Go Back   iRV2 Forums > iRV2.com COMMUNITY FORUMS > Just Conversation
Click Here to Login
Join iRV2 Today

Mission Statement: Supporting thoughtful exchange of knowledge, values and experience among RV enthusiasts.
Reply
  This discussion is proudly sponsored by:
Please support our sponsors and let them know you heard about their products on iRV2
 
Thread Tools Search this Thread Display Modes
 
Old 11-07-2013, 11:24 PM   #1
Senior Member
 
2Labs's Avatar


 
National RV Owners Club
Nor'easters Club
Ford Super Duty Owner
Join Date: Jun 2011
Location: CT
Posts: 775
Exclamation SERIOUS New Virus - Read This Post for information

Greetings everyone ... there is a SERIOUS virus making its way around the interwebs. You should take a few minutes to learn about the virus and how to protect yourself from it.

The virus is called the CRYPROLOCKER RANSOM Virus and will literally encrypt ALL the files on your computer AND any computers that are in the same network. You will not be able to access any files and in order to receive a decryption key, the virus writers demand a ransom that *starts* at $300 - payable only by bitcoins. So once its paid, there is no way to get a refund from PayPal, your credit card company, etc.

As of now this virus is coming through email as a zip file attachment and may also be disguised as a pdf attachment. There are also some reports of it spreading through previously infected computers that are unknowingly connected to botnets.

Currently virus and malware scanning programs have not yet been effective in blocking this virus as it constantly mutates its signature.

You can find out more information about it at these links:

https://www.us-cert.gov/ncas/alerts/TA13-309A

Cryptolocker Ransomware: What You Need To Know | Malwarebytes Unpacked

CryptoLocker Ransomware Information Guide and FAQ

CryptoLocker ransomware – see how it works, learn about prevention, cleanup and recovery | Naked Security

Should you become infected with this virus, there are virus removal tools that are available to remove the virus from your computer *BUT* Virus Removal Tools CANNOT decrpyt your scrambled files!

Remember ...

IF YOU RECEIVE A FILE YOU WERE NOT EXPECTING, DELETE IT - DO NOT OPEN IT - THERE ARE NO EXCEPTIONS!
__________________

__________________
2005 National Sea Breeze 1311
2015 VW Tiguan SE 4Motion (trailered)
Follow us online http://OurRVJourney.com
2Labs is offline   Reply With Quote
Join the #1 RV Forum Today - It's Totally Free!

iRV2.com RV Community - Are you about to start a new improvement on your RV or need some help with some maintenance? Do you need advice on what products to buy? Or maybe you can give others some advice? No matter where you fit in you'll find that iRV2 is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with other RV owners, see fewer ads, upload photographs, create an RV blog, send private messages and so much, much more!

Old 11-07-2013, 11:26 PM   #2
Senior Member
 
Mr_D's Avatar
 
Solo Rvers Club
iRV2 No Limits Club
Join Date: May 2011
Location: Vancouver, WA
Posts: 28,512
yep, saw that a couple days ago somewhere else on the Internet
__________________

__________________
2009 45' Magna 630 w/Cummins ISX 650 HP/1950 Lbs Ft
Charter Good Sam Lifetime Member, FMCA, SKP
RV'ing since 1957, NRA Benefactor Life, towing '14 CR-V
Mr_D is offline   Reply With Quote
Old 11-07-2013, 11:50 PM   #3
Senior Member
 
BFlinn181's Avatar
 
Gulf Streamers Club
Join Date: Jan 2012
Location: Cincinnati
Posts: 16,250
So back up all your important files, including photos. Or...buy a Mac!

This bit of criminal extortion is easily detected by decent virus software, so make sure yours is up to date.
__________________

Bob & Donna
'98 Gulf Stream Sun Voyager DP being pushed by a '00 Beetle TDI
BFlinn181 is online now   Reply With Quote
Old 11-08-2013, 08:36 AM   #4
Senior Member
 
PyrateSilly's Avatar
 
Monaco Owners Club
Join Date: Jul 2011
Posts: 2,200
Quote:
Originally Posted by BFlinn181 View Post
So back up all your important files, including photos. Or...buy a Mac!
I would not rely anymore on just because you have a mac you don't get viruses.
Do Macs Get Viruses? Apple Removes Boast That OS X 'Doesn't Get PC Viruses'
Mac Virus | The Official Mac Virus blogsite
http://bits.blogs.nytimes.com/2012/0...ger-safe/?_r=0
__________________
Thom and Christine having fun in a 1993 Monaco Crown Royale Signature Series 40ft 300hp RV. Towing a Fiat 500 Abarth and a Harley.
Our blogged repairs and travels
PyrateSilly is offline   Reply With Quote
Old 11-08-2013, 01:02 PM   #5
Senior Member
 
2Labs's Avatar


 
National RV Owners Club
Nor'easters Club
Ford Super Duty Owner
Join Date: Jun 2011
Location: CT
Posts: 775
Quote:
Originally Posted by BFlinn181 View Post
So back up all your important files, including photos. Or...buy a Mac!

