Hit one malicious web site and you are done. Your system is no longer your own. We all need to be more skeptical about every web site we open these days. I don't work with them or get anything from them, but I do love the work of the guys over at knowbe4.com; social engineering awareness training if you are interested.
As the net is not concentrating on trying to kill the threat they (the developers of cryptolocker) have upped the game and the costs:
The developers behind the file encrypting ransomware called CryptoLocker launched yesterday a dedicated decryption service that allows you to purchase the decryption key for encrypted files. The price for the decryption key, though, has been significantly increased from 2 bitcoins to 10 bitcoins. With the current price of bitcoins at around $212 USD the ransom has increased from around $400 USD to over $2,100 USD.
Well with the premium version of Crypto Prevent- it keeps it'self up to date- I like that. This has pushes me to finally update my Passport Drive backup which I'd been meaning to do. +Sandra Parlow – have you looked into CrashPlan? I have BackBlaze, but it only keeps files for 30 days- a problem if you keep your back-up off-line.
+Pamela Reynoso online storage seems like a good idea.. but dang.. it takes FOREVER to back up that way..
I installed crash plan and it confused me. I am using another back up program to external drives, but they are always plugged in.. what a pain all of this is..
It took me a month or so to be totally backed up. Only the initial back-up takes forever. It saved my entire photo library a few years ago when my drive failed.- I'll never be w/o it again. Many services allow you to 'seed' your back-up by sending them a drive with your data- catches you up faster +Sandra Parlow . The backing up happens behind the scenes- don't let how long it takes bother you- I mean you are using your machine anyways… let it do the heavy lifting. 🙂
+Pamela Reynoso it's hard because with all the usage we have here (2 gamers, myself, etc) it really slows things down… but I suppose it's a good idea to just bit the bullet and get it done, like you say…
Yes- I understand- we have gamers here- see if you can 'seed' your backup… like with your photo files- they take the longest to back up, IMO. And it will move faster when people are sleeping or at school. 🙂
+Sandra Parlow – look in the FAQ's of the back-up cloud service of your choice. See if they allow 'seeding'. The terms comes from 'cloud seeding', I think. You can hook up your back-up service and watch it take for ever to back up, OR some services allow you to 'seed' (jump start your backup) by sending them a drive with files you want backed up. Making a local copy and sending it to them is a faster method to get it all backed up sooner.
For example.. I checked my droop box. I have 9 gb's there.. big deal.. my 2012 print folder alone is 300 gb's.. and to get that much space is like $700 a year!
+Pamela Reynoso Well if your backup space is online and active on your system 24/7 the Crypto has the ability to encrypt those files also.. it's just a drive in windows.
Isn't it possible to have things on Google Drive w/o using a constantly updating utility? I keep meaning to check into Drive more… I have the utility, but I can delete it….in order to make manual updates. I need my son to hurry up and gain more CS knowledge/education so he can do all this for me. :/
I have a Network attached storage – what I did was backup to it – it backs up to backblaze and then I just turned off the network attached storage…
So if its not on it cannot get infected..
The issue is related to Live attached services – as I see it there is no reason why if a service like drive or skydrive or dropbox is live it will just sync the encrypted files..
I am sure there are specific issues – I just have not had time to research..
I would assume even a backup service that is backing up continuously would potentially just backup the encrypted files..
Now if that service has versioning and maintains multiple copies that might save you…
So…. +Brent Burzycki Your networked storage backs up aside from a direct connection through your computer? This is non-techy me trying to get it. 🙂 It would seem that BackBlaze does have versioning, doesn't it? One can go back 3 days or 1 week or 3 weeks. My problem is my backup external won't back up unless connected through my vulnerable computer.
So my computer I use daily could be infected if I am not careful .. it is attached to the Network attached storage (in this case a drobo) that is a live drive.. and would be compromised if infected..
So I backed up the two internal local drives to my drobo – backbalze then backed up the Drobo and then i just shut off the drobo.. so its in two places..
Right now if I got infected, which I sure am trying not too.. I would at least have two copies of my data..
I think +Backblaze needs to address this unless they already have.. as some backup services are saying they are safe from crypto locker.. I would like to know why and how…
This brings up the same old issue of using any syncing service like skydrive – I use it daily – but if I had an infected file or set of files I think it would happily just sync the files… and then expose all my other machines to the infected synced files…
This is fricking scary….
Wow. I have been keeping a wary eye pealed….oh- and backing up. :/ What do you think of the CryptoPrevent?
It seems to be a way to prevent it.. But you cannot protect users from themselves…..
This is absolutely brilliant….. But also pure evil….
Agreed- it's pure evil. And brilliant. I looked at the CryptoPrevent- but it's written for techno people…IMO.
Hit one malicious web site and you are done. Your system is no longer your own. We all need to be more skeptical about every web site we open these days. I don't work with them or get anything from them, but I do love the work of the guys over at knowbe4.com; social engineering awareness training if you are interested.
The image is such blatant social engineering. What are the cliff notes 🙂 on this one?
That's scary, very scary. I was reading about it the other day on Ars. Does anybody know if it affects Macs?
