Jump to content

New Cryptolocker variant targets gamers - encrypts game files and lock you out of your game


...0...

Recommended Posts

Posted

You don't even have to click on anything any longer to get infected. That nasty monster doesn't have to be clicked either. Just give it the opportunity to show up on your computer screen then off it goes, trawling through your files locking things it's triggered to lock. 

Posted

Nah, still you first have to open a website, that has this Flash plugin onto it. Normally, this is done through, ahem, special advertisement.

So the bigger websites like Google, YouTube and something like this are less likely corrupted, due to the fact that Google is very strict and prude with its advertisement (maybe, because its an american company :angel: )

 

So, how to build up a good protection:

Step 1: Start brain.exe

Step 2: Run an anti-virus software (like told in the article, the virus already is well known and checks for AV software)

Step 3: Build up an adblocker, the Flash plugin on the website will most likely be loaded as advertisement

Step 3.1: Take sth BEFORE the actual PC as adblocking instance, eg run a Pi-Hole or Pi-Block-Access-Point

Posted

Best protection against viruses, trojaner etc? Most important step most users are too lazy to do: Don't use an account with admin rights. That makes most of attacking software useless.

Posted

quoted from the artical "" The Flash banner operates by making calls to JavaScript via ExternalInterface class. It only lets MSIE (including 11) and Opera through. It creates an iframe using JavaScript:""

 

Question: would this not mean you need to have Java installed for this to work on your computer or is this introducing it to your computer.?

I don't have Java on my Computer but I would never "assume" It would be safe from one of these.

 

Common misconception, Javascript != Java

 

They are not related in any way really.

Posted

Here's what I recommend for a safer but a little less convenient browsing experience...

 

- Uninstall Java

- Uninstall Flash (Optional)

- Use either Firefox or Chrome as a browser on Windows and try to keep it up to date.

- Install an ad blocker on your browser and keep it up to date.

- Turn off JavaScript on your browser and only whitelist the sites you trust as exception.

- If you'll be keeping Flash, then turn on "click to play" option for plugins on your browser and only whitelist the sites you trust as exception.

- Keep your Windows up to date, but only install "important" updates. Read what every update does and do not install the update if it doesn't apply to you.

 

Optional:

 

- Install PeerBlock and let it block ad and malware related IP addresses.

 

Misc:

 

- Using an account without admin rights is no doubt a good idea, however I only recommend it if your Windows installation is relatively new, otherwise you may have to re-install a lot stuff. Also, keep in in mind that doing so will make things even more inconvenient.

- You may also install a Linux/Windows virtual machine and use that for Internet browsing.

- Keep at least a monthly backup of your files and preferably your entire system.

 

 

 

 

 

Posted

Those motherfuckers won't stop at anything to get more Bitcoins, unless some rival mobster decides to ask for a little chump change just because Bugatti got a new Veyron rolled out.

Posted

Another solution was a firefox addon that didn't allow any flash or scripts to run unless you allowed them, so it blocked also most popups for me and allowed me to manually start videos or audio files if I wanted after authorising an access.

Posted

You don't even have to click on anything any longer to get infected. That nasty monster doesn't have to be clicked either. Just give it the opportunity to show up on your computer screen then off it goes, trawling through your files locking things it's triggered to lock. 

 

https://addons.mozilla.org/en-us/firefox/addon/noscript/

https://addons.mozilla.org/En-us/firefox/addon/flashblock/

https://www.eff.org/https-everywhere

http://www.hongkiat.com/blog/firefox-security-plugins/

 

Posted

I block everything with ghostery plus i use waterfox browser and search engine that don´t store IP.

 

I also dont store anything on my PC then games i play no personal stuff nothing.

 

Don't use cloud it's not safe.

 

Make sure everything is always up to date your browser or windows.

 

I register nowhere have no social media(no smartphone/tablet) i dont use google or chrome(google is not to be trusted AT ALL) at your own risk its asking for trouble or any of that crap.

 

Learn to behave on internet:)

 

Then your ok.

 

Person above me with the 4 links is a example of how to behave by not clicking on link someone offers, which i will never click(educate yourself i say by ignoring links like that) is a first step to protect yourself.

Posted

I block everything with ghostery plus i use waterfox browser and search engine that don´t store IP.

 

I also dont store anything on my PC then games i play no personal stuff nothing.

 

Don't use cloud it's not safe.

 

Make sure everything is always up to date your browser or windows.

 

I register nowhere have no social media(no smartphone/tablet) i dont use google or chrome(google is not to be trusted AT ALL) at your own risk its asking for trouble or any of that crap.

 

Learn to behave on internet:)

 

Then your ok.

 

Person above me with the 4 links is a example of how to behave by not clicking on link someone offers, which i will never click(educate yourself i say by ignoring links like that) is a first step to protect yourself.

 

Basically not a bad attitude, but imho you go a bit over the top, aren't you?

  • No personal data on PC, well ok, but I don't do it because of security but to save onboard memory ;) And my passwords I store on an encrypted USB stick: best protection still is the windwall, that's true
  • Don't use cloud: just know, HOW to use it. Sometimes it's the easiest way to get data from A to B, but I just put the files (mostly pics) into an encrypted and password secured .zip/.rar and send an email with the URL and the Pass to the person I want to give the files to. If they are important, use PGP to encrypt the Email, too
  • Always update anything: nothing to say anymore, there I totally agree with you
  • Hmm, if you don't register anywhere, how the hell can you write in this forum :D And for anything else, search for Trashmail.net and FakeNameGenerator.com, you're welcome
  • Behavior on the internet: this discussion is as old as the dinosaurs (at least). Many people do know, but there also are these trolls and dumbs that put nude pics of themselves unprotected into the iCloud (*cough*fappening*cough*)

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...