Forum Thread: Cryptollocker - for what it's worth

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as resolved.
taffy078 Cryptollocker - for what it's worth
Contributor 21st Nov, 2013 18:03
Ranking: 408
Posts: 1,464
User Since: 26th Feb, 2009
System Score: 100%
Location: UK


--
taffy078, West Yorkshire, UK

HP Envy Win10 PC and Compaq Presario screwed up by forced upgrade to Win10 from WIn7

Post "RE: Cryptollocker - for what it's worth" has been selected as an answer.
mogs RE: Cryptollocker - for what it's worth
Member 22nd Nov, 2013 21:06
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 22nd Nov, 2013 21:07


--
Was this reply relevant?
+0
-0
mogs RE: Cryptollocker - for what it's worth
Member 23rd Nov, 2013 13:17
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
CryptoLocker gang casts tentacles into botnet crime world
By Ellen Messmer | Network World US | 22 November 13

The cyber-gang running the CryptoLocker extortion racket is sharing a big cut of any payments they squeeze out of their victims with criminal botnet owners working closely with them, says Symantec, which has been monitoring this underworld activity online.

The CryptoLocker gang, believed to be mainly Russian-speaking, created the malware that makes use of strong encryption to lock up the victim's electronic files until the victim pays a ransom, which typically starts at least $150 to get the key to unlock their scrambled files. The gang itself is paying criminal botnet owners operating vast command-and-control systems of compromised computers to distribute CryptoLocker as a dangerous attachment in spam, says Liam O'Murchu, manager of security response operations at Symantec. In addition to spam distribution, which relies on the victim opening the malware-laden attachment to spread CryptoLocker, the gang is willing to pay a botnet owner as much as 75% of any extortion money they can get from victims if the botnet owner directly drops CryptoLocker onto a compromised machine it already controls.

Doing that basically scores a direct hit for CryptoLocker but can be counted as a loss of a compromised computer for botnet owners, hence the willingness to share such a high percentage of the monetary gain netted from any victim, O'Murchu says. "They're making a lot of money," and victims are expected to pay in Bitcoin or MoneyPak.

More to read at :-
http://www.pcadvisor.co.uk/news/security/3490723/c...



--
Was this reply relevant?
+0
-0
taffy078 RE: Cryptolocker - for what it's worth
Contributor 25th Nov, 2013 09:06
Score: 408
Posts: 1,464
User Since: 26th Feb 2009
System Score: 100%
Location: UK
There's a very interesting (imho!) take here:

http://techtalk.pcpitstop.com/2013/11/15/cryptoloc...

--
taffy078, West Yorkshire, UK

HP Envy Win10 PC and Compaq Presario screwed up by forced upgrade to Win10 from WIn7
Was this reply relevant?
+0
-0
Maurice Joyce RE: Cryptollocker - for what it's worth
Handling Contributor 25th Nov, 2013 09:56
Score: 12090
Posts: 9,383
User Since: 4th Jan 2009
System Score: N/A
Location: UK
All the details a home users requires on this issue is here.

http://www.bleepingcomputer.com/virus-removal/cryp...

Having read the article just install & set up CryptoPrevent & forget about it. CryptoPrevent is totally free but there is an option to pay $15 for full automation of updates & email alerts.

Direct link to CryptoPrevent is here which tells you how this programme works:
http://www.foolishit.com/vb6-projects/cryptopreven...

Headline grabbing magazines/comic articles are pure hype(scare ware)&, as normal, give no practical user advice or help.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1607 Build 14393.187
16 GB RAM
IE & Edge Only
Was this reply relevant?
+8
-0
taffy078 RE: Cryptollocker - for what it's worth
Contributor 27th Nov, 2013 08:38
Score: 408
Posts: 1,464
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 27th Nov, 2013 08:38
Thank you Maurice.

By the way it was the National Crime Agency that started the ball rolling this time - perhaps you should forward them your links?

--
taffy078, West Yorkshire, UK

HP Envy Win10 PC and Compaq Presario screwed up by forced upgrade to Win10 from WIn7
Was this reply relevant?
+0
-0
Maurice Joyce RE: Cryptollocker - for what it's worth
Handling Contributor 27th Nov, 2013 11:05
Score: 12090
Posts: 9,383
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Not exactly sure what you mean.

This strain of Ramsomware was discovered in September 2013. It started to "bite" UK users in late October. The NCA rightly issued a general alert to UK users on 15th November which is two months after discovery.

http://www.nationalcrimeagency.gov.uk/news/256-ale...

The NCA do offer good general cyber advice here http://www.nationalcrimeagency.gov.uk/crime-threat...

but are not involved in the "nitty gritty" fixes for individual or corporate users. The NCA remit is here

http://www.nationalcrimeagency.gov.uk/about-us/wha... which they appear to be following in relation to this crime.

Hope this helps.







--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1607 Build 14393.187
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
taffy078 RE: Cryptollocker - for what it's worth
Contributor 28th Nov, 2013 13:40
Score: 408
Posts: 1,464
User Since: 26th Feb 2009
System Score: 100%
Location: UK
simply making the point, Maurice, that I got my heads-up not from a magazine but from a major employer in this area which was pointing people to the NCA alert.

The NCA alert is excellent but I thought that they could do with adding your links to their general advice.

--
taffy078, West Yorkshire, UK

HP Envy Win10 PC and Compaq Presario screwed up by forced upgrade to Win10 from WIn7
Was this reply relevant?
+0
-0
Maurice Joyce RE: Cryptollocker - for what it's worth
Handling Contributor 28th Nov, 2013 14:42
Score: 12090
Posts: 9,383
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Good point but as stated they are not really interested in that sort of information.

If you want better "heads up" on security matters I recommend Brian Krebs. He not only warns users of this sort of thing but is actively involved in getting to the facts & allows questions on all his information.

Link here:

http://krebsonsecurity.com/

This problem is here with some user comments at the bottom:

http://krebsonsecurity.com/2013/11/how-to-avoid-cr...


--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1607 Build 14393.187
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
taffy078 RE: Cryptollocker - for what it's worth
Contributor 28th Nov, 2013 17:52
Score: 408
Posts: 1,464
User Since: 26th Feb 2009
System Score: 100%
Location: UK
thanks you, MAurice

--
taffy078, West Yorkshire, UK

HP Envy Win10 PC and Compaq Presario screwed up by forced upgrade to Win10 from WIn7
Was this reply relevant?
+0
-0

This thread has been marked as locked.