Slashdot Mirror
New and Improved CryptXXX Ransomware Rakes In $45,000 In 3 Weeks (arstechnica.com)
An anonymous reader writes:Whoever said crime doesn't pay didn't know about the booming ransomware market. A case in point, the latest version of the scourge known as CryptXXX, which raked in more than $45,000 in less than three weeks. Over the past few months, CryptXXX developers have gone back and forth with security researchers. The whitehats from Kaspersky Lab provided a free tool that allowed victims to decrypt their precious data without paying the ransom, which typically reaches $500 or more. Then, CryptXXX developers would tweak their code to defeat the get-out-of-jail decryptor. The researchers would regain the upper hand by exploiting another weakness and so on. Earlier this month, the developers released a new CryptXXX variant that to date still has no decryptor available. Between June 4 and June 21, according to a blog post published Monday by security firm SentinelOne, the Bitcoin address associated with the new version had received 70 bitcoins, which at current prices is valued at around $45,228. The figure doesn't include revenue generated from previous campaigns.
Someone please turn OFF the deathray.
Thanks,
Gus
Almost all these ransom schemes involve Bitcoin as a form of payment. What would happen to ransomware if Bitcoin collapsed and became worthless?
Maybe it's like asking what the night sky would look like if the stars went away (ie, unlikely), but maybe its use in ransom schemes would be one more reason for the Feds to "ban" it or make it so prohibitive to exchange currency for Bitcoin that asking for ransom in bitcoin would be like asking for it in moon rocks.
Please someone put these people behind bars already. Yes, security holes should be patched, but the criminals behind this need to be taught a lesson. And that lesson should not be that they can continue harassing people as they please.
There are a bunch of other crypto currencies now, a few with multimillion dollar total values. They would switch to another one. There are even new ones with better anonymity guarantees than Bitcoin, making them harder for governments to effectively "ban".
My job got hit by an email-delivered virus that spread across the network and encrypted 200+ hard drives before being stopped. Fortunately, user profiles are stored on the network. Didn't take much time to deploy loaner laptops and re-image the desktops to get the users up and running again.
CryptXXX only runs on Microsoft Windows I presume ..
Using write once media for backups should come back into vogue.
“He’s not deformed, he’s just drunk!”
Doesn't anybody back their crap up?
All currencies have illegal activity linked to them, you think that with the advent of bitcoin suddenly illegal money transactions started?
Hell, I'm wondering what would happen if people, like, you know, backed up their shit once in awhile to an external USB drive.
Sure, you'd still have the incidences of getting bit during the backup (while the drive was plugged in), but if you use your head about it, the odds become almost astronomical in your favor.
Quo usque tandem abutere, Nimbus, patientia nostra?
Maybe it would be like post-WW1 Germany. You'd have to pay a billion bitcoins for a $100 ransom.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
By that logic it's time to outlaw all currency, there isn't a single one I'd know of that isn't use to deal in drugs.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Bank robberies have not been a good idea for a pretty long time now. Your loot is usually crappy, your chance to get caught is insanely high.
Hold up a 7/11 instead. More money, less danger.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Death to these ransomware pricks.
Just cruising through this digital world at 33 1/3 rpm...
Perhaps, but BitCoin has driven such activity to a whole new level of ease for the bad guys. Now you can collect payment from your mark and collect without having to exchange a briefcase of paper, diamonds, bullion or some other physical material or go though the risk of accepting a credit card payment or wire transfer.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
It would cost more in electricity to run the block chains on a billion BitCoins that the $100 ransom.. Only the miners would win, if there where any miners out there at that point.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Identity theft is much more lucrative and less risky I hear...
Personally, I prefer "Hard work" as a means of supporting myself and family, but hey, blame the way I was raised.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
That works out to about $800,000 per year. It's a lot for one person, but there are likely many people working on this. They're not even sitting back and watching the money roll in; they've been constantly working to keep up with the white hats. If there are more than 10 people working on this, they could probably get normal jobs that would pay nearly as well. So it actually looks like we're doing a pretty good job of making this unprofitable. I suppose the determining factor is local salaries, so it will be profitable in very poor countries but not in richer ones.
