Welcome To Signs101.com: Largest Forum for Signmaking Professionals

Signs101.com: Largest Forum for Signmaking Professionals is the LARGEST online community & discussion forum for professional sign-makers and graphic designers.

 


  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone else been extorted?

Discussion in 'Computer Hardware' started by BIG EASY DOES IT, Jun 3, 2015.

  1. visual800

    visual800 Very Active Member

    3,810
    241
    63
    Aug 4, 2010
    montgomery, alabama
    I was brought a laptop from a friend that had a lock on his computer that would pop up and say " this computer has been linked to child porn" call and pay and we will release....really?

    it was a nasty virus to remove. I started in safe mode ran MBAM, CCLEANER AND HIJACK THIS. I got it off but it was a couple of hours. it amazes me how some people are this damn smart and use it to deceive and steal. And im more than certain they could find out who is doing this kind of crap but noone cares
     
  2. BIG EASY DOES IT

    BIG EASY DOES IT Very Active Member

    2,248
    119
    63
    Mar 14, 2011
    CA
    Got my Taurus 38 ready
     
  3. Drip Dry

    Drip Dry Very Active Member

    1,122
    1
    38
    Aug 11, 2004
    Long island NY
    A customer got hit with this 2 months ago.
    His IT guy couldn't fix it. I know the computer guy and he seems very knowledgeable.

    Anyway, they followed the instructions. I think they had to use bitcoin or something to pay. Paid 650.00

    They did get unlocked... I'm not sure how



    Now, just because they got unlocked, doesn't mean you will get unlocked
     
  4. Gino

    Gino Premium Subscriber

    32,500
    2,074
    113
    Jun 7, 2006
    PA
    Get a Governor. Throw two 410s up front, then 4- 45 long colts..... execution style. Nothing better. :noway:
     
  5. LeLuni

    LeLuni Member

    83
    0
    0
    Sep 17, 2012
    All you need to do is google the text of the 'this is encrypted' popups. Malwarebytes is good, but bleepingcomputer.com will often have step-by-step removal instructions.
    If you find your problem in the bleepingcomputer.com forum (and you probably will), then follow the instructions very, very specifically.
    That should get your system functional... enough to get important files before a clean wipe and reinstall of the OS.
    My wife does this once a year while searching for free images, powerpoints, or this-or-that for teaching in her classroom... she's a bit gullible with popup windows.
    You don't need to pay anyone to get this sorted.
     
  6. DravidDavid

    DravidDavid Member

    183
    0
    16
    May 9, 2014
    Auckland
    This particular attack is more sinister and harder to remove than simply using good ol' Malware bytes to tackle it inside of Windows.

    The software has genuinely encrypted your files. It's not a bluff to scare you in to giving them your money, nor is removing their ransomware completely an easy task. If you've got a data centre and 100,000 years, you might be able to break the encryption, otherwise you either pay them the money or simply take your losses.

    There is one single, VERY small ray of light you may have at your disposal. But it may not work right away. After complaints are generated, the servers the criminals use are found and seized. Encryption keys are sometimes released in to a data base to help those affected.

    How it works, is you upload an affected file and the server goes through the list of seized keys and finds the one that decrypts your file. You can then use that to decrypt the rest. The problem is, if it is an active operation you may need to wait a while.

    What I'm saying is, your local IT won't be able to help you, but some of the data may not be a total write-off just yet.

    By the way, if you pay them you are quite likely to get your key and the ability to decrypt your files. These ransomware criminals rely on their honest (if you can even call it that) reputation. If they had a reputation for non-compliance after payment, they would never make any money as nobody would ever pay them to start with.

    It's a moral issue, do you pay the crook and take lose some money? Or start from scratch, take your losses and flip them the middle finger? Your choice. :)

    EDIT: This ransomware usually infects your computer via attachments opened from email. Specifically, email stating you had an invoice payable or a resume to review and encourages you to open it. It's important office staff know to check addresses are from safe, verified sources before opening attachments and that all computer have an anti-virus and firewall. A central dedicated firewall is most effective.

    [​IMG]
     

    Attached Files:

  7. Techman

    Techman Major Contributor

    8,520
    8
    38
    Jun 24, 2003
    michigan
    If one knows how to get into the darknet
    One will never have to pay for ransoms.
    TOR
     
  8. DravidDavid

    DravidDavid Member

    183
    0
    16
    May 9, 2014
    Auckland
    I'm not sure where you are going with that.
     
