|
Best Porn Sites | Live Sex | Register | FAQ | Members List | Calendar |
Help Section If you have technical problems or questions then post or look for answers here. |
|
Thread Tools | Display Modes |
October 27th, 2014, 08:36 PM | #1 |
Senior Member
Join Date: Feb 2013
Posts: 121
Thanks: 195
Thanked 791 Times in 111 Posts
|
Cryptowall virus?
Has anyone picked up the Cryptowall Ransom Hijack? I got it last week, I think from here or a link from here. I was in the Jeana Tomasino thread when it happened. It encrypts all your picture files and holds them for ransom.
|
|
October 27th, 2014, 11:08 PM | #2 |
Senior Member
Join Date: Feb 2013
Posts: 121
Thanks: 195
Thanked 791 Times in 111 Posts
|
Wasn't trying to blame anyone. Just seeing if anyone else got it.
|
The Following User Says Thank You to keegen01 For This Useful Post: |
October 28th, 2014, 04:04 AM | #3 |
Porn Archeologist
Join Date: Sep 2007
Location: earth
Posts: 12,714
Thanks: 92,252
Thanked 241,301 Times in 12,746 Posts
|
Most likely it came via the ads on the 3rd party host site
Bleeping computer initially said it was spread by pdf zipfile in emails Towards the end of April the developers of CryptoDefense released a new Ransomware variant titled CryptoWall. This variant is for the most part the same as CryptoDefense other than the name change and different filenames for the ransom instructions. It is speculated that the developers either released a new version because CryptoDefense was too well known by AV vendors or that they sold the code base to another malware developer. Unfortunately, just like the latest versions of CryptoDefense it is impossible to decrypt files that are encrypted by CryptoWall. http://www.bleepingcomputer.com/viru...re-information http://www.bleepingcomputer.com/foru...cryptodefense/ but Security researchers at Proofpoint warn that a new variant of CryptoWall recently spread through malicious banner ads. Surfers ran a risk of being faced with ransomware purely by visiting one of the impacted sites, which included various properties in the Yahoo!, Match.com, and AOL domains, among others. source 23 Oct 2014 http://www.theregister.co.uk/2014/10...sing_outbreak/ Blocking ads & scripts the least you should be doing to avoid it http://www.techsupportalert.com/cont...y-concerns.htm Last edited by buttsie; October 28th, 2014 at 09:03 AM.. Reason: adding date |
The Following 20 Users Say Thank You to buttsie For This Useful Post: |
October 28th, 2014, 04:38 PM | #4 | |
Senior Member
Join Date: Feb 2013
Posts: 121
Thanks: 195
Thanked 791 Times in 111 Posts
|
Quote:
|
|
October 28th, 2014, 11:32 PM | #5 | |
Senior Member
Join Date: Feb 2013
Posts: 121
Thanks: 195
Thanked 791 Times in 111 Posts
|
Quote:
|
|
October 30th, 2014, 11:54 PM | #6 |
Porn Archeologist
Join Date: Sep 2007
Location: earth
Posts: 12,714
Thanks: 92,252
Thanked 241,301 Times in 12,746 Posts
|
No it mostly goes after where ever it can find the heaviest traffic
Social media pages are its latest target...mobile phones are in the mix as well High profile celebrities recently in the news FREE - take your pick - pirate sites offering - TV , movies , gaming , cracked software etc If your getting the .1% of malicious ransomware (as we speak the latest now has 80+ different versions) then you have a vulnerable security hole and thats not going away because you dont click on porn. I've surfed through 100,000+ porn pages,probably more and never got hit with the serious end of ransomware ever though i have had other infections that exploited vulnerable programs like java (jre). Some It pros reckon you can use programs like TrueCrypt etc and store content on hard drives safe from ransomware. Some have questions over their own security A bit like the questions which surround the security of USB sticks http://www.techsupportalert.com/best...on-utility.htm The bottom line in all this is if you value it you back it up and store it offline so you can remove the ransomware and then restore your files. Other solutions have too many risks Last edited by buttsie; October 31st, 2014 at 05:15 AM.. Reason: adding |
