Virus Alert! Beware of Ransomware Virus Known as CryptoLocker!

DBoyWheeler · Wed 23/10/2013 21:35:28

I just got word from one of my friends outside AGS that there's a new ransomware virus known as CryptoLocker. And considering what I hear about it, it's REALLY nasty!

I reblogged the info on my Tumblr, so check it out for more info.

Click here to learn more of this nasty virus.

Remember to be net-savvy and use common sense--don't open attachments unless you know who they're from, don't visit any suspicious sites... that sort of thing.

*sigh* Honestly, why are there people who have nothing better to do than to make others' lives miserable?

Khris · Wed 23/10/2013 22:20:56

That sounds pretty bad indeed.

A tip (probably well known by now):
Use a second, non-administrator account to go online. Only switch to your admin account if you must.

Stupot · Wed 23/10/2013 22:55:59

Wow, this is evil. I hate people.

Adeel · Wed 23/10/2013 23:02:45

Thanks for spreading the news, DBoy.

I personally didn't know about it until the very moment I read your thread. I read your blog and googled it for more information, too.

Thanks once again!

Ryan Timothy B · Wed 23/10/2013 23:16:25

Well at least someone is finally attempting to make money off their viruses. I can almost admit that I prefer that over the purely malicious--for the sake of seeing the world burn--kind of viruses.

kaput · Thu 24/10/2013 01:46:39

This is what happens when people don't get the sex.

Ghost · Thu 24/10/2013 02:23:34

Nasty stuff indeed. I don't really get it though. I remember when you got a virus from a FLOPPY DISK. Getting a virus was a risk you faced when you were getting a cracked/copied/hacked copy of a game, which was illigal in the first place, so people couldn't really complain when they got one. And back then some viruses were, let's face it, downright playful. Autumn Leaves, do you remember that one?

Seems these days it's all about causing the maximum damage possible, on as many computers as possible. Shame, really.

Ponch · Thu 24/10/2013 03:52:38

Quote from: Ghost on Thu 24/10/2013 02:23:34
Nasty stuff indeed. I don't really get it though. I remember when you got a virus from a FLOPPY DISK.

That's only because you're old, Ghost. That was way back when people still had sex in person instead of through the intertubes like we do today. It was a frightening, uncertain time (and messy!). We're all better off that such days are behind us and no one has to go out into the daylight anymore.

And thanks for the warning, DBoy!

kaput · Thu 24/10/2013 04:03:13

No, Ponch, sex in person still DOES happen. Don't worry about it buddy.

Ponch · Thu 24/10/2013 04:10:18

Quote from: Sunny Penguin on Thu 24/10/2013 04:03:13
No, Ponch, sex in person still DOES happen. Don't worry about it buddy.

What? I thought you kids today had evolved beyond that sort of thing. I'm almost certain I read about it on the tubes! And the tubes wouldn't lie to me, would they?

kaput · Thu 24/10/2013 04:12:07

We are the downfall of civilisation, so I wouldn't count on evolution!

Ponch · Thu 24/10/2013 04:20:15

Darn you, kids! Stop downfalling the civilizations! Your parents and grandparents worked very hard on that civilization, so stop it at once! And get off my lawn! I'm trying to have sex on teh tubes!!

Snarky · Thu 24/10/2013 07:44:38

I'm wondering: If I use dropbox and get a virus on one machine, does that mean I need to assume it's spread to all the machines connected to my dropbox account?

kconan · Thu 24/10/2013 08:23:29

A different flavor of that one got me a few weeks ago...I was using my laptop while visiting my cousin's place in Nashville and had been looking for some torrents on Pirate Bay when my spyware blocker went crazy. I closed everything figuring nothing had happened, and came back later to find a version of that screen. It tried to appear to be a joint effort between a local ISP and the FBI, and basically said you had to pay a fine for the first offense. It correctly showed directories where I had MP3s and AVIs.

Now since I'm not familiar with the ISP I was using, I freaked out for about a minute because I had heard that some ISPs in the U.S. were cracking down on people downloading torrents. And that lasted until I actually read through the fine print. Luckily, it was clearly a fear-based scam written by the King Kong of idiots.

So I looked up the virus on another computer and how to get it rid of it. I rebooted in safe mode with command prompt, deleted some registry entries, ran both Spybot and my company's virus cleaner, and then everything was fine.

qptain Nemo · Thu 24/10/2013 11:34:01

Quote from: Snarky on Thu 24/10/2013 07:44:38
I'm wondering: If I use dropbox and get a virus on one machine, does that mean I need to assume it's spread to all the machines connected to my dropbox account?

Only if you run executable files from your dropbox? And actually I haven't seen anyone mention whether the virus actually infects any executables or not.

TheBitPriest · Thu 24/10/2013 11:52:19

Does anyone know if this virus goes after shared network drives, or does it limit itself to the local HD?

[Edit] Never mind... I did my own googling.

From Infosecurity:

"The malware searches for files to encrypt on all drives and in all folders it can access from the compromised computer, including workgroup files shared by colleagues and resources on company servers."

Your data is at the mercy of coworkers who are much less savvy. Sigh...

Adeel · Thu 24/10/2013 12:34:52

I saw Al Lowe's email. Thanks for sending him that information too.

From my research on this virus, the safest way is to regularly make backups on an offline external hard drive. External Hard Drives are getting cheaper with each passing day. Be sure to make proper backups once in a week, especially after adding some important data.

Also, make sure to disable your internet and scan your files before backing them up. Always be sure that your external hard drive is connected to your computer only when you want to backup. Remove it as soon as you're done. Make sure that all of the files-to-be-backed-up are stored in an archive, preferably with hard-to-guess password. I've personally witnessed that many viruses find it difficult to infect the .exes stored in an archive.

Yes, exhaustive and painful way, but it helps.

We'll have to be on alert now, fellow AGSers. To quote Andail:

Quote from: AndailBe vigilant, citizen!

Or to go the simplest way, stop downloading porn for the sake of your privates! Hire a hooker, trust me, it'll be cheaper than having to pay those fraudsters multiple times.

Darth Mandarb · Thu 24/10/2013 12:56:16

I kind of hate having this attitude, but it is what it is:

If you're stupid enough to open an attachment blindly then not only do you deserve this (or any) virus, you deserve to have to [double] pay to get rid of it!

It's 2013. If you haven't learned the rules of being online by now... **see statement above**

Don't get me wrong; I'd love to see this guy "fucked by a cactus". But he's just taking advantage of stupid people. As countless have done before him and countless more will continue to do after him.

So long as there's stupid people, this kind of thing will continue.

Adeel · Thu 24/10/2013 13:05:10

Quote from: Darth Mandarb on Thu 24/10/2013 12:56:16
So long as there's stupid people, this kind of thing will continue.

My father always used to say the same words to me. He was indeed correct.

kconan · Thu 24/10/2013 14:08:34

I didn't open shit for the variant that hit me off of Pirate Bay or possibly BitSoup. My company virus scanner/spyware blocker claimed to have closed a bunch of windows that the malware attempted to open. No EXEs, no open browser window, nothing.

The virus didn't delete anything or encrypt data, as it threatened to do, and was easy to get rid of. Perhaps I had an older less harmful version of it.

EDIT: Just checked, I had the FBI Moneypak virus. Which also claims to encrypt, but is different from Cryptlocker.