  9. AF

    AF Active Member

    951
    70
    28
    Dec 8, 2013
    Ventura, CA
    Which ransomware was it? Many can be prevented through policy modification for protection in the future. Kudos to MS for designing such easily exploited software. The annual cost to protect, debug and recover from these exploits has to be a million times the cost to simply design the OS properly in the first place. Which makes me think that maybe there are backdoor deals going on between MS and the crooks...
     
  10. DravidDavid

    DravidDavid Member

    183
    0
    16
    May 9, 2014
    Auckland
    There are no backdoor deals.

    There are wholesale ransomware applications available on the black market. Some made to order or with a certain theme or branding, which could be something to do with Techman's TOR reference. A lot of these criminals become quite wealthy via this ransomeware method. Individuals that know how to properly distribute the application have been said to make in excess of $30,000 dollars per day.
     
  11. Pixels Are Bad Mmmkay?

    Pixels Are Bad Mmmkay? Very Active Member

    We use Carbonite to back our files up. We also use an external hard drive to do a manual backup of all vital files at least once a month on Friday before closing. Then we unplug it from the computer when we're done backing files up on Monday morning. If your business relies on computers and data, this is something that everyone should do. To me, it's not an option, but rather a necessary precaution. The best part is if I want to work on a project with a tight deadline from my home office, I can access my Carbonite files from anywhere. It's super convenient.

    I would honestly hate to be in your shoes. Best of luck.
     
  12. S'N'S

    S'N'S Active Member

    963
    25
    28
    Jun 5, 2008
    Australia
    They put out alerts on the news and in news papers about these Ransomwares months ago over here. I never open pop ups or open suspicious emails and run either No Script or adblock Pro.
     
  13. DravidDavid

    DravidDavid Member

    183
    0
    16
    May 9, 2014
    Auckland
    NoScript and AdBlock are certainly lifesavers. They make browsing the internet dummy proof to a certain extent.
     
  14. Techman

    Techman Major Contributor

    8,520
    8
    38
    Jun 24, 2003
    michigan
    sorry to say,, Ransome ware will get into any and all drives on a network including offsite backups.
    People are hosed no matter what .. Opening strange emails, or attachments or strange invoices are dangerous.
     
  15. Chad

    Chad Member

    30
    0
    6
    Jan 20, 2005
    Great white nirth
    This happened to an older couple in Toronto area a couple of months ago. Paid $2,000 for a life time of pictures and the scums never returned the files just took the money.
     
  16. Desert_Signs

    Desert_Signs Active Member

    653
    2
    0
    Jan 31, 2011
    The ransomware thing happened at a shop I used to work for. They had no backups. Had to pay the ransom, and did get the key.

    I use Dropbox Business for my backups (along with a NAS). I spoke to them specifically about this issue. They said if you keep your files synced to their servers, it's no big deal for them to fix it. They can roll back to old versions of your files, no problem. So, I have my NAS, dropbox, and I once monthly back up to a hard drive that I keep off site.

    I feel fairly protected.
     
  17. dypinc

    dypinc Very Active Member

    1,540
    92
    48
    Mar 9, 2011
    Here
    You mean MS and the Government.
     
  18. BIG EASY DOES IT

    BIG EASY DOES IT Very Active Member

    2,248
    119
    63
    Mar 14, 2011
    CA


    Ahhh.... If I wasn't in California maybe. That's considered a SBS Short Barrel Shotgun. Which is illegal in California. Stupid Libs.
     
  19. TimToad

    TimToad Very Active Member

    2,568
    631
    113
    Jun 13, 2013
    CA
    Well, then your employers are idiots. Aside from our equipment, the next most valuable thing we own is our files.

    Our IT company charges us $75 per month for offsite (Carbonite) daily backup, 24/7 remote network and system security/malware/virus protection and monitoring.

    That's one small banner job per month for peace of mind.
     
  20. brycesteiner

    brycesteiner Member

    395
    37
    28
    Nov 5, 2014
    Ohio
    Do you happen to have access to your files from another computer system - aka Chrome, OS X, Ubuntu, etc? Try and see if you can seem them. You may very well be able to filter the files by copying them through the network to a computer that won't be susceptible to the virus.

    Our system backs itself up every hour with the computers having access. I really like Apple's time machine being built into our server.

    I know others have said don't use Windows and that would be one option in this case, but people should not think they are automatically safe from losing data just because they aren't using MS. From Power failure's or You could have a PO'd employee who could delete the data in just a few minutes and have the same issue - no matter the OS. Bad things happen. Just be prepared.

    Hope it all works well for you.
     
Loading...

Share This Page

 


Loading...