"Hard work"? Please. Ok, maybe having some idiots work hard for me, I could see that.
In general, I follow the law of nature: Least expense for the maximum revenue.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I think the backup thing is compounded by people who do backup but leave the backup disk connected all the time. It's reasonable protection for most system failures, but of course completely at risk for malware. The same goes for cloud sync systems and so forth.
You and I know that backups should be offline to be safe, but a lot of people don't, including people who should.
I've got a server with Raid 1 for backups. At one time, it seemed like a good idea but, obviously, the bad guys can encrypt my backups with this setup where I'll end up having redundant copies of mush. What is the best solution now so that I can totally thumb my nose at at the first person that manages to encrypt a family member's computer? An offline USB Drive may be good but doesn't feel very automated to me :-(
Yes but only because law enforcement and the courts have not figured things out yet. Compared to say cause and money laundered through other more conventional meas, its should be much easier to trace BitCoin. I mean you can follow the money back thru all the wallets its passed through. So it should be easy to 'find' coins that have been thru that wallet. Talk to all the people who accepted those coins and work backward. No sure the ransom-ware operators can do things to make that harder by say moving the money thru a bunch of internal wallets, but even that is going to create traceable events.
Once a BitCoin is hot its effectively always hot. Its like sting operations where LEO's pay criminals with bills they have noted the serial numbers... If law enforcement got its act together and worked on understanding the technology rather than trying to regulate it out of existence, backdoor it etc, they might discover it already does a lot of their hard work for them. I suspect BitCoin may prove to be a liability for the criminals; more so than the old cash dead drop method.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Problem is... which currency? There are a lot of crypto-currencies out there, even people who have services where one can make your own cryptocurrency with various parameters. BitCoin was the first and has the most support from the mainstream. I can't really go up to a website and pay them in Dogecoin as I can with BTC.
A BitCoin 2.0 is possible, but the hard part is getting critical mass. We already got through initial growing pains with BTC, and people are way about another currency and possible Mt. Gox style incidents.
Even though BTC has little anonymity (even tumbling doesn't help that much, as one can still "follow the money" and watch tainted coins), it is not going anywhere.
If someone can void the transfers and delist the illegal transactions, what keeps someone from voiding legit transactions under some pretense? For example, if a group is disliked in a country, what is to say the same mechanism that stops ransomware transactions would not be used to stop dissident organizations, or rival parties against the incumbant come an election?
The thing about BTC is that it gives plenty of rope to hang people with. The blockchain is immutable, and even though people don't know who owns a wallet, they can follow the money and start inferring.
It is just an arms race escalation. Used to be that an external HDD was good enough. Now, probably the cheapest ransomware protection is a NAS that does ZFS/btrfs snapshots (if not backs itself up to an external HDD) so ransomware can only trash a share, which can be recovered.
I didn't specify what kind of "hard work" well enough I guess. Can we say working hard in a smart way? I.E. Working hard and getting the most I can for my efforts in the most moral and ethical way I can. So, if you want to pay me the most when I work hard for you, let's talk...
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
I don't think the problem with law enforcement is lack of understanding or technical ability, but more of a lack of interest in "solving" such crimes because of the sheer amount of cost it would involve.
Think about it... Your local police don't care that you are getting forced to pay $50 to get your files back, well they don't care *enough* to bother doing anything more than possibly making an official report (if that). The local police don't have the resources or time to follow up and the criminal is unlikely to be within their jurisdiction anyway. The state police are too busy solving bigger crimes to bother with such a 2 bit $50 extortion crime even though it's slightly more likely the criminal was within their jurisdiction. The Federal police (FBI) REALLY doesn't care about your $50 ransom payment, they have so much bigger fish to fry that they won't likely bother to even take a report from you, unless it happens to be aligned with some investigation already in progress, even then what can they do if the criminals are overseas? Nothing.
So it's not lack of ability, it's lack of motivation. Literally, those who could do something are too busy to care and those who care can't do anything.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Lots of malware now uses Tor hidden services for C&C, which can't be blocked with a simple hosts file.
