Important: Back up your work NOW

Angmo wrote in post #18353393
Well, cloud simply means using someone else's computer.

Cloud storage is a little more complicated than that, and usually handled by people who know about security.
However, if you map cloud storage as part of your filesystem (such as drive letters or even visible shares), ransomware can access and take your files even if stored on the cloud.

But no one should panic. The main takeaway from this unfortunate event is that we should keep our systems updated with the latest security patches.

"Backing up your data NOW" is a solid advice for any computer. Ransomware is increasing since a few years and it will most likely stay in one form or the other. Ransomware is targeted at Mac and Windows - switching your computer model or upgrading will help against the current threat but not for the next one coming up.
And most importantly for backups: Have old versions! Don't just mirror your data - as some worms are tricky enough to do their bad thing slowly in the background to poison backups as well.
https://www.howtogeek.​com …y-to-back-up-my-computer/

CheshireCat wrote in post #18353386
Ransomware is bad, but hard drive crashes are worse.

I guess I don't know why, because ransomware spreads across your system, affecting more than 1 drive. You never know if you have eradicated it, or if it put a dormant entity somewhere for a future activation. Also if a hard drive crashes, there are ways to get data off still, or at least a majority depend on the damage of the crash.

November 6, 2015, 12:53

A T T E N T I O N !
YOUR PERSONAL FILES ARE ENCRYPTED!
PERSONAL ID: xxxxxxxx

Your important files encryption produced on this computer: photos, videos, documents, etc. Encryption was produced using a unique public key RSA-2048 generated for this computer. To decrypt files you need to obtain the private key.

If you see this text but don't see Decryptor Wizard window - please, disable any Firewalls and antivirus products, and download Decryptor Wizard on this URL:
xxxxxxxx.xxxx


You have 72 hours for payment.
After this time the private key will be destroyed.

For more info and support, please, contact us at this email address:
xxxxx@xxxxx

My parents had just come around for a visit when I wanted to show my dad some pictures from the latest protests in Belgrade. I enter my folders, everything is blank and .luck file. My files are pretty much gone by that point. I tried all I could to save the personal pictures, minimum success.

Back up your files. It's not a joke. It could happen to anyone. Three years of photography just 'cause I thought "Nah man, I don't work for NatGeo, don't need to back up".
Cloud services are dirt cheap, external HDD's are not the safest thing, but they offer a level of protection.

Once again, back up your files. The above copy is from notes appeared in all my folders containing jpegs, png and video wasn't encrypted.

P.S. Obviously don't click the link, I just copied the whole content so you can see how it looks.

Strahinja wrote in post #18353495
November 6, 2015, 12:53

A T T E N T I O N !
YOUR PERSONAL FILES ARE ENCRYPTED!
PERSONAL ID: 03FEFB77

Please edit your post to remove the link in that message!

Short take aways from this:

Set your software to automatically update. - When any security patch is released, the bad guys immediately reverse engineer it to figure out what whole was patched. They then try to exploit that whole. That wasn't the case here because this bug was announced around a week ago. This one is so bad that MS just patched Windows XP! (Don't run XP).

Have disconnected backups. - If you can get to it while on your computer, so can the bad guys. You need something that is only intermittently connected.

Don't click on links from untrusted sources. Phishing is bad news. I just gave a presentation at work where I showed how clicking on one link instantly compromised the target. I installed a key logger, looked around on the hard drive, etc. What really got the audience's attention was when I activated the target's web cam and pulled live streaming video.

OhLook wrote in post #18353356
Thanks, folks. It does appear that Macs are immune

That is correct. And, in general, Macs are not frequently a target for hackers for a variety of reasons, chief among them is they are not as prevalent in business, where profit opportunities are greater.

OhLook wrote in post #18353356
and the targets are organizations, not homes.

That is not entirely correct. The malware doesn't know or care whether you are part of an organization or a home user. Perhaps the hackers initially targeted organizations with a spearphishing attack. But anyone can be a victim and there undoubtedly thousands of individuals who have been infected. There is no regulatory agency for an individual to report an attack. But public health facilities, utilities, banks and most other financial institutions are required by law to report a computer breach.

OhLook wrote in post #18353356
I use flash drives to back up photos and some documents. E-mails are harder to duplicate. Getting a new computer on Monday, will have to copy everything to an external drive then, don't want to do it twice.

Twice? You really should be backing-up every week. There's affordable, on-line backup services that will do this automatically.

CheshireCat wrote in post #18353449
Cloud storage is a little more complicated than that, and usually handled by people who know about security.
However, if you map cloud storage as part of your filesystem (such as drive letters or even visible shares), ransomware can access and take your files even if stored on the cloud.

But no one should panic. The main takeaway from this unfortunate event is that we should keep our systems updated with the latest security patches.

No, it is that simple.

I received this from Malwarebytes yesterday.

This costs me $24 a year. It works and has for sometime. I am not advertising here, just trying to help anyone who may be interested.

