Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Phobos Ransomware Exploits Weak Security To Hit Targets Around the World (zdnet.com)

Posted by BeauHD on from the cut-and-paste-ransomware-variants dept.

An anonymous reader quotes a report from ZDNet: A prolific cybercrime gang behind a series of ransomware attacks is distributing a new form of the file-encrypting malware which combines two well known and successful variants in a series of attacks against businesses around the world. Dubbed Phobos by its creators, the ransomware first emerged in December and researchers at CoveWare have detailed how it shares a number of similarities with Dharma ransomware.

Like Dharma, Phobos exploits open or poorly secured RDP ports to sneak inside networks and execute a ransomware attack, encrypting files and demands a ransom to be paid in bitcoin for returning the files, which in this case are locked with a .phobos extension. The demand is made in a ransom note -- and aside from 'Phobos' logos being added to the ransom note, it's exactly the same as the note used by Dharma, with the same typeface and text use throughout. Phobos is being distributed by the gang behind Dharma and likely serves as an insurance policy for malicious campaigns, providing attackers with a second option for conducting attacks, should Dharma end up decrypted or prevented from successfully extorting ransoms from victims.

30 comments

  1. Yaaaaay RUSSIANS! by BeauHD-Cum+Dumpster · · Score: -1

    RUSSIANS are behind this ransomware. Let's incarcerate trump!

    -Beau Bukkake

  2. HEIL HITLER! by Anonymous Coward · · Score: -1

    HEIL HITLER! There, I said it. Now, what you gonna do?

    i i i i i i i i i i i i jti i i i i i i i i i i i
    i i i i i i i i i i i jDMMQti i i i i i i i i i i
    i i i i i i i i i i cXMMMMMMQji i i i i i i i i i
    i i i i i i i i i cSMMMMMMMMHJi i i i i i i i i i
    i i i i i i i i iSWMMMMMMMHJi i i i i i i i i i i
    i i i i i i i i6WMMMMMMMNYi i i i Jci i i i i i i
    i i i i i i i5WMMMMMMMN5i i i i JHMMSci i i i i i
    i i i i i i5NMMMMMMMW5i i i i JHMMMMMWSi i i i i i
    i i i i i cXMMMMMMMMNYi i i tKMMMMMMMMMW6i i i i i
    i i i i i i jDMMMMMMMMHJi tQMMMMMMMMMMMMMW5i i i i
    i i itci i i ijQMMMMMMMMKDMMMMMMMMQWMMMMMMMN5i i i
    i itKMWSi i i i jQMMMMMMMMMMMMMMQti SWMMMMMMMNYi i
    itQMMMMMW6i i i i tKMMMMMMMMMMKti i icSMMMMMMMMHJi
    iJHMMMMMMMW6i i i cSMMMMMMMMMMDji i i icXMMMMMMN5i
    i iYNMMMMMMMN5i iSWMMMMMMMMMMMMMDci i i icDMMW6i i
    i i i5NMMMMMMMNSWMMMMMMMHNMMMMMMMMXci i i ij5i i i
    i i i i5WMMMMMMMMMMMMMN5i 5NMMMMMMMMSci i i i i i
    i i i i i6WMMMMMMMMMW5i i i 6WMMMMMMMWSi i i i i i
    i i i i i iSWMMMMMW6i i i i tKMMMMMMMMXci i i i i
    i i i i i i cSMMWSi i i i tQMMMMMMMMDji i i i i i
    i i i i i i i c6ci i i ijQMMMMMMMMQji i i i i i i
    i i i i i i i i i i i jDMMMMMMMMQti i i i i i i i
    i i i i i i i i i i cXMMMMMMMMKti i i i i i i i i
    i i i i i i i i i i jQMMMMMMHJi i i i i i i i i i
    i i i i i i i i i i i tKMMHJi i i i i i i i i i i
    i i i i i i i i i i i i tYi i i i i i i i i i i i

    1. Re: HEIL HITLER! by Anonymous Coward · · Score: 0

      Let us end that nasty oxygen habit you have before it becomes permanent.

