Virus Alert! Beware of Ransomware Virus Known as CryptoLocker!

[Vince Twelve]

I got to see this particular virus up close at my work yesterday.  Our IT department was fixing some computers for some clients who got hit by this.  And by "fixing" I mean completely wiping and re-installing windows.  It's the only solution with this one.

This virus finds all the networked drives and files it can, and encrypts them too.  So, it really can impact a company network.

In this case, the client's voice mail system sends emails with an audio file each time the person gets a voice mail.  This is fairly common.  So, a secretary at the office got an email looking maybe somewhat (but not really) similar to their voice mail system's emails.  It contained an attachment called "Voicemail.zip" which she downloaded and double clicked.  Inside is an executable called "voicemail.exe" which, thanks to Window's stupid "hide known file type extensions" setting, she did not notice was an exe.  She ran it and it fucked their whole company network.  Luckily this company has nightly backups of all networked drives so their critical documents were saved.

I'm wondering: If I use dropbox and get a virus on one machine, does that mean I need to assume it's spread to all the machines connected to my dropbox account?

If you have a drop box, it would encrypt all the files on that dropbox rendering them useless for all the machines who access that account.  However, the encrypted files would not in-turn infect another box on that dropbox unless the .exe was also placed in the dropbox and it was opened on another machine.

[qptain Nemo]

I kind of hate having this attitude, but it is what it is:

If you're stupid enough to open an attachment blindly then not only do you deserve this (or any) virus, you deserve to have to [double] pay to get rid of it!

I hate you having this attitude too because even regardless of the arguable sentiment it doesn't cover the full picture. Are you not aware there are other infection vectors for getting viruses than running a binary somebody sent you in an email? This virus for instance is said to use Java vulnerabilities as one of the vectors. Is everyone who didn't disable Java in their browser an idiot who deserves to get their data wiped? For another example, earlier this year I got a virus because somebody had attacked Opera software's internal network and compromised the autoupdate mechanism of Opera browser. Did I deserve this too, by... err... not predicting this exploit?..

Virtually any exploit in any software could be used to run malicious software on your computer. What's that? You have software on your computer that has at least 1 bug? Well, you must be stupid then and deserve viruses all over the place!

And even when addressing your original wrongly applied point, yes, generally speaking, people to a large extent deserve the consequences of their actions, including passive willful ignorance, but even if that applied to being wronged by others, saying somebody deserves to potentially have lots of their data wiped irreversibly with no chance of getting it back is way too harsh. It's like saying that every single instance of carelessness or naivety means you deserve to be instantly kidnapped by mad sadists and slowly tortured to death. But it doesn't apply, which brings us to another point, which is no one "deserves" to be wronged by malicious individuals by definition, no matter how naive or ignorant they are. Ignorant naive people deserve to be hurt by themselves and their own ignorance and wrongdoings, but not by others'.

[Darth Mandarb]

Of course I'm aware there are other paths to being leveled by a virus.  I never suggested there weren't.

My comment pointed out one particular way (the most common these days) to get a virus and I stand by, and will continue to do so, what I said.  If you blindly open an email attachment you deserve what you get.  Even if it comes from a "trusted" source you should check it before opening it.  This is common sense (or should be) in 2013 (as it was in 1999).

I think you latched on to the sentiment of my statement but ignored what it actually said.  If a person gets a virus because some idiot on their network blindly opened an email attachment then, obviously, they didn't deserve it.  But they then earn the right to get out their pitchfork and go on an ogre hunt for the guilty party!

I didn't mean to offend you... can I offer you a drink or something?

[David Ostman]

I'm wondering: If I use dropbox and get a virus on one machine, does that mean I need to assume it's spread to all the machines connected to my dropbox account?

If you have a drop box, it would encrypt all the files on that dropbox rendering them useless for all the machines who access that account.  However, the encrypted files would not in-turn infect another box on that dropbox unless the .exe was also placed in the dropbox and it was opened on another machine.

I use the online backup service CrashPlan which creates revisions of files being updated, so if all my files get encrypted and backed up in this state I can simply go back and revert to previous version after I've reinstalled my Windows machine. I have it backup my Dropbox folder as well in case something like this happens

My comment pointed out one particular way (the most common these days) to get a virus and I stand by, and will continue to do so, what I said.  If you blindly open an email attachment you deserve what you get.  Even if it comes from a "trusted" source you should check it before opening it.  This is common sense (or should be) in 2013 (as it was in 1999).

Oh, and no one actually deserves getting a virus as serious as this unless they are a pedophile or (in the eyes of corrupt/ignorant politicians and lawmakers these days) worse: a copyright infringer

[qptain Nemo]

Of course I'm aware there are other paths to being leveled by a virus.  I never suggested there weren't.

Well, I stand corrected but in the context I'd say it was off a bit odd and misleading.  We're talking about a virus that has the nastiest negative effects imaginable and isn't limited to email attachments but you're criticizing specifically the people who open attachments even though this doesn't affect only them. So y'know, I just made the wrong assumption from this. Assumptions are treacherous and the joke is on me I suppose.

I didn't mean to offend you... can I offer you a drink or something?

No, no offence, I just like nitpicking arguing about subtle details. This is my favourite style of conversation.

Oh, and no one actually deserves getting a virus as serious as this unless they are a pedophile or (in the eyes of corrupt/ignorant politicians and lawmakers these days) worse: a copyright infringer

Surely the latter deserve to be skinned alive? Those monsters!