It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
My NASA Pics Encrypted by Unkown Person
page: 16
share:
After reading accusations of NASA altering or removing photos on their Apollo program, I downloaded the entire website at the URL I believe to have
been /www.hq.nasa.gov... Someone mentioned that NASA had deleted Apollo 10 images from their archives, so I wanted to see if
that indeed did happen, or at least in the last three months. However, opening my folders I saw instead of .jpg the images were all .crypted files
that had been converted, and when I clicked on them nothing happened at all. While I have maybe 200GB worth of files of numerous different types, only
the NASA files were encrypted. It turns out I don't seem to have any Apollo 10 images and may not have downloaded that section of the website. In
theory they could have been deleted but I never looked for them in the first place as I was interested in Apollo 11 and later, so probably not.
I first suspected that this occurred because the trial version of the website downloaded expired and then encrypted the downloaded website with the files to be unlocked only after paying for the app. I tried three different ones and settled on HTTrack WebsiteCopier which is totally free and offers no paid version. I had already copied the files to an external drive I only rarely plug in to access because I need it there for backup purposes and specifically don't want a virus to be able to wipe the files. Also, I already uninstalled the trial version downloaders. So if nothing else this will let others know who do the same process to be exceptionally careful with what application they are using to download the Apollo Image library.
I looked up .crypted to see that it seems to be a faulty encryption based on the Nemucod virus. There is an application that can be used to decrypt the files, which I used and was able to recover the images. I'm about to go on the process of a full virus scan so I can remove any remaining problems. But it seems incredibly strange to me that the files would have been picked out at random by a virus, or that the virus would only encrypt some folders with images but not others. Perhaps the virus looks for the largest group of images or most recently accessed group of images? I don't know, but my hard drive has tons and tons of files yet the only ones encrypted were my NASA pics. I have a folder named something like "pictures" with about 20 images that were not encrypted by the malware for example.
I first suspected that this occurred because the trial version of the website downloaded expired and then encrypted the downloaded website with the files to be unlocked only after paying for the app. I tried three different ones and settled on HTTrack WebsiteCopier which is totally free and offers no paid version. I had already copied the files to an external drive I only rarely plug in to access because I need it there for backup purposes and specifically don't want a virus to be able to wipe the files. Also, I already uninstalled the trial version downloaders. So if nothing else this will let others know who do the same process to be exceptionally careful with what application they are using to download the Apollo Image library.
I looked up .crypted to see that it seems to be a faulty encryption based on the Nemucod virus. There is an application that can be used to decrypt the files, which I used and was able to recover the images. I'm about to go on the process of a full virus scan so I can remove any remaining problems. But it seems incredibly strange to me that the files would have been picked out at random by a virus, or that the virus would only encrypt some folders with images but not others. Perhaps the virus looks for the largest group of images or most recently accessed group of images? I don't know, but my hard drive has tons and tons of files yet the only ones encrypted were my NASA pics. I have a folder named something like "pictures" with about 20 images that were not encrypted by the malware for example.
This looks to be something with your computer. I grabbed a copy of the website with wget in Linux. I have jpg's and pdf's. I think you have a nasty
virus on your computer. :/
Edit: Apollo 10 images are in the alsj/a410 directory, so they're there.
Edit: Apollo 10 images are in the alsj/a410 directory, so they're there.
edit on 26-8-2016 by Melen because: (no reason
given)
edit on 26-8-2016 by Melen because: (no reason given)
a reply to: wayforward
Looks like you have yourself some Nemucod. Try this -
Nemucod Decryptor]
Looks like you have yourself some Nemucod. Try this -
Nemucod Decryptor]
edit
on 26-8-2016 by Vizzle because: broken link
a reply to: wayforward
Sooner the better. Virus programs are as insidious as the creeps that write them.
I looked up .crypted to see that it seems to be a faulty encryption based on the Nemucod virus. There is an application that can be used to decrypt the files, which I used and was able to recover the images. I'm about to go on the process of a full virus scan so I can remove any remaining problems.
Sooner the better. Virus programs are as insidious as the creeps that write them.
a reply to: wayforward
Malware like this often uses regular expressions / parsing / search queries or whatever you want to call them so they make the most sense to you to find the files they're looking to encrypt.
It can be thrown off by odd characters or naming schemes and most of them are specifically designed to ignore system files. A lot of them do go for the last modified date which can be updated for a number of reasons. Had a look at the ransomware being dropped by the recent Numucod trojan variation and it's targeting specific directories first.
