Computer Held Hostage

Yeah that was me about 1.5 years ago. Cost me about $1100 when all said and done. Glad it's over. I now have taken numerous measures to prevent future issues. I've heard about it happening to a few people since my incident. Really sucks to say the least.

we need more of this:

http://www.bleepingcomputer.com/news/security/petya-ransomwares-encrypt…

I would just reformat..

Another reason for Linux.

How does something like this happen? Did you just visit a site and they somehow grabbed control?

Typically they trick people into downloading and running a file.
They can bind it to other files ect..
Another way is using 0-Day exploits...
Basically vulnerabilities/security holes in browsers or even browser add-on's like flashplayer and other Adobe products.
They basically force the file onto the comp and then run it.
They are always coming up with new ways to infect people.
It's basically ransom ware.
But there's ways to get rid of it without paying.
bleepingcomputer.com has some good people on the forum that specialize in investigating this type of malware and safely removing it.


It's also important that you install all your updates ,for your operating system in general and also your browser and add-ons. Most updates are for security reasons. Basically to patch 0-days/new security vuls/holes.
Also programs like malware bytes can be of great help in protecting your pc.

Thanks, Eddy! I do run Malware Bytes on my desktop.

i left my favorite jacket at a one-night stand's house one time. i did the "sneak out at 4:00am" trick and realized when i was walking home what i'd done. i didn't have her number and she didn't have mine. a few days later i get home and there's a letter on my door that reads, "if you want your jacket back take me to dinner". no idea how she found my home address.

bitch held my jacket at ransom, never did take her to dinner or get my jacket back.

sorry for the random story, but "held hostage" reignited the story in my mind lol

Malwarebytes is a great product. But almost nothing helps when a user clicks on a bogus link or opens an malicious attachment. We tell all our users not to open attachments from senders they don't know. Even a sender they do know if it looks suspicious. We had several emails spoofed to look like they're from our CEO.

There's some great free tools and training here:

https://www.knowbe4.com/#

Very true ...it just depends.
I've messed with stuff in the past that actually infected malwarebytes itself and made it unusable in even safe mode.
They can get pretty creative in this day & age...
And really clicking a link in this age isn't needed.
A quite popular method is just iframing to the page with the malware/exploit.
Basically a hidden iframe.
You can even put a break out of fames script on the page you are framing to.
Then redirect them to other malware type pages etc...

I got nailed with the cryptowall stuff, almost 2 years ago. I have no idea where it came from (a work computer I am always very careful with), and now almost 2 years later I have no idea how I got out of it as lucky as I did. I was using it when it started acting funny, saw a couple of odd looking apps in program manager, then started googling shit like a madman on my tablet. Bleeping computer helped out there, I was able to recover while only losing a few files. I still don't know how/why it stopped encrypting when it did, & didn't do the whole drive. I upped for the paid version of malwarebytes then & there, knock on wood been OK since. It's some seriously messed up shit. The biggest part of my ability to recover was being able to shut down the computer & swap HDs to one I had cloned a couple months beforehand.

Yea this ransom wear is a new threat hospitals are having to protect themselves against. Before mandating to go electronic records the medical records were on paper, stored in protected areas of the hospital. Impossible to get all the files and manually move them. Now it's easier than ever to hold the files and then demand a sum of money.

Which of course I'd imagine it will happen again to the same hospital soon enough....