  3. Hillary Cliton by Anonymous Coward · · Score: -1

    Have a great...

    KK. .k. H KK. .k. C KK. .k.
    KK. k . I KK. k . L KK. k .
    KK k .. L KK k .. I KK k ..
    KKk u . L Kkl ux. N Kk lan.
    KK k .. A KK k .. T KK k ..
    KK. k . R KK. k . O KK. k .
    KK. .k. Y KK. .k. N KK. .k.
    Hillary for KKK President!
    Have a great...

    KK. .k. H KK. .k. C KK. .k.
    KK. k . I KK. k . L KK. k .
    KK k .. L KK k .. I KK k ..
    KKk u . L Kkl ux. N Kk lan.
    KK k .. A KK k .. T KK k ..
    KK. k . R KK. k . O KK. k .
    KK. .k. Y KK. .k. N KK. .k.
    Hillary for KKK President!

    “And then suddenly it became OK to say feminist,” she says now. “That’s been very recent. There was a period when that wasn’t really happening. So now there’s been an opportunity to include men as allies. And I have to say, I remember going to the ERA [Equal Rights Amendment] march where there were 100,000 women and we were going around talking to senators for this vote and I got on the elevator, and the women were like: ‘We’re going to show them what the [truck] we want.’ And I kept saying: ‘Calm down, that’s not the way we’re going to get things done.’”

    1. Re: Hillary Cliton by Anonymous Coward · · Score: -1

      Shut up bigot her favorite exalted cyclops mentor was only in the kkk bcuz the parties decided to change names for no reason whatsoever

      Hillary is a solid American who isn't on record denigrating LGBT rights assuming our boys at YouTube are doing their fucking jobs

