New Ransomware Threat
-
Bad Rabbit is the latest Ransomware attack launched recently. Windows users can apply this vaccination :
-
Thank you very much for the information, although Bad Rabbit is already known and mentioned by the Panda Antivirus, even the free version already includes the protection.
Panda Adaptive DefenseBad Rabbit comes disguised as a supposed flash update
-
Hi Catweazle,
Thanks for the upvote. Yes, Bad Rabbit infects machines through false Adobe flash updates. I should have mentioned it. There is another Ransomware though, and it doesn't ask for Bitcoin or money!
http://blogs.quickheal.com/you-wont-believe-what-this-ransomware-demands/
-
@catnip said in New Ransomware Threat:
Hi Catweazle,
Thanks for the upvote. Yes, Bad Rabbit infects machines through false Adobe flash updates. I should have mentioned it. There is another Ransomware though, and it doesn't ask for Bitcoin or money!
http://blogs.quickheal.com/you-wont-believe-what-this-ransomware-demands/
Thanks
This one too
https://www.pandasecurity.com/mediacenter/malware/yet-another-ransomware-variant/ -
Thanks, Didn't know about this. How does this variant infect the system? Attachments in unknown email?
-
@catnip said in New Ransomware Threat:
Thanks, Didn't know about this. How does this variant infect the system? Attachments in unknown email?
Exactly
-
Anyone dumb enough to open attachments in unknown email, or to download updates from unknown sources? No, I've never seen ransomeware, and very few other viruses.
Recently I received an email claiming my ISP had detected one of the older worms (malware that spreads through open ports) on our network. But as I'm not the owner, they wouldn't be sending such a message to me; and also my antivirus would have detected it. So obviously I didn't click any links in the email - not that I would have anyway. Obviously no idea about the other computers on the network, but probably not.
-
@dleon said in New Ransomware Threat:
Just curious, any one of you ever got hit by any ransomware?
Luckily not, but there are worse than a Ransomware, for example LightEater that turns your PC into a paperweight when infecting the BIOS
To eliminate a BIOS malware there is no other solution than physically replacing the chip on the motherboard -
@dleon yup, sometimes I launch infected/suspicious files, but usually on sandbox/VM
Last infection: hijacked (chrome) extension X'D (another point for the list) -
The last and only virus I had was in 2002, since then I have very much in mind the recommendations of DLeon and more. Having to reinstall to Windows does not amuse me much
-
@catweazle said in New Ransomware Threat:
The last and only virus I had was in 2002, since then I have very much in mind the recommendations of DLeon and more. Having to reinstall to Windows does not amuse me much
Yes, by then there were viruses that crushed the system in a few seconds and made you remember the ancestors of those who developed it
-
Thanks for the response, guys. Luckily there are a lot of Antiransomware tools out there. You guys might want to check these out. I have Hitman Pro Alert installed.
http://www.techradar.com/news/the-best-free-anti-ransomware-tools -
My AV Panda tells me that it also protects me against rootkits and also vaccinated my PC when this WannaCry was running.
But think that the best protection is not to click on any banner, attached and other rare things. The worst virus for a PC is its user -
Another one, malicious Chrome extension
-
@ildefonse_91be said in New Ransomware Threat:
Hello!
here are some ransomware prevention tips:- Toggle your email providerโs anti-spam settings to filter out all the potentially harmful incoming messages. Raising the bar beyond the default protection is an important countermeasure for ransom Trojans.
- Define specific file extension restrictions in your email system. Make sure that attachments with the following extensions are blacklisted: .js, .vbs, .docm, .hta, .exe, .cmd, .scr, and .bat. Also, treat ZIP archives in received messages with extreme caution.
- Rename the vssadmin.exe process so that ransomware is unable to obliterate all Shadow Volume Copies of your files in one shot.
- Keep your Firewall active at all times. It can prevent crypto ransomware from communicating with its C&C server. This way, the threat wonโt be able to obtain cryptographic keys and lock your files.
- Back up your files regularly, at least the most important ones. This recommendation is self-explanatory. A ransomware attack isnโt an issue as long as you keep unaffected copies of your data in a safe place.
- Use an effective antimalware suite. There are security tools that identify ransomware-specific behavior and block the infection before it can do any harm.
Also beware of the Powerpoint (ppt) attachments in the emails, they are also used as vehicles for viruses and malware
-
The worst virus is my nephew. He likes to enter the BIOS and disable the monitor
-
Sounds good, guys. Thanks for the fantastic feedback. Yes I do all my checks and keep everything backed up using Macrium Reflect. I've also got the M.R. Recovery Disk. I use only known apps, and my email service - I use Yandex and Protonmail - is very secure. Yes, I have a sandbox which only recognizes Firefox, Opera, and I.E. Unfortunately, it doesn't auto-activate on Vivaldi. I need a sandboxed environment that just works right out of the box. Suggestions, anyone?
-
-
-