Hijacked PC's Being Held For Ransom

[Atrocities]

I just watched on the news where a local women had her computer hijacked by a hacker demanding money. Their computer was taken by the FBI for investigation. It would not boot and threatened to delete a file every 30 minutes unless they paid the ransom via wester union to some account.

According to the news report anti-virus software and fire walls did not stop this from happening. (Most likely because she was using NORTAN or McAfee.)

At any expense WOW. Talk about a nightmare.

News Story Link

[Atrocities]

Quote:

A new type of Internet extortion crime, where a hacker encrypts the data belonging to an individual. This can be accomplished by (for example) attaching a specially crafted file/program to an E-mail message and sending this to the victim. If the victim opens/executes the attachment, the program encrypts a number of files on the victim's computer. A ransom note is then left behind for the victim. The victim will be unable to open the encrypted files without the correct decryption keys. Once the ransom demanded in the ransom note is paid, the hacker will (supposedly) send the decryption keys, enabling decryption of the "kidnapped" files.

"This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination," said Oliver Friedrichs, a security manager for Symantec Corp.[1]

As of May 2005, this type of attack appears to be isolated, but experts fear that as time goes on, hackers will perfect techniques and make it a more common appearance on the Internet.

[dogscoff]

The moral(s) of the story?
1 - don't open suspicious email attachments
2 - Have some decent and up-to-date antivirus running.
3 - backup your data

If your data's backed up, you can just say "ha ha screw you" to the datanapper and reinstall your PC. (Having made a statement to the police, of course)

[Thermodyne]

1) Don�t use an account with administrative privileges for everyday activities.
2) Don�t open email from unknown senders.
3) Don�t use IE with low security settings. Better yet, don�t use IE.
4) Do use antivirus and keep it up to date. Symantec is still one of the best out there; just don�t get the version with all of the extra crap.
5) Do keep your system patched.
6) Do use a firewall of some sort. Hardware is better than software, but software is better than nothing.
7) Do set windows to require a Ctrl, Alt, and Del at log on.
8) Do put a complex password on the admin account and turn off administrative shares.
9) Do rename the admin account.


This sounds like an old TSR exploit, but could also be some type of root kit. Many home systems have a null admin password and administrative shares turned on. So some punk scans his local WAN subnet for computer names and with a whack-whack computername admin logon with no password gets right into your root drive. Sound easy? It is, and it�s hard for the average person to keep a system locked down. I�ve said it before and I�m saying it again. A hardware firewall is your best defense. Even if you let the system become a bot, the stand alone firewall will still prevent the hacker from making use of your system.

[Atrocities]

Tell people how to do these things. I sure as hell am not that knowledgeable.

[TurinTurambar]

As soon as my replacement HD arrives I'll be installing XP on it and having to teach myself how to do all that, as the guy who set up my system before is no longer available to me.

Ugh...
Turin

[Thermodyne]

Quote:

Atrocities said:
Tell people how to do these things. I sure as hell am not that knowledgeable.

Well, that�s what I do for a living. If I tell you how to do it, then I have to get in your wallet

[Renegade 13]

Quote:

Thermodyne said:
1) Don�t use an account with administrative privileges for everyday activities.

Guilty!

Quote:

2) Don�t open email from unknown senders.

Check

Quote:

3) Don�t use IE with low security settings. Better yet, don�t use IE.

Check

Quote:

4) Do use antivirus and keep it up to date. Symantec is still one of the best out there; just don�t get the version with all of the extra crap.

Check

Quote:

5) Do keep your system patched.

Check

Quote:

6) Do use a firewall of some sort. Hardware is better than software, but software is better than nothing.

Semi-check. Software Firewall.

Quote:

7) Do set windows to require a Ctrl, Alt, and Del at log on.

Not done...should do though.

Quote:

8) Do put a complex password on the admin account and turn off administrative shares.

Done. Very complex password.

Quote:

9) Do rename the admin account.

Check

Quote:

Many home systems have a null admin password and administrative shares turned on.

Are you serious!?!? People actually have their systems so unsecure...and it's so easy to fix!

[kerensky]

What's really funny about our hoe system is that our DSL router has a hardware firewall, our wireless router has a hardware firewall, and then our Norton security system has a software firewall. That and out IP changes every one to two minutes, I think I'm pretty safe...

[Captain Kwok]

Kerensky - you should try playing a game of TCP/IP with SE:IV and that configuration...