  4. To the poor second poster--your ASCII art sucks by SIEG++HEIL · · Score: -1

    This is how it is done. Also, heil Hitler!
    iiiiiiiiiiiiiiiiiiiiiiiijtiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMQtiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMQjiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiicSMMMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiSWMMMMMMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiii6WMMMMMMMNYiiiiiiiiJciiiiiiiiiiiiii
    iiiiiiiiiiiii5WMMMMMMMN5iiiiiiiiJHMMSciiiiiiiiiiii
    iiiiiiiiiii5NMMMMMMMW5iiiiiiiiJHMMMMMWSiiiiiiiiiii
    iiiiiiiiiicXMMMMMMMMNYiiiiiitKMMMMMMMMMW6iiiiiiiii
    iiiiiiiiiiiijDMMMMMMMMHJiitQMMMMMMMMMMMMMW5iiiiiii
    iiiiitciiiiiiijQMMMMMMMMKDMMMMMMMMQWMMMMMMMN5iiiii
    iiitKMWSiiiiiiiijQMMMMMMMMMMMMMMQtiiSWMMMMMMMNYiii
    itQMMMMMW6iiiiiiiitKMMMMMMMMMMKtiiiiicSMMMMMMMMHJi
    iJHMMMMMMMW6iiiiiicSMMMMMMMMMMDjiiiiiiicXMMMMMMN5i
    iiiYNMMMMMMMN5iiiSWMMMMMMMMMMMMMDciiiiiiicDMMW6iii
    iiiii5NMMMMMMMNSWMMMMMMMHNMMMMMMMMXciiiiiiij5iiiii
    iiiiiii5WMMMMMMMMMMMMMN5ii5NMMMMMMMMSciiiiiiiiiiii
    iiiiiiiii6WMMMMMMMMMW5iiiiii6WMMMMMMMWSiiiiiiiiiii
    iiiiiiiiiiiSWMMMMMW6iiiiiiiitKMMMMMMMMXciiiiiiiiii
    iiiiiiiiiiiicSMMWSiiiiiiiitQMMMMMMMMDjiiiiiiiiiiii
    iiiiiiiiiiiiiic6ciiiiiiijQMMMMMMMMQjiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMMMMMMMQtiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMMMKtiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiijQMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiitKMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiitYiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiijtiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMQtiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMQjiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiicSMMMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiSWMMMMMMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiii6WMMMMMMMNYiiiiiiiiJciiiiiiiiiiiiii
    iiiiiiiiiiiii5WMMMMMMMN5iiiiiiiiJHMMSciiiiiiiiiiii
    iiiiiiiiiii5NMMMMMMMW5iiiiiiiiJHMMMMMWSiiiiiiiiiii
    iiiiiiiiiicXMMMMMMMMNYiiiiiitKMMMMMMMMMW6iiiiiiiii
    iiiiiiiiiiiijDMMMMMMMMHJiitQMMMMMMMMMMMMMW5iiiiiii
    iiiiitciiiiiiijQMMMMMMMMKDMMMMMMMMQWMMMMMMMN5iiiii
    iiitKMWSiiiiiiiijQMMMMMMMMMMMMMMQtiiSWMMMMMMMNYiii
    itQMMMMMW6iiiiiiiitKMMMMMMMMMMKtiiiiicSMMMMMMMMHJi
    iJHMMMMMMMW6iiiiiicSMMMMMMMMMMDjiiiiiiicXMMMMMMN5i
    iiiYNMMMMMMMN5iiiSWMMMMMMMMMMMMMDciiiiiiicDMMW6iii
    iiiii5NMMMMMMMNSWMMMMMMMHNMMMMMMMMXciiiiiiij5iiiii
    iiiiiii5WMMMMMMMMMMMMMN5ii5NMMMMMMMMSciiiiiiiiiiii
    iiiiiiiii6WMMMMMMMMMW5iiiiii6WMMMMMMMWSiiiiiiiiiii
    iiiiiiiiiiiSWMMMMMW6iiiiiiiitKMMMMMMMMXciiiiiiiiii
    iiiiiiiiiiiicSMMWSiiiiiiiitQMMMMMMMMDjiiiiiiiiiiii
    iiiiiiiiiiiiiic6ciiiiiiijQMMMMMMMMQjiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMMMMMMMQtiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMMMKtiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiijQMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiitKMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiitYiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiijtiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMQtiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMQjiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiicSMMMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiSWMMMMMMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiii6WMMMMMMMNYiiiiiiiiJciiiiiiiiiiiiii
    iiiiiiiiiiiii5WMMMMMMMN5iiiiiiiiJHMMSciiiiiiiiiiii
    iiiiiiiiiii5NMMMMMMMW5iiiiiiiiJHMMMMMWSiiiiiiiiiii
    iiiiiiiiiicXMMMMMMMMNYiiiiiitKMMMMMMMMMW6iiiiiiiii
    iiiiiiiiiiiijDMMMMMMMMHJiitQMMMMMMMMMMMMMW5iiiiiii
    iiiiitciiiiiiijQMMMMMMMMKDMMMMMMMMQWMMMMMMMN5iiiii
    iiitKMWSiiiiiiiijQMMMMMMMMMMMMMMQtiiSWMMMMMMMNYiii
    itQMMMMMW6iiiiiiiitKMMMMMMMMMMKtiiiiicSMMMMMMMMHJi
    iJHMMMMMMMW6iiiiiicSMMMMMMMMMMDjiiiiiiicXMMMMMMN5i
    iiiYNMMMMMMMN5iiiSWMMMMMMMMMMMMMDciiiiiiicDMMW6iii
    iiiii5NMMMMMMMNSWMMMMMMMHNMMMMMMMMXciiiiiiij5iiiii
    iiiiiii5WMMMMMMMMMMMMMN5ii5NMMMMMMMMSciiiiiiiiiiii
    iiiiiiiii6WMMMMMMMMMW5iiiiii6WMMMMMMMWSiiiiiiiiiii
    iiiiiiiiiiiSWMMMMMW6iiiiiiiitKMMMMMMMMXciiiiiiiiii
    iiiiiiiiiiiicSMMWSiiiiiiiitQMMMMMMMMDjiiiiiiiiiiii
    iiiiiiiiiiiiiic6ciiiiiiijQMMMMMMMMQjiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiii

