Malware locks up computer files until ransom paid

DSP

Heri
.......

Monday, November 03, 2014 01:57PM
SAN FRANCISCO --
A new type of malware is spreading throughout the world. It's a scam that has the feel of an international spy thriller. Instead of stealing your personal information, thieves are holding it hostage-locking up your computer files. You can't get it back untill you pay.

Attorney Christina Chen was settling in for another workday at her San Francisco law office when suddenly something sinister shook her world.

"I thought it was a joke, until the message popped up," said Christina Chen.

Christina was trying to open a file on her computer when everything went blank and a threat appeared on her screen. She was stunned -- a malicious software had taken over her computer, locked all of her files and if she wanted them back she would have to pay a ransom.

"They actually call it a ransom. You have to pay a ransom," said Christina Chen.

It's the work of an underworld organization called Cryptowall operating in Russia or Eastern Europe. Christina frantically tried to open other documents -- all were locked. Twenty years of case files, bank records, tax returns, photos, letters.

"Every one of them, the same popup -- then I knew it was no joke," said Christina Chen.

"Some victims are paying upwards of $10,000 to get their files back
," said Keith Jarvis, Dell SecureWorks.

Jarvis is investigating Cryptowall, as is the FBI. Experts say criminals infect computers with a virus called ransom-ware -- which basically kidnaps files and holds them hostage. Cryptowall has infected more than 800,000 computers worldwide since February - a quarter million in the United States. Already victims have paid out more than $1 million in ransom.

"They'll first charge you $500 if you pay immediately or within a few days that's the price. If you wait a few more days they'll jack the price up to $1000 or even $1500," said Jarvis.

Cryptowall steers victims to this screen with a countdown clock to pay or the price goes up. And they must pay in bitcoins -- an untraceable currency as mysterious to victims as Cryptowall itself.

"It reads like a spy movie or an international conspiracy. It's very surprising it would happen to an ordinary person like myself," said Christina Chen.

The Cryptowall message told her 'don't waste time -- no other solutions exist.' Security experts say there is no way to unscramble the Cryptowall coding. Victims escape only if they've backed up their files somewhere else, Christina did not -- even her tech consultant said just pay up.

"$500 -- I was actually willing to pay reluctantly. They have you over a barrel you know," said Christina Chen.

"I was pretty shocked that there are these types of viruses out there that basically take a gun to people's head," said Edgar Chen, Christina's nephew.

Edgar is a computer whiz Christina called as a last resort. He searched for a way to unlock the files -- impossible -- until, a small miracle.

"There was one possible solution -- that's something called a shadow copy," said Edgar Chen.

Edgar found it hidden in Christina's computer -- the "Windows Restore Feature." It automatically backs up files but only if the user had turned it on. Was Christina's activated?

"We went to shadow copy, and there were all her files," said Edgar Chen.

Amazingly, whoever set up her computer 10 years ago did turn on the restore feature. Just by checking that little box copies of every file were resting there.

"I think I'm very lucky," said Christina Chen.

"We were definitely both extremely happy," said Edgar Chen.

"I think people should know, it can happen to anyone," said Christina Chen.

Cryptowall is infecting thousands more computers every month mostly by sending phishing emails that look real. You click on a link in the email, the virus crawls into your computer. Don't click on emails you aren't expecting and protect yourself by backing up files in a separate place.
Map My News
 

Oneshot

where de crix
Yea this is real. A pardna of mine got hit. Some employee in sales or marketing got infected and the virus hit their shared drive.
 

Socapro

Repect Our Soca Pioneers
Interesting! I had a similar malware program appear on my computer last year and it was demanding money whenever I logged in in order for me to access any files or run programs.

Luckily for me I regularly back up all my computer files on an external hard-drive and so I decided to re-install every thing on my computer.

Since then I have been using a malware detection software on my computer called Malwarebytes Anti-Malware to protect my PC from future infection.
 

DSP

Heri
DSP dropbox and other cloud services should be protected right?
don't trust drop box, plus dropbox is like having a backdoor to your network.

I don't trust any cloud to put anything. If anything I'd buy my own small cloud and place it in my home with only access through 1 port. Sometimes I pull up wireshark to see what's coming through in and out of my network.
 

DSP

Heri
Interesting! I had a similar malware program appear on my computer last year and it was demanding money whenever I logged in in order for me to access any files or run programs.

Luckily for me I regularly back up all my computer files on an external hard-drive and so I decided to re-install every thing on my computer.

Since then I have been using a malware detection software on my computer called Malwarebytes Anti-Malware to protect by PC from future infection.
as long as you keep you files backed up...plus it only affects windows, none of the linux stuff

Avast is pretty good too btw, doesn't hurt to use 2 or 3 for security purposes.
 

