Ransomware defense.

Jivesinger

Neil_Jones wrote: »

All variations of this going back to the early Cryptolock days can do this as they go off looking on the computer, then go off after connected drives (external drives, USB drives etc) and then the network connected drives - those that appear as Drive Z ("Docs on Server\Share" for example) and encrypt the entire lot.

Some can go after the unmapped network shares as well ("\\server\docs" for example) and if that is the case nothing is safe if its in a shared folder on a network with a computer under ransomware.

My understanding is that Cryptolock etc. weren't worms that start executing on another computer though. They would just encrypt all the files they could see (which might be on a shared drive etc.)

This latest one can look for other computers on the network and infect them with no requirement for a user to click on anything. So all linked computers (at least the vulnerable ones) are encrypting their own local storage, even though users on those linked computers haven't clicked on anything.

henm2

Just dump Windows and install a better operating system such as Linux Mint. That is your best defence against malware.

DavidP24

ha ha ha ha that is SO funny

Deneb

HitManPro.Alert


Runs alongside a normal AV. The company have just been bought by Sophos who are implementing the technology in their own AV product.


https://www.hitmanpro.com/en-us/alert.aspx

Browntoa

Don't be an idiot and click on every link in an email

Don't be an idiot and click yes when a web site says you need to "install some software to view"

Don't be an idiot and click yes when something asks for administrative rights

Don't be an idiot and download so called free or hacked versions of paid for software

DavidP24

Or in this case, where it is spread by a network protocol

Don't be an idiot and plug into a network

Hell don't be an idiot and turn on your computer

DavidP24

Deneb wrote: »

HitManPro.Alert

Runs alongside a normal AV. The company have just been bought by Sophos who are implementing the technology in their own AV product.

https://www.hitmanpro.com/en-us/alert.aspx

That was quick response to opportunity of FUD

Of course you need a Core I7 to run it

Browntoa

DavidP24 wrote: »

Or in this case, where it is spread by a network protocol

Don't be an idiot and plug into a network

Hell don't be an idiot and turn on your computer

That's true for some people , cleared a friends PC of malware , explained about no clicking on links etc , went to loo and came back to them clicking on link in strange email . I felt like cutting the main screen lead

bengalknights

henm2 wrote: »

Just dump Windows and install a better operating system such as Linux Mint. That is your best defence against malware.

Agree with this run Ubuntu and your pretty safe

Leon_W

All I can say after having to deal with one of these cryptolocker type viruses earlier this year is. BACKUP ! It is the ONLY sure fire way of not losing all those pictures and documents you have accumulated over the years. I'm not an idiot, didn't click on anything suspect and consider myself technically proficient.

My personal laptop was infected earlier this year and this thing set about encrypting every picture file and document I had. It was too late before I realised, and there is NOTHING that can be done to reverse the process, you're files are encrypted, end of.

My backup was a few weeks old so I did lose some stuff, but you really don't realise how serious this is until it happens to you.

All it takes is a new strain to slip through any virus software you have installed and you've had it so the only SUREFIRE way to protect yourself is BACKUP to a separate REMOVABLE drive (for gods sake don't leave it connected !)

Hope this helps.