Jump to content
Sign in to follow this  
HiFlyer

An NSA Cyber Weapon Might Be Behind A Massive Global Ransomware Outbreak

Recommended Posts


We are all connected..... To each other, biologically...... To the Earth, chemically...... To the rest of the Universe atomically.
 
Devons rig
Intel Core i5 13600K @ 5.1GHz / G.SKILL Trident Z5 RGB Series Ram 32GB / GIGABYTE GeForce RTX 4070 Ti GAMING OC 12G Graphics Card / Sound Blaster Z / Meta Quest 2 VR Headset / Klipsch® Promedia 2.1 Computer Speakers / ASUS ROG SWIFT PG279Q ‑ 27" IPS LED Monitor ‑ QHD / 1x Samsung SSD 850 EVO 500GB / 2x Samsung SSD 860 EVO 1TB /  1x Samsung - 970 EVO Plus 2TB NVMe /  1x Samsung 980 NVMe 1TB / 2 other regular hd's with up to 10 terabyte capacity / Windows 11 Pro 64-bit / Gigabyte Z790 Aorus Elite AX Motherboard LGA 1700 DDR5

Share this post


Link to post

I read that earlier, that's why it is always a good idea to create a system image regularly and have the drive  disconnect from your network. 


Asus Rampage VI Extreme Encore(water Cooled) EVGA RTX 3090 FTW3 Hybrid, 64 DD4 @ 2800 2 x 2x M.2 in raid 0.

 

Share this post


Link to post

In another scare article I read, a Microsoft spokesperson provided the following comment:

“Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt. In March, we provided a security update which provides additional protections against this potential attack. Those who are running our free antivirus software and have Windows updates enabled, are protected. We are working with customers to provide additional assistance.”

I also use the Malwarebytes software.  Ransomware is a mess but I was able to help a friend remove the virus by following guides I found on the Internet.  But realistically, the best thing to do is to reformat your HDD and reinstall everything.  I keep a backup of My Documents and My Pictures folders on another drive because those drives are not damaged by Ransomware.

Best regards,

Jim

  • Upvote 1

Jim Young | AVSIM Online! - Simming's Premier Resource!

Member, AVSIM Board of Directors - Serving AVSIM since 2001

Submit News to AVSIM
Important other links: Basic FSX Configuration Guide | AVSIM CTD Guide | AVSIM Prepar3D Guide | Help with AVSIM Site | Signature Rules | Screen Shot Rule | AVSIM Terms of Service (ToS)

I7 8086K  5.0GHz | GTX 1080 TI OC Edition | Dell 34" and 24" Monitors | ASUS Maximus X Hero MB Z370 | Samsung M.2 NVMe 500GB and 1TB | Samsung SSD 500GB x2 | Toshiba HDD 1TB | WDC HDD 1TB | Corsair H115i Pro | 16GB DDR4 3600C17 | Windows 10 

 

Share this post


Link to post
38 minutes ago, Jim Young said:

I keep a backup of My Documents and My Pictures folders on another drive because those drives are not damaged by Ransomware.

My ex-girlfriend called me up a few months ago, frantic that years of family pictures and other important documents had been locked up by one of these. We were unable to save anything, and unfortunately the infection did indeed manage to spread to all of her drives and essentially lock up everything. It even encrypted a connected usb stick.

All gone.

By the way, the MS patch that should address the Eternal Blue infection is MS17-010

 


We are all connected..... To each other, biologically...... To the Earth, chemically...... To the rest of the Universe atomically.
 
Devons rig
Intel Core i5 13600K @ 5.1GHz / G.SKILL Trident Z5 RGB Series Ram 32GB / GIGABYTE GeForce RTX 4070 Ti GAMING OC 12G Graphics Card / Sound Blaster Z / Meta Quest 2 VR Headset / Klipsch® Promedia 2.1 Computer Speakers / ASUS ROG SWIFT PG279Q ‑ 27" IPS LED Monitor ‑ QHD / 1x Samsung SSD 850 EVO 500GB / 2x Samsung SSD 860 EVO 1TB /  1x Samsung - 970 EVO Plus 2TB NVMe /  1x Samsung 980 NVMe 1TB / 2 other regular hd's with up to 10 terabyte capacity / Windows 11 Pro 64-bit / Gigabyte Z790 Aorus Elite AX Motherboard LGA 1700 DDR5

Share this post


Link to post

Ransomware does not spread to all of your drives unless it is the encryption ransomware.  My friends computer had the other type which just locks up your computer.  So, if you shutdown your system and reformat and reinstall everything, any other drives should not be harmed in any way.  What happened to your "ex-girlfriend's" (uh, sorry to hear it did not work out) computer was the more devious ransomware that encrypts your files.  Still, I would think that after reinstalling Windows on the main drive, you probably could find some software that could unencrypt the files on the other HDD's.

In any case, it's a nasty, nasty malware.

Best regards,

Jim


Jim Young | AVSIM Online! - Simming's Premier Resource!