TheEducator

New member
Every computer should have these installed.

ccleaner - Gets rid of junk. Very good maintenance tool.
https://www.piriform.com/CCLEANER

Malwarebyes
https://www.malwarebytes.org/

Spybot Search and Destroy
Spybot ©

Free anti-virus (Only need 1 anti-virus)

http://www.avg.com/ppc/ww-en/avf_do...tivirus Free&gclid=CLCIitPI5MECFYzm7AodqTsArg

Avira Free Antivirus - Download the best free antivirus software

Avast 2015 | Download free antivirus software for virus protection

Internet Security Suits - (Optional)

1 .Kaspersky Internet Security 2015 | Kaspersky Lab US
2. Norton Internet Security

Everything listed is free. Except for the internet security suits.
 

DSP

Heri
Every computer should have these installed.

ccleaner - Gets rid of junk. Very good maintenance tool.
https://www.piriform.com/CCLEANER

Malwarebyes
https://www.malwarebytes.org/

Spybot Search and Destroy
Spybot ©

Free anti-virus (Only need 1 anti-virus)

http://www.avg.com/ppc/ww-en/avf_do...tivirus Free&gclid=CLCIitPI5MECFYzm7AodqTsArg

Avira Free Antivirus - Download the best free antivirus software

Avast 2015 | Download free antivirus software for virus protection

Internet Security Suits - (Optional)

1 .Kaspersky Internet Security 2015 | Kaspersky Lab US
2. Norton Internet Security

Everything listed is free. Except for the internet security suits.
Not a fan of spybot or ccleaner at all, tried spybot a long time ago found more malware and had to double check the registry. Maybe they've improved

Norton, like McAfee is garbage and waste of byte space and money if anyone buys them.

Last resort is system restore or reimage(last of last resorts done too often in business due to time constraints)...basically like bleech

I've combined Avast, AVG, and Malwarebytes and they're sufficient. Avast has become the strongest to me as of late. They seem to block any and everything..almost too good sometimes...to where you have to basically 'whitelist'.
 

LB

Peace Love n Pretty Tings
Every computer should have these installed.

ccleaner - Gets rid of junk. Very good maintenance tool.
https://www.piriform.com/CCLEANER

Malwarebyes
https://www.malwarebytes.org/

Spybot Search and Destroy
Spybot ©

Free anti-virus (Only need 1 anti-virus)

http://www.avg.com/ppc/ww-en/avf_do...tivirus Free&gclid=CLCIitPI5MECFYzm7AodqTsArg

Avira Free Antivirus - Download the best free antivirus software

Avast 2015 | Download free antivirus software for virus protection

Internet Security Suits - (Optional)

1 .Kaspersky Internet Security 2015 | Kaspersky Lab US
2. Norton Internet Security

Everything listed is free. Except for the internet security suits.
The malware and spybot dont work so great in my opinion. And Norton and Kaspersky are memory pigs that slow up your system and make unauthorized changes to your registry.. Not worth it since they dont catch everything anyway and you need other programs to cover their inefficiencies.

Right now, Trend micro is working best and I dont need 20 other programs to cover off specific threats. Nothing has gotten through on my system in the last 2 years and it doesn't effect my start up and memory like those other programs.

As for data files, I store nothing on my laptops or my desktop. All my files sit on separate device which is backed up/mirrored nightly offsite. So a ransom malware wouldn't make a difference to me.
 

TheEducator

New member
The older versions of Kaspersky and Norton were memory hogs and weren't worth the money, but this is 2014. They have improved greatly. They have been the best anti-virus programs out there for 3 plus years now. Read any review from pcmag, av-comparatives etc and they are always rated as best as far as performance goes.

You can even check the results for yourself

http://www.av-comparatives.org/wp-content/uploads/2013/11/avc_rem_201311_en.pdf
http://www.av-comparatives.org/wp-content/uploads/2014/06/avc_per_201405_en.pdf
the rest AV-Comparatives Independent Tests of Anti-Virus Software » AV-Comparatives

How can anyone hate ccleaner and malwarebytes? :kicks Not liking spybot I can understand, but malwarebytes? lol
 

TheEducator

New member
I've combined Avast, AVG, and Malwarebytes and they're sufficient. Avast has become the strongest to me as of late. They seem to block any and everything..almost too good sometimes...to where you have to basically 'whitelist'.
I have AVG IS, malwarebytes, and ccleaner on one computer, Kaspersky IS, ccleaner on another, and AVG IS, malwarebytes, spoybot, ccleaner on another. I haven't had any problems in 6 plus years.
 

LB

Peace Love n Pretty Tings
Hate? You are a bit dramatic aren't you?

If all those programs work for you then that's great. There are other alternatives that work just as good or even better so it's not a big deal if ppl offer more information for others to chew on.
 

DSP

Heri
I have AVG IS, malwarebytes, and ccleaner on one computer, Kaspersky IS, ccleaner on another, and AVG IS, malwarebytes, spoybot, ccleaner on another. I haven't had any problems in 6 plus years.
Malware usually doesn't affect the older systems as they're not designed to attack them. But AVG has a really great and proven track record. Avast is quickly catching up with it if not having passed it already.
I like them both.
 
Top