I run a small computer consulting/support business on the side. To date I've gotten 3 inquiries which were ransomware-related. (Might've been 4. The person's symptoms sounded like ransomware was in the process of encrypting his files. I told him to this and to immediately shut everything down and to contact me again for further steps, but he never did.) Meanwhile I've gotten dozens of inquiries about how to get "irreplaceable" data off dead hard drives or thumb drives, or which had been accidentally formatted, deleted, or overwritten.
Back up your data. Ransomware is the least of your worries. The media just reports stories about it disproportionately (like they do plane crashes and nuclear accidents). Even if ransomware didn't exist, you should still be backing up your data.
That may be true but when its one guy scamming 5000 people out of $50 then that are bit bigger fish. I don't think anyone is authoring crypto malware in hopes of only scamming a handful of people out of $50 not worth the trouble. They either hope to hit a large number of individuals or a sizable organization the can take for a large sum in one shot. Either way they go about it their own success should make them big enough to be interesting to law enforcement.
At that point I think a follow the money type investigation should be able to produce some pretty solid evidence against these criminals, and BitCoin should make it easier to prove that case not harder as compared with cash after traditional laundering schemes have been employed.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
I have a backup of my backup. With the prices of HDs that is not really an issue anymore. The reason? During a system upgrade where I reformatted my HDs in my PC (not an issue as I have backups) and at that moment my NAS decided to die.
So now I have backups of my backups. And yes, they are incremential backups.
Don't fight for your country, if your country does not fight for you.
If you think this is an important story to discuss, the submission link is located here:
https://slashdot.org/submissio...
Otherwise, why post an offtopic link? You are just being buried under all the other posts on the current article, and getting down modded so that the majority of people don't even see the link you are posting.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
How do you know that it uses the OS host resolution at all? Tor browser does not, it bypasses the hosts file entirely.
This comment made me stop and think. I have now spent approximately 30 minutes trying to determine what was the best way to do backups to replace my backup to external USB, as ransomware now makes that not a good solution anymore. This is for home use, not work use as work can afford the expensive solutions.
The solutions I just ran through were:
Tape - probably would cost upwards of $10k or require more work from me every backup swapping tapes
Blu Ray - Even worse...tape is 800GB for a reasonably priced drive, Blu Ray is 50 GB for a reasonably priced disc.
External Hard drive - A lot less maintenance from me; swapping drives every week. Approximate cost for me would be 150 for two drives that would be able to store most of my data
Then I remembered Amazon Glacier
It looks like there are some pretty decent software backup solutions that integrate with Glacier, such as https://fastglacier.com/ and Glacier storage is dead cheap, I was backing up 4TB from my house and only spending $8 a month to store it. It also allows for undeletable/overwritable backups, just like swapping drives or tapes would accomplish
Do you have any other recommendations that I have missed for the home user backing up their data?
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
I am not the one that has to prove because I didn't make any claims, I am just positing alternate scenarios. You literally said it would "not only BLOCK this bogus machination, but to also stop it from functioning PERIOD." You have no proof of that. For all you know if it can't contact the C&C server it might just wipe your machine for fun. I'm sure your hosts file is good for a lot of things, but you are making baseless claims here.
Again, how do you know it blocks the tor component of this threat? Did you download the malware and give it a shot on your computer? There is no evidence that it uses the OS host resolution at all. It even says in the report you linked that the binary contains its own DNS code. Also, I never attacked you or resorted to name calling so chill out please, we are just having a discussion.
Even if the FBI has an attack on Tor, it doesn't matter at all because the perpetrators are probably in a country where they have no jurisdiction. I don't know why you keep pointing that out like it means something in this case. The malware authors are not afraid of the FBI. The fact that they use Tor is to make it harder for non-FBI people to detect and stop them. Also I don't think you understand how host resolution works works. The fact that the malware contains its own DNS code means that it can 100% ignore your hosts file. The proof is in the article that YOU linked.
It literally says "spam and perhaps other means" in the first line. Lololol. It really seems like it is YOU who FAIL at ALL LEVELS CONCERNED. RANDOM CAPITAL LETTERS.
Well I think bitcoin should be singular. As in "...received 70 bitcoin."
Whenever I see "bitcoins", I think of the amount being a wallet of several individual bitcoin, like a dollar bill, an individual thing, which it is not.