Member, AVSIM Board of Directors - Serving AVSIM since 2001

Submit News to AVSIM
Important other links: Basic FSX Configuration Guide | AVSIM CTD Guide | AVSIM Prepar3D Guide | Help with AVSIM Site | Signature Rules | Screen Shot Rule | AVSIM Terms of Service (ToS)

I7 8086K  5.0GHz | GTX 1080 TI OC Edition | Dell 34" and 24" Monitors | ASUS Maximus X Hero MB Z370 | Samsung M.2 NVMe 500GB and 1TB | Samsung SSD 500GB x2 | Toshiba HDD 1TB | WDC HDD 1TB | Corsair H115i Pro | 16GB DDR4 3600C17 | Windows 10 

 

Share this post


Link to post
1 hour ago, Jim Young said:

Ransomware does not spread to all of your drives unless it is the encryption ransomware. 

Yup, the ransomware in the posted article that's causing the current issues (eternal blue) definitely encrypts your drives. The thing about these particular ransomwares is that the only real way to break the encryption seems to be to find an identical file that has not been encrypted, and then run a comparison software that may be able to find a key.

My ex was hoping that I had enough old pictures around that I might have a match for some of hers and thus be able to decrypt the drive she sent me, but sadly If absolutely all files have been encrypted and you have no unencrypted examples to be examined (I had no matching files since I gave everything to her) you really are up the creek without a paddle.

People on forums like this might have a slightly better chance since digging around in CFG files and whatnot may create a higher computer familiarity, but your average person would likely have no idea where to even begin to figure out how to address stuff like this.

Unfortunately.

Probably something that might be done is save important documents and photos to the web, but if this ever happens to me, I'm probably toast, since I trust "the cloud" about as far as I can throw it. :blush:


We are all connected..... To each other, biologically...... To the Earth, chemically...... To the rest of the Universe atomically.
 
Devons rig
Intel Core i5 13600K @ 5.1GHz / G.SKILL Trident Z5 RGB Series Ram 32GB / GIGABYTE GeForce RTX 4070 Ti GAMING OC 12G Graphics Card / Sound Blaster Z / Meta Quest 2 VR Headset / Klipsch® Promedia 2.1 Computer Speakers / ASUS ROG SWIFT PG279Q ‑ 27" IPS LED Monitor ‑ QHD / 1x Samsung SSD 850 EVO 500GB / 2x Samsung SSD 860 EVO 1TB /  1x Samsung - 970 EVO Plus 2TB NVMe /  1x Samsung 980 NVMe 1TB / 2 other regular hd's with up to 10 terabyte capacity / Windows 11 Pro 64-bit / Gigabyte Z790 Aorus Elite AX Motherboard LGA 1700 DDR5

Share this post


Link to post

I was a victim of ransomware sometime ago and I was able to fix and unlock my computer. Rebooted in safe mode and searched for any files that had been added or modified on the day the attack took place. Once those files were deleted I rebooted normally and that got things back to normal. Not saying this will work for all ransomware but that help me get back to normal. Ransomware can be very frustrating that's for sure.

I should mention this attack was probably 10 years ago when ransomware was just making an appearance, I'm sure it has gotten a lot more sophisticated over the years!

 

Martin

Share this post


Link to post
1 hour ago, MartinRex007 said:

Ransomware can be very frustrating that's for sure.

I haven't been hit with a virus in years and years, but I'm the guy people bring their busted computers to.

I've sent out warnings to friends and family so hopefully I don't get drowned in pleas for help over the next few weeks.


We are all connected..... To each other, biologically...... To the Earth, chemically...... To the rest of the Universe atomically.
 
Devons rig
Intel Core i5 13600K @ 5.1GHz / G.SKILL Trident Z5 RGB Series Ram 32GB / GIGABYTE GeForce RTX 4070 Ti GAMING OC 12G Graphics Card / Sound Blaster Z / Meta Quest 2 VR Headset / Klipsch® Promedia 2.1 Computer Speakers / ASUS ROG SWIFT PG279Q ‑ 27" IPS LED Monitor ‑ QHD / 1x Samsung SSD 850 EVO 500GB / 2x Samsung SSD 860 EVO 1TB /  1x Samsung - 970 EVO Plus 2TB NVMe /  1x Samsung 980 NVMe 1TB / 2 other regular hd's with up to 10 terabyte capacity / Windows 11 Pro 64-bit / Gigabyte Z790 Aorus Elite AX Motherboard LGA 1700 DDR5

Share this post


Link to post
1 hour ago, HiFlyer said:

Yup, the ransomware in the posted article that's causing the current issues (eternal blue) definitely encrypts your drives. The thing about these particular ransomwares is that the only real way to break the encryption seems to be to find an identical file that has not been encrypted, and then run a comparison software that may be able to find a key.

My ex was hoping that I had enough old pictures around that I might have a match for some of hers and thus be able to decrypt the drive she sent me, but sadly If absolutely all files have been encrypted and you have no unencrypted examples to be examined (I had no matching files since I gave everything to her) you really are up the creek without a paddle.

People on forums like this might have a slightly better chance since digging around in CFG files and whatnot may create a higher computer familiarity, but your average person would likely have no idea where to even begin to figure out how to address stuff like this.

Unfortunately.

