that allowed it to happen. Has he contacted his clients yet to let them know what has happened? He could find there might be serious consequences if it comes out later and he is found to have covered it up. One might imagine professional legal bodies taking a dim view of such (in)actions. That's a bit harsh. Some of these are mum and pop outfits who have been running as single entity businesses for years and probably find it difficult to catch up and stay in the loop with all of the changes in the InfoTech world. By the way, he has a Server 2012 Essentials box in his office, three computers connected to it through AD, GPO's enforced, emails come through Office 365, WebRoot (his choice, I directed him to Vipre but he was running W/R at home and liked it) up to date and on all of the computers and used Outlook. So he took all of the safety steps he could in terms of infrastructure. He's mulling over that decision now.. I've made the consequences of a leak clear so now it's up to him. I don't want to judge him for his decision, either way it would probably screw up his business. *sigh* |
baabits (15242) | ||
| 1417500 | 2016-03-16 10:16:00 | That's a bit harsh. Probably :) Some of these are mum and pop outfits who have been running as single entity businesses for years and probably find it difficult to catch up and stay in the loop with all of the changes in the InfoTech world.Quite, but as with many industries and professions, expectations of 'acceptable practice' and responsibilities evolve, which will (for better and worse) exclude those that won't or can't keep up. He's mulling over that decision now.. I've made the consequences of a leak clear so now it's up to him. I don't want to judge him for his decision, either way it would probably screw up his business.It's not an enviable position. Maybe the Privacy Commission and/or his legal association may be able to provide some help / advice - I'm sure he's not the first and certainly won't be the last, and as much as it's tough for him right now, the more that awareness of the issue is raised, the better. |
fred_fish (15241) | ||
| 1417501 | 2016-03-16 17:03:00 | One thing about Locky is that it's well written and looks like it emanates from Russia and would say that people that pay the Bit coin($630 at the current rate) ransom could be up for the same thing again asking for more or use recipients files for further monitory gain Avast has done a extremely good rundown of Locky blog.avast.com In the last week I have had a lot more email spam(spam Folder) in my gmail account with most of their sources coming from Europe no doubt others have noticed the same behavior |
Lawrence (2987) | ||
| 1417502 | 2016-03-16 19:39:00 | Got the email side of things covered :) MAILWASHER -- it lets you see what emails are waiting to come through, then you can only allow the ones you want. ANY that I don't know who they are, are simply deleted. If in doubt if there is a contact phone number in the preview, call them. If anything like a invoice or other text document is in a zip file, again delete it. Had the ANZ send me some stuff a while back, it was from them as I was talking to the guy on the phone when he sent it. As soon as I saw it was a zipped filed - DELETED -- and told him NOW send the pdf form out of the zip file - had to explain why -- he was shocked, he said the IT department has always said to send them that way---tisk tisk. Malwarebytes have an anti-exploit available that is meant to stop this and other such bugs in the banner ads. The free ones been running on this computer for sometime now, never been tripped. The new one is actually a paid version, as well as a beta thats meant to stop any of the codes if it detects them trying to run within your system. Links to the software in this page bleepingcomputer.com/download/publisher/malwarebytes/ (www.bleepingcomputer.com) |
wainuitech (129) | ||
| 1417503 | 2016-03-16 20:50:00 | That's a bit harsh. Some of these are mum and pop outfits who have been running as single entity businesses for years and probably find it difficult to catch up and stay in the loop with all of the changes in the InfoTech world. I dont think its harsh. Its a matter of fronting up to a mistake, and thats all it took, a mistake. Some 'professional' mom & pop busenesses are VERY lax with PC security in their business: to the extent of letting their kids play (yes play) on PC's containing confidential client info. The kid will infect 1 pc, when that slows down too much he goes to the next. So much for client confidentiality. (This actually happens) Or PCs left logged in overnight , so the cleaners could easily just jump on & have a play. Ive seen Work PC's left logged into banking website while that staff member wanders off for 15 minutes (or more). Everyone who uses a PC has heard of PC viruses, so there are no excuses. We all make mistakes,that happens, but lets not make excuses saying whoever didnt know. |
1101 (13337) | ||
| 1417504 | 2016-03-23 21:11:00 | yadda ---- yadda ---- If in doubt if there is a contact phone number in the preview, call them. < snippity, snip > Is it OK then to see a preview, since you've already downloaded the whole thing - viruses and all - right? |
SurferJoe46 (51) | ||
| 1417505 | 2016-03-23 21:33:00 | Is it OK then to see a preview, since you've already downloaded the whole thing - viruses and all - right? NO-- Mailwasher looks at whats sitting on your ISP/ Mail server. You can select to download or delete ( wash) that way you only download what you want. If theres any mail I don't know who its from or anything that has a invoice that I'm not expecting then it gets dumped, so it never reaches the computer. http://www.mailwasher.net/ |
wainuitech (129) | ||
| 1417506 | 2016-03-24 02:13:00 | Some 'professional' mom & pop busenesses are VERY lax with PC security in their business: t. A certain carpet franchise shop down south was like that. They did no backups of store transactions, emails, anything. Their modem had wifi, in use and no password. (Admittedly techie number 1 who installed it didn't bother mentioning that to them) The main owner spent a lot of time playing games on his PC and was a click on everything user. It is common, laxness. |
pctek (84) | ||
| 1 2 3 | |||||