Slashdot Mirror
Many Australians Forced To Pay For "Unbreakable" Cryptolocker Ransomware
An anonymous reader writes: Australians are paying thousands of dollars to overseas hackers to rid their computers of an unbreakable virus [Cryptolocker]. The deputy chairwoman of the Australian Competition and Consumer Commission, Delia Rickard, said over the past two months there had been a spike in the number of people falling victim to the scam. The commission has received 2,500 complaints this year and estimates about $400,000 has been paid to the hackers. Bad news for Australians: this is just one of many targetting the country.
Silly you. You only watch the doors where you expect the burglar comes in.
Serious, stop assuming it's weird e-mails are the only way to make victims.
silly you. you're an ignorant hypocrite.
Gets Cryptolocker installed. Via Group Policy, it prevents, among other things, anything being executed from the user's temp directory/ies - which is where email attachments are placed for whatever operation they require - picture preview, etc. It's not a guarantee, but it presents a big obstacle to any attacker attempting to fool a user into executing their code simply by opening an email.
Not affiliated, just a happy user.
They sentenced me to twenty years of boredom
but shouldn't they be used to this? i mean EVERYTHING in that country evolved to kill them. what's a bit of ransomware compared to magpies attacking their eyes when they go shopping? ever touched gympie gympie? just look at children armed with dingo sticks on their way to school... WTF is ransomware compared to that? on a scale of 1 to 10, this sofrware must be -5.
Like the movie Ransom with Mel Gibson.
But having backup of your files is always a good idea.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Quick, you should pass a law for all that non taxable revenue....
Restore from backup and be more careful next time.
That is a very misinformed post
http://saveie6.com/
Compared to the amount we get overcharged by companies in America, just the extra my clients have paid for cad over the last 10 years would easily cover that cover that ($10000 for a 2 user license last year for example). So who are the real crooks?
The real risk are the Drop Bears. Suicidal little buggers. Gotten worse since they figured out how to make explosives.
Seriously, a lot of Australians are just idiots. Computer technology has proliferated in the last 20 odd years but brains haven't. Almost everyone now has some kind of computer and has to use one for work but cant seem to grasp the basics of security. I have to wonder if these people would open a package some random stranger gave them on the street.
Combine this with the fact there is a large subculture glorifying idiocy and backwards thinking in this country (that's about to become a serious problem, but that is for another thread) and it's little wonder that people are getting Cryptolockers.
I have no sympathy for them, its the sysadmins that have to restore backups that I feel sorry for. Inevitably Braindead Bruce will get angry at the sysadmin when they find out that Bruce didn't keep backups of his important files (read: porn and car pictures).
Calling someone a "hater" only means you can not rationally rebut their argument.
Not necessarily. Synology NAS users fell victim of this. Synology took way too long to alert their users, instead, pretending nothing was happening, or silently ignoring the issue of their failure to update their software (which is OSS and already fixed). Eventually they addressed it, but the time they took was disgraceful, and even then, they failed to alert their registered users what was affecting their products.
So how about you not blaming the victims until you have facts to hand? Email is merely one vector, crytoplocker is run by various criminal organisations and uses an army of distributed machines hunting for exploitable servers. Do you actually check server longs? Thought so. Typical know-it-all dweeb.
Judging from the comments, very much so.
Maybe they learn something from this... If not, there is allways the next time!
Private Number: "Hello I am from Telstra Internet Services and you have a problem with your computer"
Me: F**k o** you scamming c***
*End Call*
Been getting those at least once a month now.
1) Make sure users, especially Windows users, are well educated enough to not run things or accept things that pop up in the browser or is sent in an email.
2) Make sure that all users have Adblockers, No-Script etc installed by default. It is more trouble initially, but it gives you a chance to stop and think, and after a while you will have trained yourself and your browser to allow you to do your work with a minimum of pain.
3) Always run Windows in a VM under Linux - and make regular, dated backups of the Windows disk images (the VM disk images!). If shit happens, you can quickly go back to a version that works.
Of those three, the first point is far the most important.