<3 krebs on security
+Leon Chevalier I do not believe it affects macs… well at least yet…
These are also great links to get more info:
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
As the net is not concentrating on trying to kill the threat they (the developers of cryptolocker) have upped the game and the costs:
The developers behind the file encrypting ransomware called CryptoLocker launched yesterday a dedicated decryption service that allows you to purchase the decryption key for encrypted files. The price for the decryption key, though, has been significantly increased from 2 bitcoins to 10 bitcoins. With the current price of bitcoins at around $212 USD the ransom has increased from around $400 USD to over $2,100 USD.
http://www.bleepingcomputer.com/forums/t/512668/cryptolocker-developers-charge-10-bitcoins-to-use-new-decryption-service/
Better keep backups that are not attached and live…
Holy Crap! Internet terrorism, it would appear.
so this cryptoprevent is a good idea to install then?
+Sandra Parlow -I'm thinking for $15 it's well worth a gamble. No way could I come up with $2,000. None.
I know.. and I just can't keep up with all the damn back ups either a:/
Well with the premium version of Crypto Prevent- it keeps it'self up to date- I like that. This has pushes me to finally update my Passport Drive backup which I'd been meaning to do. +Sandra Parlow – have you looked into CrashPlan? I have BackBlaze, but it only keeps files for 30 days- a problem if you keep your back-up off-line.
+Pamela Reynoso online storage seems like a good idea.. but dang.. it takes FOREVER to back up that way..
I installed crash plan and it confused me. I am using another back up program to external drives, but they are always plugged in.. what a pain all of this is..
It took me a month or so to be totally backed up. Only the initial back-up takes forever. It saved my entire photo library a few years ago when my drive failed.- I'll never be w/o it again. Many services allow you to 'seed' your back-up by sending them a drive with your data- catches you up faster +Sandra Parlow .
The backing up happens behind the scenes- don't let how long it takes bother you- I mean you are using your machine anyways… let it do the heavy lifting. 🙂
+Pamela Reynoso it's hard because with all the usage we have here (2 gamers, myself, etc) it really slows things down… but I suppose it's a good idea to just bit the bullet and get it done, like you say…
Yes- I understand- we have gamers here- see if you can 'seed' your backup… like with your photo files- they take the longest to back up, IMO. And it will move faster when people are sleeping or at school. 🙂
I'm not sure what you mean by "seed" 🙁
you see? <——– dummy
+Sandra Parlow – look in the FAQ's of the back-up cloud service of your choice. See if they allow 'seeding'.
The terms comes from 'cloud seeding', I think. You can hook up your back-up service and watch it take for ever to back up, OR some services allow you to 'seed' (jump start your backup) by sending them a drive with files you want backed up. Making a local copy and sending it to them is a faster method to get it all backed up sooner.
so where is a reasonably priced cloud back up
For example.. I checked my droop box. I have 9 gb's there.. big deal.. my 2012 print folder alone is 300 gb's.. and to get that much space is like $700 a year!
unless I'm reading something wrong…
Currently I have BackBlaze, unlimited back-up space for $10/computer per month. I think Crash Plan is about the same, +Sandra Parlow .
really? wow.. hmmm – ok.
+Pamela Reynoso Well if your backup space is online and active on your system 24/7 the Crypto has the ability to encrypt those files also.. it's just a drive in windows.
That's what I was thinking +Kevin S . ~groan~
there goes another viable option. looks like yet ANOTHER external hard drive is in my future….
Isn't it possible to have things on Google Drive w/o using a constantly updating utility? I keep meaning to check into Drive more… I have the utility, but I can delete it….in order to make manual updates.
I need my son to hurry up and gain more CS knowledge/education so he can do all this for me. :/
I have a Network attached storage – what I did was backup to it – it backs up to backblaze and then I just turned off the network attached storage…
So if its not on it cannot get infected..
The issue is related to Live attached services – as I see it there is no reason why if a service like drive or skydrive or dropbox is live it will just sync the encrypted files..
I am sure there are specific issues – I just have not had time to research..
I would assume even a backup service that is backing up continuously would potentially just backup the encrypted files..
Now if that service has versioning and maintains multiple copies that might save you…
So…. +Brent Burzycki Your networked storage backs up aside from a direct connection through your computer? This is non-techy me trying to get it. 🙂
It would seem that BackBlaze does have versioning, doesn't it? One can go back 3 days or 1 week or 3 weeks. My problem is my backup external won't back up unless connected through my vulnerable computer.
+Pamela Reynoso well no.. but….
So my computer I use daily could be infected if I am not careful .. it is attached to the Network attached storage (in this case a drobo) that is a live drive.. and would be compromised if infected..
So I backed up the two internal local drives to my drobo – backbalze then backed up the Drobo and then i just shut off the drobo.. so its in two places..
Right now if I got infected, which I sure am trying not too.. I would at least have two copies of my data..
I think +Backblaze needs to address this unless they already have.. as some backup services are saying they are safe from crypto locker.. I would like to know why and how…
This brings up the same old issue of using any syncing service like skydrive – I use it daily – but if I had an infected file or set of files I think it would happily just sync the files… and then expose all my other machines to the infected synced files…
Gotcha! (I'm pretty sure, at least. 🙂 ) And I agree about BackBlaze.