Very nasty computer virus going round at the moment

jungaljohn

Well-Known Member
Not anything deery but i'd hate anyone to get nailed by this

I've been sent a series of very convincing emails from amazom, dhl and barclays all asking to open a zipped file. If you have the file extensions showing you can see its actually an exe attachment.

Apparently if opened it encrypts all your data permanently unless you pay a huge ransom.

i was round my computer guys earlier on with literally a succession of people ringing who had fallen victim to this scam which has apparently so far netted its creator in excess £1billion.

Bin anything with a zipped attachment.
Change your passwords regularly.

John
 
its called Crypto blocker

also watch out for emails from Companies House

ransom is around $300 in bitcoins

all good and untraceable until he tries to bank it.
bet you he is the world's most watched bitcoin account waiting for it to happen
 
Sounds nasty, but glad it's just an exe. file though.
Thought it might be something my Mac could get for a while there :stir:

Neil. :)
 
AFAIK its an application embedded in a PDF
it is also Network enabled so can come in on a zip drive, as soon as your PC reads the drive....game over
if you are on a network it automatically infects connected devices

http://en.wikipedia.org/wiki/CryptoLocker

Not quite.... it does rely a bit more on user 'cooperation', or (as Miranda would say ;) ) 'what I like to call'... stupidity.


  • It isn't embedded in a PDF which runs itself... it is usually a .zip file containing an executable file cunningly labelled something like "Your DHL Tracking No.pdf.exe".
  • It can't 'come in on a zip drive'..... silly people can copy it onto a zip drive and then give that drive to someone else who can then open it
  • It can't spread across the network infecting devices.... but if you have network drives mapped (like in work you may have network drives H:\, J:\ etc) then it will have a go at screwing them up the same as it would any other drives on your PC (C:\, D:\ etc)

So... when a user tells me something like:

"Oh, I just opened up Outlook and the next thing I know I had spent $2000 getting my data back" what they actually mean is...

"Oh, I got an email from someone I never heard of, in a country I've never been, about a parcel I wasn't expecting, and immediately double clicked the attachment to open the ZIP file... then without looking or giving it any thought I double clicked the executable file within.... then I said YES I am sure, and then when the PC said it needed administrator confirmation I said OK to that too... then it started installing stuff while I was wondering what was going to be in my free parcel/how much money I'd won/inherited etc and then my computer was screwed..... and now it's your problem"


<END RANT>

:lol:
 
The only virus that I have ever known to make national news.
I don't like calling it a 'virus' because I believe that gives the creators too much credit. Back in the 'old days' viruses were clever. They were designed by nerdy people who could read assembler machine code to actually infect executables and boot sectors and spread themselves. The people who wrote them did it as much to see if they could out smart the creators of the operating systems than anything else... and a bit of kudos obviously!

This bit of software isn't a virus... it's a Trojan. It's a bit of software which the user gets tricked into running themselves and there isn't really anything clever about it. Pretty much anyone who can write software could write a program to encrypt the contents of %HOMEPATH%, call it "Amber Heard.nude.zip.exe" (good one Tony :lol:) and then spam it out to a list of email addresses. It takes advantage of the lack of knowledge of the user rather than the intellect of the creator. The user runs it as admin thereby bypassing all security.... the trojan doesn't have to do anything clever at all!

In this day and age, with all the publicity about phishing, Nigerian inheritance scams etc it's amazing how people still fall for what is, in this case, not even a remotely convincing 'trick'. If people stopped clicking on these things, stopped trying to buy viagra off a spam email, stopped clicking on links to thisisnatwestonlinebanking.honest.guv.za and entering their bank details then 90% of email traffic would disappear overnight!

In the mean time, anything even slightly executable, macro, script etc is banned from all email servers I administer and has been for years. :D
 
Last edited:
Alex I'm reminded that The Sun is written for an average reading age of 12.

People come in all forms, creeds and colours but mostly share "greedy". Why else would they open a mail about a delivery they are not expecting?

Its a sad fact of life. Neither of us will be out of a day job any time soon!
 
Back
Top