Speed on a safe road and they will chase you to the ends of the earth. Hold people's data to ransom and they don't do a thing about it. What does this say about the integrity (and intelligence) of our cops? it is the same with most scams. Our police forces are largely impotent (by choice). What really needs to happen is for a major police group to be hit by ransomware.
-----Original Message----- From: ProFox [mailto:[email protected]] On Behalf Of Dave Crozier Sent: Thursday, 8 October 2015 12:05 AM To: ProFox Email List <[email protected]> Subject: RE: Another new ransomware Kurt, As I said, one of my clients got hit a couple of days after I had done a site visit to check they were doing regular backups. As it turned out, the backups were failing and sending emails to everyone in the company letting them know they were at risk. They had been ignoring them for over 3 months. When the Cryptolocker struck they thought of paying the ransom but after I convinced them they would lose only two days' work, they just restored the backup. It could have ended in total tears though as the malware had encrypted over 80Gb of Autocad floorplan drawings that they were totally dependent on being an Electrical engineering company. Needless to say, their backup regime is now working as it should. I have heard of people who did pay the ransom and the decryption did work, but it certainly cost them! Dave -----Original Message----- From: ProFox [mailto:[email protected]] On Behalf Of Kurt Wendt Sent: 07 October 2015 14:28 To: [email protected] Subject: RE: Another new ransomware Thanks for your feedback Dave. In the co. newsletter - one article mentioned a nasty story of a woman who paid the ransom - but, was struggling to do it on time - since I understand they do something if its not paid timely - like increase the ransom price. I'd be curious to know if anyone here has actually gotten hit by it personally - and if they actually paid the ransom. Again - just curious... -K- -----Original Message----- From: ProfoxTech [mailto:[email protected]] On Behalf Of Dave Crozier Sent: Wednesday, October 07, 2015 9:17 AM To: [email protected] Subject: RE: Another new ransomware Kurt, The Cryptolocker ransomware only infected mapped drives (F:, G:.... etc) and if your shortcuts on the desktop and elsewhere were all based upon URL's then Cryptolocker did NOT spread the infection. I don't know about the new variants as they may well differ but I made a change on all my clients removing mapped drives completely and the two instances since doing this (on different clients) were restricted to local files. Dave -----Original Message----- From: ProFox [mailto:[email protected]] On Behalf Of Kurt Wendt Sent: 07 October 2015 14:12 To: [email protected] Subject: RE: Another new ransomware The co. where I work - they send out these monthly internal newsletters regarding security. The last newsletter centered around the Ransomware scandals. I know some folks here have discussed it in the past. Luckily I have never been personally hit by this type of Ransomware scandal on my home PC's. But, it sure is a good reason for everyone to have backups. The newsletter mentioned backups on an external drive - that is Not connect to your PC (only connect when running the backup). -K- -----Original Message----- From: ProfoxTech [mailto:[email protected]] On Behalf Of Paul Hill Sent: Wednesday, October 07, 2015 3:52 AM To: [email protected] Subject: Another new ransomware Hi All, I found possible new ransomware at a site today. There were many dbf files that had been renamed. For example: HS_0WIN.DBF was renamed to: [email protected] I tried renaming this file back but it was corrupt. Looking in the file it seemed scrambled (probably encrypted?). I found these all over the place. Did not find a ransom note. I'm guessing 'hairullah' wants money to decrypt these. Luckily this site had a backup only a few hours old. -- Paul [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