The Following 5 Users Say Thank You to buttsie For This Useful Post: |
October 31st, 2014, 03:12 AM | #7 | |
Porn Archeologist
Join Date: Sep 2007
Location: earth
Posts: 12,714
Thanks: 92,252
Thanked 241,301 Times in 12,746 Posts
|
Follow up link
Quote:
Seems this Ad attack vector has been going since late September 2014 but only became significant recently "Using Adobe Flash, the malvertisements silently “pull in” malicious exploits from the FlashPack Exploit Kit." If your purely browsing and not going to be watching streaming videos disable the adobe plugin which is usually under something like shockwave flash Found in most browsers under tools / add-ons / plug-ins Save you getting a drive by shooting by something your not even using. Researchers observed three major ad networks delivering malvertisements to websites: OpenX, Rubicon Project and Right Media/Yahoo Advertising. source http://www.securityweek.com/malverti...tes-ransomware List of websites affected Which websites were impacted? Proofpoint detected that the following large websites were serving malvertisements which delivered the FlashPack exploit kit to visitors. The sites themselves were not compromised; rather, the advertising networks upon which they relied for dynamic content were inadvertently serving malware – which in turn, was not due to an explicit compromise of the networks; rather, it was due to the networks accepting ads from a malicious source without screening detection. The sites' domain and Alexa rankings are displayed in parenthesis after each in order to provide context of potential end-user impact. All told, more than 3 million visitors per day were potentially exposed to this malvertising campaign. Yahoo! Finance, Fantasy and Sports (yahoo.com, Global 4, US 4), AOL (realestate.aol.com, US 37, Global 119), The Atlantic ( theatlantic.com, US 386, Global 1,206), 9GAG (9gag.com, US 528, Global 201,), match.com (US 203, Global 631), The Sydney Morning Herald ( .smh.com.au Australia 13, Global 780), realestate.com.au (Australia 17, Global 1,656), The Age (theage.com.au, Australia 34), stuff.co.nz (New Zealand 9), societe.com (France 54, Global 1,649), Dumpert (dumpert.nl, Netherlands 24), Flirchi (flirchi.com, India 106, Global 1,129), Weatherzone Australia (weatherzone.com.au, Australia 111), Brisbane Times (brisbanebrisbanetimes.com.au, Australia 183), RSVP (rsvp.com.au, Australia 351), The Canberra Times (canberratimes.com.au, Australia 403), Time Out (US 1,145, Global 1,816), The Beacon-News (beaconnews.suntimes.com, US 1,178), Merca2.0 (merca20.com, Mexico 229), clicccar.com (Japan 1,124), iPhone for Hong Kong (iphone4hongkong.com, HK 112), Noticias Argentinas (noticiasargentinas.com, Argentina 784) source http://www.proofpoint.com/threatinsi...zes-brands.php When did this take place? Proofpoint systems first detected isolated instances of this malvertising activity in late September; however the instances did not reach a significant level of activity until very recently. After crossing a threshold level, it became possible to associate the disparate instances with a single campaign impacting numerous, high-traffic sites. Proofpoint subsequently worked quickly to inform the affected parties, including an industry working group focused on anti-Malvertising, and at this point we believe the issue to be resolved. Proofpoint’s last detection of issues related to this campaign was October 18, 2014. Last edited by buttsie; October 31st, 2014 at 03:23 AM.. Reason: adding |
|
The Following 4 Users Say Thank You to buttsie For This Useful Post: |
October 31st, 2014, 10:35 AM | #8 |
Veteran Member
Join Date: Oct 2007
Location: UK
Posts: 11,780
Thanks: 8,945
Thanked 231,151 Times in 11,999 Posts
|
So the weak point is in an Adobe product - now why am I not surprised by that?
|
The Following User Says Thank You to Moon Raker For This Useful Post: |
|
|