It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Cryptowall 3.0 ransomware switches to anonymous I2P network

page: 2
18
<< 1    3  4  5 >>

log in

join
share:

posted on Jan, 16 2015 @ 11:46 AM
link   
Would it be possible to use "system restore/restore previous versions" to get around this problem?




posted on Jan, 16 2015 @ 11:54 AM
link   
a reply to: PhoenixOD

Nope this maleware/ransomware also deletes your restore points. Tried using Shadowcopy even before i did a clean install, every other hard drive apart from my C: drive showed up nothing.


edit on 16-1-2015 by andy06shake because: (no reason given)



posted on Jan, 16 2015 @ 11:59 AM
link   
a reply to: andy06shake

I'm not tech smart.
But perhaps since the ATS owners might deal with this issue... and future tech issues. Could asking Skepticoverlord his advice?
I believe the owners consult with INFRAGARD..
Yes skeptic is a busy man. But .......
No matter how dumb a question I ask of him... he's always made time to answer back either here or twitter...

edit on 16-1-2015 by Bigburgh because: (no reason given)


Or you could cave a little and pay ( not ransom ) and take it to a computer doctor.

edit on 16-1-2015 by Bigburgh because: (no reason given)



posted on Jan, 16 2015 @ 12:01 PM
link   
a reply to: andy06shake

How about using software that searches for deleted files and try to find the restore points?



posted on Jan, 16 2015 @ 12:13 PM
link   

originally posted by: andy06shake
a reply to: Maverick7

That's the mystery eh? I suppose if i knew the answer i would not be in said situation.

Only new software i have recently added was a Plex media server so i can play media via my PS4.


Did you remove this software? And if you did.
Did it make a difference?



posted on Jan, 16 2015 @ 12:43 PM
link   
a reply to: Bigburgh

I have an HND in Information Technology and HNC in Electronic and Electrical Engineering. An I.T specialist will only run the same procedures as myself. Short of taking the drives to a data retrieval agency there's not much point.

Virus/maleware/ransomeware is gone now. SuperAntiSpyware/Malewarebytes and a clean Windows install seem to have done the job. There is however no difference, files are still encrypted via MPATTA.

It not like one of the simple ransomwares where the files and/or folders are simply hidden or renamed, this variation actually deletes and replaces said files with MPATTA versions. And like i said Shadowcopy just dont seem to help.
edit on 16-1-2015 by andy06shake because: (no reason given)



posted on Jan, 16 2015 @ 12:48 PM
link   
agreed.

you have two options.

pay the ransom or restore from backup..

you have at least 3 versions of your data right?

Live, backup and offsite backup?
edit on 16-1-2015 by grey580 because: (no reason given)



posted on Jan, 16 2015 @ 12:52 PM
link   
a reply to: grey580

To be honest i only had one back up which was also connected to my system hence suffered the same result. I know silly me, i really should know better. Chances are i will have another drive lying around somewhere with duplicate images and video, but no all of it im afraid. Guess its time to start pulling out old drives from the garage.

I dont imagine paying the ransom would help matters and would most lightly only furnish these cyber twats with more of my details. Tell you this i changed all my passwords, sharpish!

edit on 16-1-2015 by andy06shake because: (no reason given)



posted on Jan, 16 2015 @ 01:00 PM
link   

originally posted by: grey580
agreed.

you have two options.

pay the ransom or restore from backup..

you have at least 3 versions of your data right?

Live, backup and offsite backup?


I also throw in there cloud storage.



posted on Jan, 16 2015 @ 01:28 PM
link   
a reply to: andy06shake


Sheesh! Then if you can't do it....
This mal ware is a b##ch!

I usually don't follow threads like this...
But I find this very concerning..

I try hard to avoid viruses. So I only download stuff that I bought. Is endorsed/licenced.
The other animal is my PS3/4...
I got a Trosan Virus after I watched a YouTube video.
Low and behold... I was told to buy Norton antivirus. I had no idea that a gaming console needed such software.


I wish you luck..
It must be gut wrenching to lose those family photo's/history ..

I will follow this thread to see the answer/outcome..
edit on 16-1-2015 by Bigburgh because: (no reason given)



posted on Jan, 16 2015 @ 01:33 PM
link   
a reply to: andy06shake

You can pay the ransom with a pre paid credit card.

in fact with crypto locker the crooks were only accepting the green dot pre paid card.

Definitely look into an offsite storage.



posted on Jan, 16 2015 @ 01:52 PM
link   
a reply to: Bigburgh

Pictures and video of my two kid just after the were born, pictures of my Grandpa who i only just lost before Christmas, all sorts mate, stretching back 15 years or so. Devastated is the word i would use.

Hopefully some kind of workaround will become available considering i surely cannot be the only person affected in such a manner. Then again chance would be a fine thing indeed, considering the encryption employed. My best bet is some form of data recovery software.
edit on 16-1-2015 by andy06shake because: (no reason given)



posted on Jan, 16 2015 @ 01:59 PM
link   
a reply to: andy06shake

There is no work around.

The files are encrypted. You can only unencrypt with the key.



posted on Jan, 16 2015 @ 02:13 PM
link   
This is one piece of software I hope to never come in contact with. They (the creators of Cryptowall) have designed something so heinous that the only way to defend against it is to accept the fact that we'll eventually be infected with it and to prepare beforehand.

Now they're switching over to I2P. Mix that in with cryptocurrency and you've got crooks that won't be caught. The fact that they give you a timer in which to unlock your files is truly nasty, especially when that timer "expires" the ransom increases.



posted on Jan, 16 2015 @ 02:31 PM
link   
That's what I'm saying... losing the most valuable history


I know you have an external drive. Which was hit.
For future reference..
I have stored everything on SD drives...
I get them printed as soon as possible.
I have books and books of photo's as well as keeping SD drives locked away.

This stinks on ice..
I lost hundreds of photo's on a lap top..
Not by virus.. but the comp simply got out of date. Windows XP lost it's capacity and poof..

I trust your knowledge. You will find a way. And spread the word!



posted on Jan, 16 2015 @ 02:36 PM
link   
a reply to: ThomasMore

Welcome aboard!
The scary part is he does not know how he got it.
I like to download free wallpapers..
Now I have be suspicious of those sites...
Yikes!


edit on 16-1-2015 by Bigburgh because: (no reason given)



posted on Jan, 16 2015 @ 02:41 PM
link   
oyster.ignimgs.com...

For you andy06shakes


Love this game!
edit on 16-1-2015 by Bigburgh because: (no reason given)



posted on Jan, 16 2015 @ 02:55 PM
link   
a reply to: Bigburgh

i used to do that, i started noticing more and more alerts from my antivirus and firewall, so i stopped
now i make my own,here are two that i made pretty much close to the same just changed the size and color a little bit.





and this is my desktop with x widgets that i modified.



posted on Jan, 16 2015 @ 03:12 PM
link   
a reply to: grey580

I know there is currently no other solution than to actually have the access key. but to be quite frank I'm not willing to shell out £1000 for a key that will probobly never materialise and only enables these fools to keep doing what they do.

edit on 16-1-2015 by andy06shake because: (no reason given)



posted on Jan, 16 2015 @ 03:17 PM
link   
a reply to: Bigburgh

I'm just reinstalling that title. Weird eh? Great game all the same, ending could have been better.



new topics

top topics



 
18
<< 1    3  4  5 >>

log in

join