Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Techniques in ransomware explained


  • Please log in to reply
No replies to this topic

#1 rotor123

rotor123

  • Moderator
  • 8,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:12 AM

Posted 14 September 2012 - 10:43 AM

From here, Techniques in ransomware explained

Last week, SophosLabs saw new ransomware samples employing this technique. On infection, the malware searches for specific types of files (using a list of over 110 file extensions; .doc, .jpg, .pdf, etc), encrypts them, and renames the now unreadable file with a .BLOCKAGE extension. The following ransom message is then displayed to the user:

The scary part here is that they aren’t lying when they say that only they can decrypt your files. In fact, the malware makes use of some nifty public-key cryptography which is the same “one-way” (asymmetric) encryption that lets you safely shop online and access online banking.

Bold part is by me

Paying the ransom is not recommended, and doesn’t even guarantee you will get your files decrypted. To me, this only emphasises the importance of having up-to-date anti-virus, and regular backups of important documents - just in case.


Nothing super new here we've seen encryption being used in New ransomware called Anti-Child Porn Spam Protection The main difference this one is via being hacked and the first one is via a Malware infection.

Backup, Backup, Backup. Keep in mind that if your backup is attached and active it well be encrypted or wiped too.
This is why I backup important things to a External Hard drive and a Optical drive. DVD or BluRay depending on how much I'm backing up as well as leaving the files on the computer. I also turn off my External drive when not using it.

Roger

Edited by rotor123, 14 September 2012 - 10:44 AM.

Fortune Cookie says: Fortune not Found: Abort, Retry, Ignore?

Sent from my All-In-One Desktop. Perfect for Internet, Not for heavy usage or gaming however.

How Does a computer get Infected? http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/
Forum Rules,    The BC Welcome Guide

167 @ June 2015


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users