  5. oblig goatse by Anonymous Coward · · Score: -1

    GOATSE!!! goatse GOATSE!!! goatse GOATSE!!! goatse


    (butt crack begins here)

      | . . v . . l

      |. .----. . |

    =| 3 xxx S .|=

      | 3 .xxx S .|

      |. .----. . .|

      l . .|\ /| . .l

    (legs continue here)

    1. Re:oblig goatse by Anonymous Coward · · Score: -1

      butthole FAIL

    2. Re:oblig goatse by pigsycyberbully · · Score: -1

      As President Donald Trump would say it is a shithole
      https://i1.wp.com/www.pigsycyb...

  6. Deutschland Uber Alles! by SIEG++HEIL · · Score: -1

    Heil Goering!

    iiiiiiiiiiiiiiiiiiiiiiiijtiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMQtiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMQjiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiicSMMMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiSWMMMMMMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiii6WMMMMMMMNYiiiiiiiiJciiiiiiiiiiiiii
    iiiiiiiiiiiii5WMMMMMMMN5iiiiiiiiJHMMSciiiiiiiiiiii
    iiiiiiiiiii5NMMMMMMMW5iiiiiiiiJHMMMMMWSiiiiiiiiiii
    iiiiiiiiiicXMMMMMMMMNYiiiiiitKMMMMMMMMMW6iiiiiiiii
    iiiiiiiiiiiijDMMMMMMMMHJiitQMMMMMMMMMMMMMW5iiiiiii
    iiiiitciiiiiiijQMMMMMMMMKDMMMMMMMMQWMMMMMMMN5iiiii
    iiitKMWSiiiiiiiijQMMMMMMMMMMMMMMQtiiSWMMMMMMMNYiii
    itQMMMMMW6iiiiiiiitKMMMMMMMMMMKtiiiiicSMMMMMMMMHJi
    iJHMMMMMMMW6iiiiiicSMMMMMMMMMMDjiiiiiiicXMMMMMMN5i
    iiiYNMMMMMMMN5iiiSWMMMMMMMMMMMMMDciiiiiiicDMMW6iii
    iiiii5NMMMMMMMNSWMMMMMMMHNMMMMMMMMXciiiiiiij5iiiii
    iiiiiii5WMMMMMMMMMMMMMN5ii5NMMMMMMMMSciiiiiiiiiiii
    iiiiiiiii6WMMMMMMMMMW5iiiiii6WMMMMMMMWSiiiiiiiiiii
    iiiiiiiiiiiSWMMMMMW6iiiiiiiitKMMMMMMMMXciiiiiiiiii
    iiiiiiiiiiiicSMMWSiiiiiiiitQMMMMMMMMDjiiiiiiiiiiii
    iiiiiiiiiiiiiic6ciiiiiiijQMMMMMMMMQjiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMMMMMMMQtiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMMMKtiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiijQMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiitKMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiitYiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiijtiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMQtiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMQjiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiicSMMMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiSWMMMMMMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiii6WMMMMMMMNYiiiiiiiiJciiiiiiiiiiiiii
    iiiiiiiiiiiii5WMMMMMMMN5iiiiiiiiJHMMSciiiiiiiiiiii
    iiiiiiiiiii5NMMMMMMMW5iiiiiiiiJHMMMMMWSiiiiiiiiiii
    iiiiiiiiiicXMMMMMMMMNYiiiiiitKMMMMMMMMMW6iiiiiiiii
    iiiiiiiiiiiijDMMMMMMMMHJiitQMMMMMMMMMMMMMW5iiiiiii
    iiiiitciiiiiiijQMMMMMMMMKDMMMMMMMMQWMMMMMMMN5iiiii
    iiitKMWSiiiiiiiijQMMMMMMMMMMMMMMQtiiSWMMMMMMMNYiii
    itQMMMMMW6iiiiiiiitKMMMMMMMMMMKtiiiiicSMMMMMMMMHJi
