| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 142273 | 2016-05-31 06:11:00 | Let's Talk @ Ransom Ware | SurferJoe46 (51) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1421243 | 2016-05-31 06:11:00 | Suppose someone (not me) got infected with ransom ware running Windows/anything, and they also had a dual boot with a Linux distro on the other side. Would the ransom ware be able to grab and lock down anything off the Linux side? |
SurferJoe46 (51) | ||
| 1421244 | 2016-05-31 06:39:00 | Theoretically but probably not, by default Linux uses a different file system. It would have to include support for the Linux file system in the ransom ware as windows itself can't read them. Anything in a windows compatible partition though it could and probably would. You should still have full access to Linux but likely that wouldn't help any attempt to fix the ransomware if it had encrypted your files like some of them do. Still the PC would at least still be useful. |
dugimodo (138) | ||
| 1421245 | 2016-05-31 06:42:00 | OK then. Since some office servers use Linux as their opsys in a Windows system inside the business, then shouldn't the Linux server not be affected and then also not pass the ransom ware through itself? Just a thought. Why would this not work - or would it? |
SurferJoe46 (51) | ||
| 1421246 | 2016-05-31 06:47:00 | There has been a increase in the last few days of spam malwaretips.com Would say it will target your directory as well nakedsecurity.sophos.com |
Lawrence (2987) | ||
| 1421247 | 2016-05-31 08:31:00 | Yes. Not by the ransomware you have seen but by the fact that they literally have control of your computer and could, if they chose to, go after partitions or drive. Never underestimate them, any exploit that turns up giving them control opens another doorway to ransomware. Safest way for prevention be monitoring for encryption calls and intercepting it. Detecting for known ransomware is too late when you are hit by a recent exploit. |
Kame (312) | ||
| 1421248 | 2016-06-01 22:50:00 | ransomware is evolving & getting better/smarter, simply because people pay up so its a money maker . If they thought there was money in it, then they would write new variants to access Lin partitions & drives, or simply encrypt the whole partition /2nd drive There is even ransomware for Mac now . Mac is catching up to PC :-) |
1101 (13337) | ||
| 1421249 | 2016-06-06 02:47:00 | So, how do you avoid ransomware? Personally speaking I have no idea how it gets to a person's computer . Do you become infected by straying down dangerous paths; do they send out a 'global' attack; can the attack be detected and blocked; do you become infected via email; or does it ride in on the back of legit programs or what? Lastly, does any tutorial exist to help minimise risk? Cheers Billy 8-{) :confused: |
Billy T (70) | ||
| 1421250 | 2016-06-06 02:52:00 | Mostly browser/flash/adobe exploits delivered by payloads or links in email or malicious websites or (increasingly commonly) banner ad's on legit sites. Best mitigation is to not run vulnerable software. |
fred_fish (15241) | ||
| 1421251 | 2016-06-06 02:59:00 | I have seen an attack on an elderly gent's comp (not me!!!) and he responded to an email from the NSW police (yeah, right) telling him he had a charge pending or something like that. So, basically, he invited them in by clicking on everything. His USB backup images were encrypted, plus some other non essential files. This highlights the need to have backup images offline but then you can't schedule the backups and I rarely see a user that can be relied on to do regular manual backups. My old friend couldn't be left with this job, I am afraid. We just have to keep doing what we hopefully have been doing, that is, keep the antenna waving when attached to the Internet. And keep offline backups! |
linw (53) | ||
| 1421252 | 2016-06-06 05:16:00 | OK then . Since some office servers use Linux as their opsys in a Windows system inside the business, then shouldn't the Linux server not be affected and then also not pass the ransom ware through itself? Just a thought . Why would this not work - or would it? Those servers would be exposing themselves on the network as SMB shares so Windows could see them If a user has write rights they can overright the files . |
nmercer (3899) | ||
| 1 2 | |||||