CryptoLocker

Discussion in 'malware problems & news' started by DX2, Sep 10, 2013.

  1. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  2. Keatah

    Keatah Registered Member

    Joined:
    Jan 13, 2011
    Posts:
    1,029
    Tch..tch.. They didn't have backups! They might have thought they did but they didn't really..
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  4. Keatah

    Keatah Registered Member

    Joined:
    Jan 13, 2011
    Posts:
    1,029
    Hey folks! Did you know there is a difference between running a program and opening an attachment?
     
  5. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    An attachment can be any file. If you open an attached program, typically it's downloaded and might be executed depending on email client. Then there should be a security warning about running programs downloaded from the internet unless it's signed.
     
  6. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    CryptoDefense, the CryptoLocker Imitator, Makes Over $34,000 in One Month
    http://www.symantec.com/connect/blogs/cryptodefense-cryptolocker-imitator-makes-over-34000-one-month
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Btw, I was thinking, isn´t it enough to simply protect files and folders?

    I wonder if a tool like Hide Folders 2012 would give any protection against Ransomware.

    I wish I could test this stuff. :)

    http://fspro.net/hide-folders/
     
  8. guest

    guest Guest

    Depends on the main goal, but generally it's enough IMO, although I prefer to backup my files manually to be certain. But I won't let the malware to be executed at all. Who knows it bundles a rootkit along with it. :ninja:

    P.S.: I took the "protect files and folders" part as access permissions/restrictions a la HIPS. I'm not sure if simply hiding the files/folders is as effective as HIPS file/folder protection.
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Hide Folders 2012 can actually do a lot more than only hiding. It can also lock folders (and files) and make them read only. I really wonder if ransomware would still be able to modify files in a protected folder. :)

    Btw, with Neoava Guard (Win XP) it´s possible to protect files also (see pic), it works for the most part. But I think that the best protection against file infectors is still virtualization, offered by Sandboxie and Comodo for example. I wonder if the sandbox in Avast has already been tested against ransomware?
     

    Attached Files:

    Last edited: Apr 16, 2014
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    http://threatpost.com/cryptolocker-ransomware-moves-to-android
     
  11. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    Does NeovaGuard allow me to protect a folder with a password directly in windows explorer?
    ie I navigate to a folder, double click on it to open it, and it prompts for a password?

    I dont want to launch another program just to open a folder.
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    No, you need a tool like Hide Folders 2012 for that. NG is also not developed anymore (you can´t even download it), and has always been a beta product. Still it´s quite nice, you can configure it in a way that only certain apps are allowed to have access to your files. I believe only Comodo is offering this at the moment. :)
     
    Last edited: May 10, 2014
  13. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    ok thanks i will try hide folders
     
  14. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    Oh dear didnt realise it cost a bit much for a simplish utility.
    "Trial Limitations: demo password" $40
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  16. Abdallah

    Abdallah Registered Member

    Joined:
    Oct 28, 2013
    Posts:
    124
    Location:
    N/A
    This is the first time I hear about NG and Hide Folders 2012 , it looks good for what it provide, I agree with you that virtualization and sandboxing is a good layer of protection against this type of infections ,

    BTW, I see an option in Sandboxie to implement this kind of configurations, it's closer to privacy than protection as sandboxing by itself should protect from ransomwares/cryptolockers

    It's a good decision also to implement image and restore plan for this kind of bad situations..


    The picture below showing "File Access" options inside Sandboxie

    access.png
     
    Last edited: May 11, 2014
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    @ Abdallah

    That is a nice feature in SBIE, but don´t forget, you also need protection from apps running outside the sandbox, not under control by SBIE.

    And if I´m correct SBIE will automatically deny modifications to files outside the sandbox, that´s so cool about virtualization. :)
     
    Last edited: May 14, 2014
  18. Abdallah

    Abdallah Registered Member

    Joined:
    Oct 28, 2013
    Posts:
    124
    Location:
    N/A
    Yes, that's a good point.

    It will be good to have this feature for apps running outside the sandbox also,
     
  19. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,288
    Totally. For instance: http://clonezilla.org/downloads.php
    Works great.
     
  20. Abdallah

    Abdallah Registered Member

    Joined:
    Oct 28, 2013
    Posts:
    124
    Location:
    N/A
  21. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  22. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    http://blog.trendmicro.com/cryptolocker-gozeus/

    Follow Rik on Twitter: https://twitter.com/rik_ferguson
     
  23. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    162,655
    Location:
    Texas
    More.
    http://krebsonsecurity.com/2014/06/...ts-gameover-zeus-botnet-cryptolocker-scourge/
     
  24. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
  25. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.