    iJHMMMMMMMW6iiiiiicSMMMMMMMMMMDjiiiiiiicXMMMMMMN5i
    iiiYNMMMMMMMN5iiiSWMMMMMMMMMMMMMDciiiiiiicDMMW6iii
    iiiii5NMMMMMMMNSWMMMMMMMHNMMMMMMMMXciiiiiiij5iiiii
    iiiiiii5WMMMMMMMMMMMMMN5ii5NMMMMMMMMSciiiiiiiiiiii
    iiiiiiiii6WMMMMMMMMMW5iiiiii6WMMMMMMMWSiiiiiiiiiii
    iiiiiiiiiiiSWMMMMMW6iiiiiiiitKMMMMMMMMXciiiiiiiiii
    iiiiiiiiiiiicSMMWSiiiiiiiitQMMMMMMMMDjiiiiiiiiiiii
    iiiiiiiiiiiiiic6ciiiiiiijQMMMMMMMMQjiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMMMMMMMQtiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMMMKtiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiijQMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiitKMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiitYiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiijtiiiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMQtiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMQjiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiicSMMMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiSWMMMMMMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiii6WMMMMMMMNYiiiiiiiiJciiiiiiiiiiiiii
    iiiiiiiiiiiii5WMMMMMMMN5iiiiiiiiJHMMSciiiiiiiiiiii
    iiiiiiiiiii5NMMMMMMMW5iiiiiiiiJHMMMMMWSiiiiiiiiiii
    iiiiiiiiiicXMMMMMMMMNYiiiiiitKMMMMMMMMMW6iiiiiiiii
    iiiiiiiiiiiijDMMMMMMMMHJiitQMMMMMMMMMMMMMW5iiiiiii
    iiiiitciiiiiiijQMMMMMMMMKDMMMMMMMMQWMMMMMMMN5iiiii
    iiitKMWSiiiiiiiijQMMMMMMMMMMMMMMQtiiSWMMMMMMMNYiii
    itQMMMMMW6iiiiiiiitKMMMMMMMMMMKtiiiiicSMMMMMMMMHJi
    iJHMMMMMMMW6iiiiiicSMMMMMMMMMMDjiiiiiiicXMMMMMMN5i
    iiiYNMMMMMMMN5iiiSWMMMMMMMMMMMMMDciiiiiiicDMMW6iii
    iiiii5NMMMMMMMNSWMMMMMMMHNMMMMMMMMXciiiiiiij5iiiii
    iiiiiii5WMMMMMMMMMMMMMN5ii5NMMMMMMMMSciiiiiiiiiiii
    iiiiiiiii6WMMMMMMMMMW5iiiiii6WMMMMMMMWSiiiiiiiiiii
    iiiiiiiiiiiSWMMMMMW6iiiiiiiitKMMMMMMMMXciiiiiiiiii
    iiiiiiiiiiiicSMMWSiiiiiiiitQMMMMMMMMDjiiiiiiiiiiii
    iiiiiiiiiiiiiic6ciiiiiiijQMMMMMMMMQjiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiijDMMMMMMMMQtiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiicXMMMMMMMMKtiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiijQMMMMMMHJiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiitKMMHJiiiiiiiiiiiiiiiiiiiiii
    iiiiiiiiiiiiiiiiiiiiiiiitYiiiiiiiiiiiiiiiiiiiiiiii

  7. Fake news by Anonymous Coward · · Score: -1, Offtopic

    These fake news articles are so gay, Beau. Why don't you post some real news?

  8. Typical! by nightfire-unique · · Score: 3, Funny

    Another malware author who rudely refuses to build a Linux port!

    --
    A government is a body of people notably ungoverned - AC
    1. Re: Typical! by Anonymous Coward · · Score: 0

      Because Linux is gay. Even cybercriminals have standards.

  9. Windows only. Check. by Anonymous Coward · · Score: -1

    Why people run that craptastic OS is beyond me.