Backup in depth:
'real time' (ie Apple's time machine)
+ Daily
+ Weekly (put aside)
+ Monthly (stored offsite)
+ Yearly (stored off-offsite)
blindly antisocialist = antisocial
I suggest you read less abc.net.au and more xyz.net.au
Hasn't the time come yet to create a super national institution/task force (like interpol for "real" world) to stop this and to put to jailforever the persons who receive the money? Really not yet?? Do not tell me it's not possible, because it's not true at all.
Scam would imply this is some kind of fraud or swindle, like a con artist trying to trick you. This is plain extortion, they've kidnapped your data and is holding it ransom. If bad things really do happen if you don't pay, it's not a scam any more than being robbed at gunpoint is.
Live today, because you never know what tomorrow brings
I hope that the ATO is getting their fair of the GST on these ransomware demands.... The lack of tax on overseas purchases are taking our jeeerbs!
I know someone who personally accounts for 4 of those installations. On the same computer. Because she's fallen for the same frikkin scam four times. Every time I ask her "why did you open an email claiming to be from the IRS, when we don't have an IRS in Australia", she tells me "because it sounded real". You should see the grammar in these scam emails, too: they're written like "please effective the transactionments with the rapid or we can has your cheeseburgers". Yet she's still fallen for it. Four. Times.
Fortunately, I back that site up effectively.
Of course Australians are a massive target. Unlike the Americans and Europeans they have jobs and money.
No point targeting the Euros as they have enough problems with their banks running out of cash and them having to live on $100/week. The USA ??....lol....they're either all on food stamps or they can't pay the electric bill, let alone have enough left over to send as bitcoin for a ransom.
Nah....it's a canny move by the ransomware authors. Hit the affluent, ignore the destitute.
Appropriate that you should post about that site here, it really does embrace the FOSS principle of "Fork it, don't fix it".
Ha-ha. Yes!
Current ransomware will just destroy your data. But wait until the crimeware authors switch to "pay us X btc, or we'll make make your online activitiy look like that of a terrorist."
...we start lists at zero around here.
0 - Prevention is preferable to cure, avoid giving your PC the power to crash your life in the first place.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
It's only ever killed one person from memory - a twenty metre tall tree does that to you if it falls on you, stinging leaves or not. However there's plenty of immature trees with leaves at heights that can sting anyone walking past.
http://anpsa.org.au/APOL2007/sep07-s2.html
It hurts like stinging ant bites, a bit of pain to start with and then it fades a bit but is still there. Adding water later makes it hurt again, as much or more than the initial sting. There's not a lot you can do other than try to remove the tiny stinging hairs (especially before you get wet) and put up with it for a day or so. It's possible that some sort of resistance is built up or people stung frequently just get better at ignoring it, because after being stung a few times it's just one of those things that hurts but you'll be over it quicker than bad sunburn.
Sounds exactly like the United States.
Do not look at laser with remaining good eye.
They do hundreds a day and have a script - your reverse pfish is not in the script to deal with so even if they are gullible enough it's not going to happen.
The best I've done is ask one Indian lady on the line why she's working for such criminals despite having perfect English - that got a bit of an offscript response. I no longer have a phone on my landline so no longer have to put up with those scammers.
In Australia we call them waiters, and no, I like the girls too much to be interested.
Now that's just pathetic - modded down for pointing out the vector of infection by some fanboy that wants to pretend even MS products being discontinued are perfect.
There is nothing inaccurate in the above post. Not liking reality is no reason to mod down a post describing reality.
WTF is ransomware compared to that?
Current ransomware will just destroy your data. But wait until the crimeware authors switch to "pay us X btc, or we'll make make your online activitiy look like that of a terrorist."
And you'll have the crimeware alibi as well to provide reasonable doubt. Wouldn't get a cent out of me.
Not necessarily. Stupid Synology NAS users fell victim of this.
FTFY. You don't leave it open for Internet access.
you would... ... not ...
If you survive the raid on your house.
Think "swatting", just done for profit and on a larger scale. And these criminals usually don't get caught, unlike the usual revenge swatter.
And they deserve it for making their NAS accessible on the Internet. Keep your pirated software to yourself.
