How ransomeware can infect your computer

For those wishing to know how ransomeware may 'infect' your computer - this example from Computerworld may be of interest.

''Last week, my company was paid a visit by some interesting malware. This time, it was ransomware: malicious software that disguises itself as "security software" but actually holds the system hostage to trick the user into paying money to the software's handlers''

''we were able to determine that the infection came from a Web advertisement on the front page of a major news service. The website for the news service was fine, but it links to a series of rotating ads, one of which was compromised. When the compromised ad appears on the news service's Web page, it infects the unlucky browser using JavaScript code -- a drive-by download of malware that doesn't require the user to do anything. No need to click "yes" or "continue" to any prompts -- the JavaScript code executes automatically as soon as the ad appears''

http://www.computerworld.com/s/article/9233254/Security_Manager_s_Journal_New_ransomware_attack_hurts_trustworthiness_of_Web?taxonomyId=85

 

Interresting read, I am glad that I use adblock... But this line makes me wonder:

Did they actually ignore the alerts from their intrusion-detection and behavioral monitoring software?

 

Would simply disabling Javascript in one's browser have stopped this particular ransomeware?

 

JavaScript, whitelisting domains (whatever method one prefers). Nothing complicated, just unaware users as usual.

-edit-

Blocking ads would have worked nice as well.

 

I fail to see the novelty of what's afoot here.
Mrk

 

The author of the article clearly his limited knowledge of dealing with malware when he says the only way to get rid of the threat was to reimage the infected computers.

Sure, I know that in some cases restoring from an image is quicker and easier then actually removing a threat, but to suggest that the threat could only be removed by doing a reimage is rediculous.

 

roger_m, he didn't say the only way to get rid of the malware was to reimage, but in a business environment where time is money is not cost effective to try and "fix" the computer with traditional methods. A reimage takes no time at all and ensures the pc is clean.

 

He did say just that.

No argument from me there.

 

The same applies to a home or personal environment. Leaving trivial cases apart, it is always better to reimage. But, of course, a reimage does take time ...

 

20 min on my set up

 

I need to delete some files - takes me hours.

I have never restored from an image to clean malware. I do see the point in doing so, however in my case it quicker to remove the malware, and when I clean malware for others they never have an image of their system.

 

It's the paradox - those who image, know their business, they never get infected, and hence they never need to restore due to malware. You end up having a setup that's much like nuclear weapons - a deterrent rather than something you would use. I think images are more useful against legit software doing boo-boos rather than malware.
Mrk

 

You've hit the proverbial nail on the head

I'd say equally as useful against either, but I re-image due to the former rather than the latter.

 

Yes, and also against failing hard-drives...

 

these kind of drive by downloads should be stopped in W8 by default with the help of Windows Smart Screen

And a necessity to have adblocker installed in browsers

 

Yep, agreed on that.....