    1. Re:Windows only. Check. by c-A-d · · Score: 2

      I just installed windows 10 under virtualbox. Once I installed what I needed, I set it to "host-only" networking. That's how you secure a windows box: keep it off of the internet.

      --
      some karma... and kinda lukewarm about it.
  10. Time for a next gen backup utility? by ctilsie242 · · Score: 2

    With all these ransomware products coming out, I've wondered why backup utilities have not evolved much. The ideal backup utility would be one that is "pull" based, where the client machine has zero access to the backup data. The closest would be something like CrashPlan or Mozy that doesn't allow access to the client, and the next closest would be something like Borg Backup backing up to a server in append only mode.

    Unlike most IT disasters where backing up to a file share or a S3 bucket is good enough, ransomware means that you have to ensure the client can only append data.

    1. Re:Time for a next gen backup utility? by Bongo · · Score: 1

      Yes I was glad my little solution in the department was to have backup machines do rsync over ssh to pull data off the clients. And for storage put it in ZFS.

    2. Re:Time for a next gen backup utility? by chuckugly · · Score: 1

      Just revert the NAS to the most recent unenciphered snapshot?

  11. Security or a just a bunch of insecurities? by Anonymous Coward · · Score: -1

    Looks like the latter for all these people posting here...

    We might need a few more world wars to cull the herd of these people who canâ(TM)t think or who wonâ(TM)t engage their brain before they post. Whoâ(TM)s up for starting WWIII, just takes one of these asswipes to realize a few years of hard work (that thing they all avoid because itâ(TM)s too much work for their puny brains) to train on some type of activity that might actually derail the stupidity or blabbering politicians for more than a second? I suggest learning logic to show how dumb our politicians really are! But there might be more appropriate things for people to learn so they can help start WWIII, maybe like how to change their own diapers because the snowflakes are so sensitive they keep shitting or pissing themselves and whining about it so much you might think they are still wearing diapers and arenâ(TM)t adults.

    So let's have a show of hands, all diaper wearing idiots (aka those who post shit about Nazis and/or who canâ(TM)t actually string a sentence together donâ(TM)t have to actually raise your hands, we know youâ(TM)re too lazy to do so), seriously?

    1. Re:Security or a just a bunch of insecurities? by Anonymous Coward · · Score: -1

      Darkness cannot drive out darkness; only light can do that.
      Hate cannot drive out hate; only love can do that
      MLK Jr.

  12. Yep. Options for Linux if your Windows is a VM by raymorris · · Score: 3, Informative

    Yeah ransomware will encrypt any file shares it can, so push backups are no good. Actual live bad guys also shouldn't have write access to your backups, so pull it is.

    Also, I don't want to rely on the box to back itself up because that requires assuming that all of the machines getting backed up are always working correctly. If we're going to assume the computers never have problems, we wouldn't need to back them up in the first place. I prefer the backup system runs on one dedicated system. Additionally that has other benefits, like you don't have 100 machines all trying to push their backups all at once. The backup machine can pull them a few a time, getting each one done more quickly. At least that's how I wrote Clonebox.

    Unfortunately for people concerned with Windows ransomware, Clonebox was/is another pull option for *Linux*. There are a few good options I know of, but they are all for Linux/ BSD. That'll work if your Windows is a VM running on a *nix platform. Theoretically the systems made for *nix would work for backing up files from Windows using Windows Subsystem for Linux. The backups probably wouldn't be bootable like they are for Linux, you'd have to restore the files after a fresh install of Windows. That's a reasonable approach, though. About 10 years behind what you can do with Linux, but 10 years behind is about average for Windows when it comes to system capabilities (as opposed to applications).

    1. Re:Yep. Options for Linux if your Windows is a VM by msc.buff · · Score: 1
      I use BackupPC running on a FreeBSD box with ZFS for all my backup needs. Each client gets rsync setup as a service and gets backed up daily. I use cygwin for Windows clients but the configuration is pretty standard from client to client.