Probably something that might be done is save important documents and photos to the web, but if this ever happens to me, I'm probably toast, since I trust "the cloud" about as far as I can throw it. :blush:

Uh, no.. what you're supposed to do is take reglar backups to a removable drive that you only connect to take the backup...

Share this post


Link to post
1 hour ago, MartinRex007 said:

I was a victim of ransomware sometime ago and I was able to fix and unlock my computer. Rebooted in safe mode and searched for any files that had been added or modified on the day the attack took place. Once those files were deleted I rebooted normally and that got things back to normal. Not saying this will work for all ransomware but that help me get back to normal. Ransomware can be very frustrating that's for sure.

I should mention this attack was probably 10 years ago when ransomware was just making an appearance, I'm sure it has gotten a lot more sophisticated over the years!

 

Martin

No, it won't and you were lucky. Had they done the "encrypt your files" attack, you would not have had access to those files anymore without paying...

Share this post


Link to post
43 minutes ago, Raven9000 said:

Uh, no.. what you're supposed to do is take reglar backups to a removable drive that you only connect to take the backup...

You realize that the vast majority of human beings have the one drive that comes with their machine, and never ever get more than that? The better option for them might be the cloud.

I myself have tons'o drives and my files are backed up and decentralized. but I also realize that's not the norm.


We are all connected..... To each other, biologically...... To the Earth, chemically...... To the rest of the Universe atomically.
 
Devons rig
Intel Core i5 13600K @ 5.1GHz / G.SKILL Trident Z5 RGB Series Ram 32GB / GIGABYTE GeForce RTX 4070 Ti GAMING OC 12G Graphics Card / Sound Blaster Z / Meta Quest 2 VR Headset / Klipsch® Promedia 2.1 Computer Speakers / ASUS ROG SWIFT PG279Q ‑ 27" IPS LED Monitor ‑ QHD / 1x Samsung SSD 850 EVO 500GB / 2x Samsung SSD 860 EVO 1TB /  1x Samsung - 970 EVO Plus 2TB NVMe /  1x Samsung 980 NVMe 1TB / 2 other regular hd's with up to 10 terabyte capacity / Windows 11 Pro 64-bit / Gigabyte Z790 Aorus Elite AX Motherboard LGA 1700 DDR5

Share this post


Link to post

Don't keep anything on a computer that you can't afford to lose.

We live in a disposable society now. In the future this time period will be a big blank :) There will be no archaeology for anyone to find.

Share this post


Link to post

Cyber security is joke, it's a vast problem driven by user ignorance and fear. A vast majority of end users know absolutely nothing about what goes on beyond the monitor they are staring at! It's also a problem that is going to get much worse as the younger generation of computer savvy criminals realise that the large majority of their peers are living and working in blissful ignorance in a society that relies more and more on the power of cyberspace. If you want total protection from cyber attacks then don't connect to the Internet or at least train end users and make them aware that opening that unsolicited email might be a bad idea.


AMD Ryzen 7 3700X 4.2 32 gig ram, Nvidia RTX3060 12 gig, Intel 760 SSD M2 NVMe 512 gig, M2NVMe 1Tbt (OS) M2NVMe 2Tbt (MSFS) Crucial MX500 SSD (Backup OS). VR Oculus Quest 2

YouTube:- https://www.youtube.com/channel/UC96wsF3D_h5GzNNJnuDH3WQ   ProATC/SR FB Group:- https://www.facebook.com/groups/1571953959750565

Flight Simulator First Officer User Group:- https://www.facebook.com/groups/564880128522788 ProATC/SR and Flight Sim First Officer (FSFO) Beta tester

Reality Is For People Who Can't Handle Simulation!

 

Share this post


Link to post

We are all connected..... To each other, biologically...... To the Earth, chemically...... To the rest of the Universe atomically.
 
Devons rig
Intel Core i5 13600K @ 5.1GHz / G.SKILL Trident Z5 RGB Series Ram 32GB / GIGABYTE GeForce RTX 4070 Ti GAMING OC 12G Graphics Card / Sound Blaster Z / Meta Quest 2 VR Headset / Klipsch® Promedia 2.1 Computer Speakers / ASUS ROG SWIFT PG279Q ‑ 27" IPS LED Monitor ‑ QHD / 1x Samsung SSD 850 EVO 500GB / 2x Samsung SSD 860 EVO 1TB /  1x Samsung - 970 EVO Plus 2TB NVMe /  1x Samsung 980 NVMe 1TB / 2 other regular hd's with up to 10 terabyte capacity / Windows 11 Pro 64-bit / Gigabyte Z790 Aorus Elite AX Motherboard LGA 1700 DDR5

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
  • Tom Allensworth,
    Founder of AVSIM Online


  • Flight Simulation's Premier Resource!

    AVSIM is a free service to the flight simulation community. AVSIM is staffed completely by volunteers and all funds donated to AVSIM go directly back to supporting the community. Your donation here helps to pay our bandwidth costs, emergency funding, and other general costs that crop up from time to time. Thank you for your support!

    Click here for more information and to see all donations year to date.
×
×
  • Create New...