Comment removed based on user account deletion
And you'll have the crimeware alibi as well to provide reasonable doubt
The government will go crying to the USA. Which abandoned the idea of Innocent until Proven Guilty back in 2001. A massive black-ops force will descend upon your granny, arrest her and render her to Albania, leaving smoking rubble behind where her house and cats were. Later, they'll realise it was actually the house next door, but being a USA hit squad means never having to say you're sorry.
FTFY.
Do Australians have to pay just a bit more ransom for the luxury of being hacked in Australia?
I mean: this happens all over the world. If it just hit them, then they were lucky up till now.
Don't fight for your country, if your country does not fight for you.
Sue Microsoft for making shitty software.
But you morons deserved to pay for your ignorance. You shouldn't even have to learn about computers to avoid this scam. But you're not. And after a while it's not my job to care that you got fucked over because of your own incompetence at life.
Hopefully you have learned your lesson and it will never happen again. But what you've lost, you have lost. Live with it as a learning experience.
Yeah, sure, there's probably a lot of russians, but most of them are americans using cracked and insecure russian computers for this. How do I know? Because most of the spam I get from russian IP addresses are from american companies in us dollars sent to me in the UK.
Moreover, the reason why it won't happen isn't because russia won't hand over citizens, but the USA have been against it for decades.
Why weren't UN inspectors able to get into any chemical company in Iraq and check he didn't make chemical weapons? Because the UN resolution that would allow UN inspectors to do that was vetoed by the USA because there was no way to prevent the inspectors inspecting US companies.
International courts and the Hague are ingored by the USA who will not hand over their military personnell, EVEN IF it's only to ask questions in an incident where a squaddie killed a civilian when they were in germany and were back on the base and sent back to the USA before the police found out who it was. Or the airforce pilot who shot a column of british tanks in the iraq war.
The USA would refuse any convention that allowed this extraction unless there were an explicit "but not us" for the USA.
Russians? Not in it. It's your aged and raddled brain pretending that the cold war was still on.
CryptoWall/CTB-Locker/Cryptolocker (or whatever the variant's name is this month) seems to have difficulty with or is rather slow at getting to data stored in the container for the Volume Snapshot Service. For businesses that do not allow their users to run as administrators (or have them elevate from a privileged account), they can typically restore a reasonably recent snapshot of data folder by folder using the Previous Versions option.
If the user is an admin, I've found that the window for recovery using VSS is smaller, but certainly better than nothing. Network shares should be restored from backups or VSS from the server (if Windows). I haven't figured out what to do with flash drives quite yet....even most data recovery software doesn't find much since the files are never really erased, just overwritten with encrypted copies.
I suppose you can recover from terrorist but you cannot recover from say child abuse. Rape is also good. Hard to get out of that especially if intercourse took place.So there are a few options available.
I have to wonder if these people would open a package some random stranger gave them on the street.
Like everyone ever would have done inclusive you. What could go wrong if the stranger wouldn't run away when you start opening it? You can even guess what it's inside when you shake it or look at the form or size.
It cannot really affect you, yes there could be poison or a bomb in it, but no device which silently can steal you money without you recognising it. Did you here about the packet that locks you out of your home? I didn't.
That little difference is what most people have difficulties to grasp.
FTFY.
Talk about intolerance and hate. The exact things you accuse people in "The South" of doing. Project much?
FTFY.
To be more precise, Texas..
You're messin' with my Zen Thing, man.....
It seems like it shouldn't be too hard to MD5 / SHA / whatever hash every file of the types that are targeted - a la tripwire.
Do such solutions exist for the various targeted OSs?
blindly antisocialist = antisocial
FTFY.
Don't kid yourself.
"What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
The real risk are the Drop Bears. Suicidal little buggers. Gotten worse since they figured out how to make explosives.
The drop bears have become Muslims?
Kinda like suddenly running into the middle of a busy road and getting hit by a car. Even though pedestrians have the right of way, any court of law would blame the pedestrian.
So there is a much better, more secure, more useable and more professional product out there than Microsoft Windows, and its even free (Gnu/Linux), yet many dumbasses still choose to buy and use Windows instead and also not even back up their files, even though Windows has a decades long history of being easily hacked and Microsoft has a decades long history of doing little to nothing effective about it. Any company that comes up with shit like UAC is very clearly clueless.