This bit of criminal extortion is easily detected by decent virus software, so make sure yours is up to date.
Yes, always backup your data *BUT* if you are backing up to an external hard drive and that hard drive is connected when you get infected - your backups are gone too!

This virus encrypts data on your computer, any connected USB drives as well as any share drives that you are connected to on your network.

Your best bet for backups:

- best defense is to backup to a remote location ie: internet backup solutions
- if backing up to a USB connected drive, unplug the drive after your backup completes
- if backing up to a network share, disconnect the share

This really is one of the worst, if not the worst, virus infection I have seen in my many years in IT. It kind of surprises me that it has taken this long to have a virus that is so "secure".

While yes, you can remove the virus from your computer with a number of virus removal tools, these tools will NOT decrypt your data. The virus is written in such a way that when it runs on your computer it generates a private key and then sends this key back to the virus writers. If you don't have the key, you can forget about getting your data back.

This virus locks down your information using asymmetric encryption, which requires both a public and private key.http://en.wikipedia.org/wiki/Public-key_cryptography



In our IT business, we support nearly 10,000 email users and we've taken some drastically unusual (for us) steps to help our users with this problem. We notified our users last night via email, and are now marking any emails with zip file attachments as potential spam - moving that email to our users Junk E-Mail folders. While this is not a "fix" for it, it does give our users one extra line of defense.

We send users a daily report of mail in their Junk E-Mail folders and this will at least slow down any potential infection of their machines.

But like we tell our users - they are ultimately responsible

Quote:
Our system administrators make all best efforts through content filtering, spam filtering and virus scanning to prevent not only the delivery of spam, viruses and malware, but also the sending of spam, viruses and malware through our servers. While we work hard to constantly evolve our systems to detect these things, kindly remember that you are the last line of defense from infecting your computers.

We strongly encourage you to make sure that you have virus and malware scanners on your computers, and that they are up to date.

Remember ...

IF YOU RECEIVE A FILE YOU WERE NOT EXPECTING, DELETE IT - DO NOT OPEN IT - THERE ARE NO EXCEPTIONS!
__________________
2005 National Sea Breeze 1311
2015 VW Tiguan SE 4Motion (trailered)
Follow us online http://OurRVJourney.com
2Labs is offline   Reply With Quote
Old 11-08-2013, 01:12 PM   #6
Senior Member
 
Mr_D's Avatar
 
Solo Rvers Club
iRV2 No Limits Club
Join Date: May 2011
Location: Vancouver, WA
Posts: 28,512
Quote:
Originally Posted by BFlinn181 View Post
So back up all your important files, including photos. Or...buy a Mac!

This bit of criminal extortion is easily detected by decent virus software, so make sure yours is up to date.
The story I read says the anti-virus software won't catch it as it's continuing to morph.
__________________
2009 45' Magna 630 w/Cummins ISX 650 HP/1950 Lbs Ft
Charter Good Sam Lifetime Member, FMCA, SKP
RV'ing since 1957, NRA Benefactor Life, towing '14 CR-V
Mr_D is offline   Reply With Quote
Old 11-08-2013, 01:14 PM   #7
Senior Member
 
2Labs's Avatar


 
National RV Owners Club
Nor'easters Club
Ford Super Duty Owner
Join Date: Jun 2011
Location: CT
Posts: 775
Quote:
Originally Posted by PyrateSilly View Post
I agree on this post too ... here's a link to download Sophos Anti-Virus for Mac Home Edition

Quote:
Yes, Macs get viruses too.

And even if you never see a virus that directly attacks your Mac, the chances are good that you'll encounter malware from your Windows-using friends (or even from your own Windows partition, if you dual-boot your Mac).

Sophos for Mac stops threats for Windows and Mac alike, protecting you and those you share files with.