If you were amazingly curious you could probably find out what version of ransomware you have and look up the search queries / loops it's using to encrypt. I doubt it's specifically targeted. If it was, it isn't actually that hard to deobsfucate and look at the code.
Note: hopefully you've stopped the encryption process by now?
Malware like this often uses regular expressions / parsing / search queries or whatever you want to call them so they make the most sense to you to find the files they're looking to encrypt.
It can be thrown off by odd characters or naming schemes and most of them are specifically designed to ignore system files. A lot of them do go for the last modified date which can be updated for a number of reasons. Had a look at the ransomware being dropped by the recent Numucod trojan variation and it's targeting specific directories first.
If you were amazingly curious you could probably find out what version of ransomware you have and look up the search queries / loops it's using to encrypt. I doubt it's specifically targeted. If it was, it isn't actually that hard to deobsfucate and look at the code.
Note: hopefully you've stopped the encryption process by now?
edit on 26-8-2016 by Pinke because: (no reason given)
a reply to: wayforward
It sounds like you've been hit by ransomware. A version of cryptolocker or something.
is it only those files?
Did you check to see if other files on your computer have been encrypted?
did you notice any strange pop ups on your computer?
It sounds like you've been hit by ransomware. A version of cryptolocker or something.
is it only those files?
Did you check to see if other files on your computer have been encrypted?
did you notice any strange pop ups on your computer?
Blah blah blah. . Virus... malware..
The truth is you stumbled across something you shouldn't have and they are on to you..
Have you seen any black suvs and copters near your home? If so pack yourself a bag and get out of town.. leave your cell phone and whatever you do.. DO NOT use your cards..
Godspeed my brother.. and good luck..
The truth is you stumbled across something you shouldn't have and they are on to you..
Have you seen any black suvs and copters near your home? If so pack yourself a bag and get out of town.. leave your cell phone and whatever you do.. DO NOT use your cards..
Godspeed my brother.. and good luck..
edit on 26/8/16 by Misterlondon because: (no reason given)
I've got shedloads of NASA Apollo images, had them for years with no bother.
I've also got the original hard copy book of Apolo 10 images in a NASA report, which has all of them published in it. No-one has been round in the night and scribbled them out with a biro.
I've also got the original hard copy book of Apolo 10 images in a NASA report, which has all of them published in it. No-one has been round in the night and scribbled them out with a biro.
originally posted by: Misterlondon
Blah blah blah. . Virus... malware..
The truth is you stumbled across something you shouldn't have and they are on to you..
Have you seen any black suvs and copters near your home? If so pack yourself a bag and get out of town.. leave your cell phone and whatever you do.. DO NOT use your cards..
Godspeed my brother.. and good luck..
Sarcasm alert!
new topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 1 hours ago -
Maestro Benedetto
Literature: 2 hours ago -
Is AI Better Than the Hollywood Elite?
Movies: 3 hours ago -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 6 hours ago -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 7 hours ago -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 7 hours ago -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum: 8 hours ago -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 9 hours ago -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 9 hours ago -
Weinstein's conviction overturned
Mainstream News: 11 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 1 hours ago, 12 flags -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 12 hours ago, 9 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 15 hours ago, 8 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 12 hours ago, 8 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 7 hours ago, 7 flags -
Weinstein's conviction overturned
Mainstream News: 11 hours ago, 7 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 9 hours ago, 7 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 9 hours ago, 5 flags -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 6 hours ago, 4 flags -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 7 hours ago, 3 flags
active topics
-
Manly P. Hall says Freemasonry is a religion?
Secret Societies • 22 • : Therealbeverage -
One Flame Throwing Robot Dog for Christmas Please!
Weaponry • 11 • : Therealbeverage -
British TV Presenter Refuses To Use Guest's Preferred Pronouns
Education and Media • 167 • : WakeUpBeer -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 257 • : DBCowboy -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three • 48 • : Therealbeverage -
The Good News According to Jesus - Episode 1
Religion, Faith, And Theology • 3 • : Therealbeverage -
Weinstein's conviction overturned
Mainstream News • 23 • : Therealbeverage -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics • 82 • : Lumenari -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies • 2 • : Boomer1947 -
Is AI Better Than the Hollywood Elite?
Movies • 6 • : Therealbeverage
6