Tuesday, October 15, 2013

New ransomware

Hi guys,

Something to be aware of - a new ransomware tool doing the rounds, not only encrypts your local disks... but any writeable network destinations the PC has write access to.  Very, very nasty.  My NAS is read-only via HTTP/browse for this very reason, it's only writeable via FTP.

No version of Windows is immune, UAC won't stop it, and AV won't detect it currently.  You don't want this.  Apparently the most common method of delivery is as [filename].pdf.exe, and in moron-mode Windows hides the .exe extension as "known".  Watch what you click.

http://www.reddit.com/r/sysadmin/comments/1mizfx/proper_care_feeding_of_your_cryptolocker/

No comments:

Post a Comment

Please be aware that all comments are moderated so if you're a scumbag spammer then I suggest not wasting your time. Your spam will not be seen by anyone.

Note: Only a member of this blog may post a comment.