There must be some level at which you just have to say choosing Windows then becoming a victim to this kind of attack is pretty much self-inflicted.
Bad news for Australians: this is just one of many tar getting the country.
Waiter's professionalism should be appreciated, as you never know when you're getting packed together, unwillingly.
That is a sticky situation.
It can still get on via angler malware kit. The type from yahoo.
It is run only from ram making it impossible to block or detect.
Malware kits? You sound like Another Satisfied Microsoft Customer.
I've seen individual *nix machines that were hacked into by a determined individual who put a lot of time and effort into doing it. I've never seen automated self-perpetuating malware for *nix in the wild. I've seen a few proof-of-concept viruses, but not in the wild. Odd, considering the majority of servers on the net are some form of *nix. That's a lot of beefy machines with loads of interesting data and tons of bandwidth, why you would think that'd make a tempting target...
Seems the *nix world learned their lesson from the Morris worm, you remember, the one from 1988? Yeah after that they took security seriously. With all their billions of dollars and skilled talent you would think Microsoft could do something similar? Oh well, just keep buying Windows, the next version will be better right?
FTFY.
Didn't you get the memo? It's not the South that's standing in the way of the Progressive New World Order any more, it's "Rurl 'Merica".
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
Not necessarily. Stupid Synology NAS users fell victim of this.
FTFY. You don't leave it open for Internet access.
This. File system sharing protocols are inherently insecure. Doesn't matter if it's Samba, CIFS, NFS, and whatever Microsoft is calling the Windows version of SMB these days - they all have serious vulnerabilities that can be exploited from a public interface. Don't expose them to the world.
If you want to share files on the public Internet, there are better ways. Lots of ways to do it on a web-based platform. And share copies of stuff, and keep your system isolated. If you are using these Internet-based sharing things for traveling, use some kind of VPN instead.
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
Hiring an assassin to hunt them down and kill them would be a good use for a kickstarter campaign.
Perhaps a few dead hackers would send a message to them.
Here's hoping.
That is a very misinformed post
Is that full disclosure or something?
I have (had, really) a lady friend who was fairly young and lived in a tiny place called Cann River. We met online and I, being a pervert, went to Australia to meet them in person. I stayed for a couple of weeks the first time and then for about a month the second time and all was well and good. Anyhow, not long after I left, she was on her way to work at a coffee shop/cafe type of deal and was walking there when she was attacked and suffered some real damage from a magpie.
I do not really have a point, I seldom do, but I did find it amusing that you mention it. We did not end up wed and live happily ever after feeding our babies to dingos. In fact, I never saw her again though I did return to Australia another time but that was for entirely different reasons.
"So long and thanks for all the fish."
American idiots. PROOFREAD.
Sociological issues aside, getting bit by one of these scams is functionally equivalent to having your hard drive become corrupted, and the obvious solution is the same -- restore your data from backup.
The thing that motivates people to pay $$$ to the scammers (and thus motivates the scammers to keep causing trouble) is that too many people don't back up their data, and thus it costs them less to pay off the scammers than it would to reconstruct whatever was on their hard drive.
Given the low cost of hard drives these days, it seems to me that every computer sold should come with a second hard drive pre-installed and a Time Machine-style automatic incremental backup system already activated -- and maybe even a shiny red button somewhere that says "revert computer to yesterday's state", or something. That way the "I don't think about how my computer works, it's just a magic box to me" crowd would no longer face an expensive new crisis every six months.
I don't care if it's 90,000 hectares. That lake was not my doing.
over to a Google Chromebook to obviate the need to worry about crap like this for my personal "browsing the Web" machine. I use Macs for work, but at home, I'm likely going Chromebook.
It seems to me it would be better in the long run for everyone to put their money together and hire some muscle. I hear the DOJ/FBI does mercenary work for the RIAA/MPAA. Maybe with the right "campaign contributions" (US politicians don't care where in the world the bribe comes from) they can get some hired goons to pay these malware people a visit and make them an offer they can't refuse.
Australians are known for that.