This was the email I received on May 12th.

A massive ransomware attack spread across the globe today, locking up thousands of hospital, telecommunications, and utilities systems in nearly 100 countries. The attack used data stolen from the NSA to exploit vulnerabilities in Microsoft Windows and deliver the WanaCrypt0r ransomware. The demand was for $300 per PC.

While the ransomware was first detected wreaking havoc in emergency rooms and doctors' offices in the UK, the infection quickly spread worldwide, including to the US.

We're alerting you to reassure you that if you're currently using the premium version (or the premium trial) of Malwarebytes with real-time protection turned on, you are protected from this threat. Our premium technology blocks the WanaCrypt0r ransomware before it can encrypt your files. (The free version of Malwarebytes, however, does not protect you against WanaCrypt0r. To see which version you have, open up your Malwarebytes software and look for the version name at the top of the window.) Learn more about Malwarebytes

If you're not currently using the premium version of Malwarebytes, we recommend that you update your Microsoft Windows software immediately. Microsoft released a patch for this vulnerability in March, but many users haven't updated, leaving their computers open to this attack.

Here at Malwarebytes, we pledge to keep you protected and informed about the latest issues. Your peace of mind is our number one priority.

Sincerely,

The Malwarebytes team

I'm wondering if Linux systems are even less vulnerable than Macs or just completely immune to this.
Yes? No?
I noticed when a cyber security expert was being interviewed on TV she had an Ubuntu system running on the computer over her shoulder. Wondering if that was some kind of statement?

gug wrote in post #18353519
I received this from Malwarebytes yesterday.

This costs me $24 a year. It works and has for sometime. I am not advertising here, just trying to help anyone who may be interested.

This was the email I received on May 12th.

<---- snip ---->

The Malwarebytes team

I got the same letter. Don't remember what I paid, but have the home premium life time license.

texkam wrote in post #18353568
I'm wondering if Linux systems are even less vulnerable than Macs or just completely immune to this.
Yes? No?
I noticed when a cyber security expert was being interviewed on TV she had an Ubuntu system running on the computer over her shoulder. Wondering if that was some kind of statement?

Yes, and no.

Yes they are 'less vulnerable' in that there are fewer active attacks made against the systems for a number of reasons. Windows has historically been less secure, highly popular, and therefore has been the main target for people making such attacks.

Linux also has a bit of an advantage in hacker communities for a "Don't piss in your own well" line of thinking due to the number of people using it for their personal systems - Don't actively attack the system you're using, and if you find an opening then quietly get it fixed and patched.

However, GNU/Linux has a terrible vulnerability in that basically anyone can step up and 'help code it'. It is horribly open to long-game exploits, and the whole "It is more secure because anyone can read the source and see for themselves exactly what it does!" is utter BS from an actual high level security stand point. - Sure, they can read it for themselves. But most people probably don't. And even if they are reading it themselves it isn't like anyone embedding backdoor access is submitting them with a line saying //And this section of code lets us gain access to any system running it...

If Linux was actually 'more secure' thanks to being open source, then Shellshock would not have existed as an exploit point from 1989 to 2014...

Angmo wrote in post #18353517
No, it is that simple.

Sorry, you said:

Angmo wrote in post #18353393
Well, cloud simply means using someone else's computer.

And that is not an accurate definition.
If it were, then I would be in "the cloud" when using your laptop, even if I did that from a remote desktop control application.

Cloud services are more complicated than "using someone else's computer", and usually provide a much higher level of protection and functionality than "using someone else's computer".

https://en.wikipedia.o​rg/wiki/Cloud_computin​g

I was hit about a year ago, and it came as a true windows update, (anyone using windows would believe it was a true windows update) that's how good it was and they were... Bottom line they are so good these days you cant trust anything... Back up Back up Back up.

Fortunately I have a family member who has a masters in internet security, and I guess you could say I am a Backup freak, so they received nothing, but me having to clean the computer, and doing a lot of reinstalling programs.

I heard about the worldwide attack, here in the States they got Fed X, so anyone with an account there take precautions

Thanks Pekka for creating this thread and bringing awareness.

TeamSpeed wrote in post #18353483
I guess I don't know why, because ransomware spreads across your system, affecting more than 1 drive. You never know if you have eradicated it, or if it put a dormant entity somewhere for a future activation. Also if a hard drive crashes, there are ways to get data off still, or at least a majority depend on the damage of the crash.

The main reason is simply in statistics.
The most probable cause of data loss is hardware failure in 45% of cases.
Malware (virus, ransomware, ...) is only 7%.

Now, you can proactively bring that 7% down to almost 0% if you keep your systems up to date, avoid installing crap, avoid opening documents you do not strictly need to.
But you don't have as much control over hardware failure, apart from using quality components (e.g. get quality SSD drives and avoid using mechanical drives especially on laptops).
I have seen dozens of hard drive crashes, and the only time I really needed to recover the data, I paid a reputable data recovery company around $500 just to be told the data were all gone.