Choose from blocking viruses in real time (on-access protection), scanning at scheduled times, or running a check whenever you want.
4 free tools for Cyber Security Awareness Month – and beyond! | Naked Security
__________________
2005 National Sea Breeze 1311
2015 VW Tiguan SE 4Motion (trailered)
Follow us online http://OurRVJourney.com
2Labs is offline   Reply With Quote
Old 11-08-2013, 01:23 PM   #8
Senior Member
 
2Labs's Avatar


 
National RV Owners Club
Nor'easters Club
Ford Super Duty Owner
Join Date: Jun 2011
Location: CT
Posts: 775
Quote:
Originally Posted by Mr_D View Post
The story I read says the anti-virus software won't catch it as it's continuing to morph.
This is correct ..the virus writers are continually changing the virus patterns and signature to prevent detection by virus and malware programs.

Malwarebytes.org makes this claim:

Quote:
While Malwarebytes cannot recover your encrypted files post-infection, we do have options to prevent infections before they start.

Users of Malwarebytes Anti-Malware Pro are protected by malware execution prevention and blocking of malware sites and servers.
malwaresytes is just one program I run on my computers, but given the nature of this virus, I'd be hard pressed to test it on a machine running malwarebytes.
__________________
2005 National Sea Breeze 1311
2015 VW Tiguan SE 4Motion (trailered)
Follow us online http://OurRVJourney.com
2Labs is offline   Reply With Quote
Old 11-08-2013, 02:22 PM   #9
Senior Member
 
CampDaven's Avatar


 
Join Date: Jul 2012
Location: Fulltime, USA
Posts: 14,462
Blog Entries: 1
Some folks do not have SPAM or virus filters. Some will open any email and attachment they are sent. I doubt that I missed any from Ed McMahon.

I fear no attachments because I will never get inside an infected email to open. Any email that comes to me with an FW: or an RE: is deleted forthwith. Odds are they are jokes or cartoons I saw long ago, or have topics I do not care about. Any email from an address that is not recognized is automatically sent to my SPAM. I never read SPAM. I have not recieved a ZIP file since long before I quit working. ZIPs are obsolete. I will not open one now.

No worries here!
__________________
Dave and Nola, RVM1
The Journey is Our Destination!

http://davenola.blogspot.com/
CampDaven is online now   Reply With Quote
Old 11-08-2013, 04:04 PM   #10
Senior Member
 
2Labs's Avatar


 
National RV Owners Club
Nor'easters Club
Ford Super Duty Owner
Join Date: Jun 2011
Location: CT
Posts: 775
There is an application available called CryptoPrevent that makes changes to your computer to prevent the execution of programs from the directories where this (and other) malware programs typically reside.

Users can make these changes to their computers by themselves, but many are unsure about making such changes to their computers.

CryptoPrevent offers a freeware version, as well as a Premium version ($15.00 perpetual license). The difference between the two is that the Premium version will automatically update itself daily.

[ Moderator Edit ]
__________________
2005 National Sea Breeze 1311
2015 VW Tiguan SE 4Motion (trailered)
Follow us online http://OurRVJourney.com
2Labs is offline   Reply With Quote
Old 11-09-2013, 11:57 AM   #11
RV Mutant #14
 
Wayne M's Avatar


 
Winnebago Owners Club
Texas Boomers Club
Freightliner Owners Club
iRV2 No Limits Club
Join Date: Aug 2008
Location: Texas
Posts: 12,202
No virus should be taken lightly. There is no one program on the market that will discover "all" viruses, none. Malwarebytes, Spybot, and other detection schems will not find all malware and spybot viruses.

The better virus detection programs use "heuristic" virus detection. Heuristic detection is typically performed by the anti-virus software running in a virtual machine on your computer. So if you do not have heuristic detection anti-virus software you are most likely out of date on that type of program.

Information on heuristic analysis

Yes, MAC do get viruses. However the prevalent trend by virus writers an the more dangerous "script kiddies" is to target Windows software because there is a much broader reach in that category. Actually the malicious virus writers are far and few between. Most of the virus writers are looking for nothing more than praise for their accomplishments of busting into a system.

The script kiddies are the most dangerous. They are not proficient at what they do, so they take a virus that is already written by the "professional" virus writer and try to modify it to do what they want it to do. Many times these are the most malicious of viruses.

So whether you have a MAC or a Windows PC it really behooves you to have good anti-virus protection. It's your identity that is at stake.
__________________

__________________
Wayne MSGT USMC (Ret) & Earlene (CinCHouse)
2015 Winnebago Tour 42QD
RVM14
It is what it is, and then it is what you make of it.
Wayne M is offline   Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


» Virginia Campgrounds

Reviews provided by


Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -6. The time now is 06:49 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.