      I have a separate FreeBSD box for off-site backups and stream ZFS snapshots from the BackupPC machine weekly. The whole setup has a few manual steps but that keeps me connected to the process and more likely to catch any problems before they get out of control.

  13. Does it hit "targets"? by turbidostato · · Score: 1

    ...or, once again, and I lost the count, does it hit "Windows targets"?

  14. "Pull" is the answer, so is Linux by Anonymous Coward · · Score: 1

    On Unix-based OSes, this is how things have been done for decades.

    $ sudo rdiff-backup --exclude-special-files root@remote:/ /Backups/remote

    This will use an ssh connection to the remote system, connecting as root (need to allow that, but only from the backup server), and "pull" the backups to the backup server. Make "remote" into a variable, add a loop, and you are backing up 20 systems overnight. After the first time, backups generally take 3-6 minutes for each system, depending on changed data amounts.

    Need to remove some older backups as new ones are added.

    $ sudo rdiff-backup --force --remove-older-than 180D /Backups/remote

    There are ways to make this smarter, not bother backing up the core OS, things like that. With this technique, it takes 30-45 min to put system back to the same state, same settings, same applications, and core data. Obviously, if you have 500GB of data, getting all that back takes longer, but the core system would back and available.

    Windows people are so funny. Worrying over trivial things.

    Backups are mostly about dealing with backup storage for Unix people.

    And you don't have to pay for any software and pray that it actually works. Saw a backup validation article a few years ago that showed just over 90% of the Windows backup tools, all paid, didn't actually restore the system to the same state. WTF!!!

    1. Re:"Pull" is the answer, so is Linux by ctilsie242 · · Score: 1

      Technically, UNIX people have been using dump and tar for backups. rdiff-backup is an exception, and there are other utilities like Borg Backup which, when combined with a basic server setup, can ensure that the client can only append. rdiff-backup's downside is that one can erase everything in /Backups/remote.

      We are talking ransomware. In the past, dumping to a NFS volume, zfs send, or chucking data to a server via SSH was good enough. Now, we have to have a barrier in place to prevent clients from overwriting existing backups in case they are compromised. As a stopgap, one can always have a NFS volume that does snapshots, so a backup overwritten can be recovered, but on the long haul, that isn't feasible, especially if ransomware slowly corrupts files over time on the backup server, so the point where things started would be impossible to find.

  15. RDP by jbmartin6 · · Score: 1

    "In its alert, the FBI mentions that the number of computers with an RDP connection left accessible on the Internet has gone up since mid and late 2016." Good grief. Imagine how much worse it would be if we didn't have ransomware authors acting as our chaos monkey.

    --
    This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    1. Re:RDP by chuckugly · · Score: 1

      That's sort of boggling. If I'm thinking about this correctly, it means that there are people out there who know enough to forward a port or two, but who don't know enough to know that's a bad idea. Wow.

    2. Re:RDP by tlhIngan · · Score: 1

      That's sort of boggling. If I'm thinking about this correctly, it means that there are people out there who know enough to forward a port or two, but who don't know enough to know that's a bad idea. Wow.

      No, it's not amazing or boggling. I can show a clueless newbie how to do something involving ssh if I wanted - all that matters is what the newbie gets out of it. If i tell them it's a way to get unlimited movies and music for free, they'd probably follow my instructions and I can get them to set up ssh-server and all that on Linux.

      It's not hard, as long as they get a payoff they want, and you write baby step clear instructions with plenty of screenshots and all that. You can get them to open ports, use ssh, set up ssh server, etc.

      It's actually got a term for it - Dancing Bunnies (or Dancing Pigs).

      Unless you go with an iOS-like lockdown attitude, no OS is safe.

    3. Re:RDP by chuckugly · · Score: 1

      Still shows a shocking paranoia deficiency to me. Maybe it's just me.

    4. Re:RDP by Anonymous Coward · · Score: 0

      It's port 137 all over again...