New Windows 10 scam will encrypt your files for ransom

[Chiefcrowe]

http://www.zdnet.com/article/windows-10-scam-email-will-encrypt-your-files-for-ransom

 

[Ketchup]

Well, that didn't take long. I suppose the last OS we will ever need is just prone to this sort of thing.

 

[corkyg]

Has nothing to do with Windows 10 - but is a current malware infection that piggy backs on many web sites. It commonly rests in related ads, free shipping, etc. These links are parasitic and n ot part of the host necessarily.

https://www.pctechguide.com/articles/defend-computer-ransomware

 

[Ketchup]

Has nothing to do with Windows 10 - but is a current malware infection that piggy backs on many web sites. It commonly rests in related ads, free shipping, etc. These links are parasitic and n ot part of the host necessarily.

https://www.pctechguide.com/articles/defend-computer-ransomware

I disagree with this, in the nicest possible way

These have been out for a while now, so while MS has been developing Win10 they have had ample opportunity to develop ways to mitigate these types of threats, including their brand new browser, in addition to an AV that, if it doesn't detect an alternate AV, will start at every boot, barring some fairly serious tweaks. Since it has to go through the OS to affect these files, I do not believe the notion that there is nothing the OS can do to stop it.

I'll give you one example: whenever I launch a program, I have a Windows popup that needs to be accepted in order to launch said program. Why can't Windows do the same for file encryption?

 

[C1]

"Once a user downloads and opens the attached executable file, the malware payload opens, encrypting data on the affected computer, and locking the owner out."

Dont know how many time I gotta tell ya all:

It is a security violation to surf in "administrator" mode.

 

[rchunter]

Synology had something similar a few months back, synolocker malware. Those without ports open to the internet were mostly unaffected.

 

[cabri]

I disagree with this, in the nicest possible way

These have been out for a while now, so while MS has been developing Win10 they have had ample opportunity to develop ways to mitigate these types of threats, including their brand new browser, in addition to an AV that, if it doesn't detect an alternate AV, will start at every boot, barring some fairly serious tweaks. Since it has to go through the OS to affect these files, I do not believe the notion that there is nothing the OS can do to stop it.

I'll give you one example: whenever I launch a program, I have a Windows popup that needs to be accepted in order to launch said program. Why can't Windows do the same for file encryption?

How would you know that a file is being encrypted by a program.

All encryption is doing is scrambling the bytes in a specific pattern (known to the program) and writing binary data to the disk.

I could take a HTML text file and flip every other character manually in notepad and save it. Is that encrypted?

 

[Ketchup]

How would you know that a file is being encrypted by a program.

All encryption is doing is scrambling the bytes in a specific pattern (known to the program) and writing binary data to the disk.

I could take a HTML text file and flip every other character manually in notepad and save it. Is that encrypted?

Fair point. I don't know how they would go about it, but then again I don't know how MS handled most of their security fixes. But I would hope/assume that someone smarter than I could figure this out.

 

[Pantlegz]

How would you know that a file is being encrypted by a program.

All encryption is doing is scrambling the bytes in a specific pattern (known to the program) and writing binary data to the disk.

I could take a HTML text file and flip every other character manually in notepad and save it. Is that encrypted?

Hitman.pro has figured it out. I don't remember the specifics offhand but they hijack processes to do the encryption. I would assume you watch those processes and kill them if they're doing anything they're not supposed to be doing.

 

[artemicion]

I disagree with this, in the nicest possible way

These have been out for a while now, so while MS has been developing Win10 they have had ample opportunity to develop ways to mitigate these types of threats, including their brand new browser, in addition to an AV that, if it doesn't detect an alternate AV, will start at every boot, barring some fairly serious tweaks. Since it has to go through the OS to affect these files, I do not believe the notion that there is nothing the OS can do to stop it.

I'll give you one example: whenever I launch a program, I have a Windows popup that needs to be accepted in order to launch said program. Why can't Windows do the same for file encryption?

Hahaha did you even read the article? This has literally NOTHING to do with Win 10's security. The scam is an e-mail to people running Windows 7/8 claiming that if they run the attached executable, they will get to download Windows 10 faster.

I imagine there's little an OS can do to prevent an idiot from running executable e-mail attachments. You already get a pop-up dialogue box saying something along the lines of "ARE YOU SURE YOU WANT TO DO THIS, MICROSOFT WINDOWS DOES NOT RECOGNIZE THE PUBLISHER OF THIS EXECUTABLE."

If that's not enough to dissuade an idiot from running an executable SUPPOSEDLY FROM MICROSOFT, it's time to just chalk one up to Darwinism.

 

[ninaholic37]

You already get a pop-up dialogue box saying something along the lines of "ARE YOU SURE YOU WANT TO DO THIS, MICROSOFT WINDOWS DOES NOT RECOGNIZE THE PUBLISHER OF THIS EXECUTABLE."

They always say that though.

 

[cabri]

Because most do not either get MS blessing or follow approved procedures.

 

[LPCTech]

I work remote tech support. People are violently stupid. Many people think that ANY instruction the PC gives them is legit and necessary. They call me after getting scammed by the remote scammers. They call cuz the pc is "slow' and I usually find a bunch of malware that needs to be installed with user interaction. Some people call back within hours of their cleaning after reinfecting the PC. In ALL cases they are 100% clueless as to how they could possibly have a virus. After all, they NEVER go to any "weird" sites and they have anti virus, 'isnt that supposed to protect me?" lol

Cant protect you from yerself brah

 

[PliotronX]

I work remote tech support. People are violently stupid. Many people think that ANY instruction the PC gives them is legit and necessary. They call me after getting scammed by the remote scammers. They call cuz the pc is "slow' and I usually find a bunch of malware that needs to be installed with user interaction. Some people call back within hours of their cleaning after reinfecting the PC. In ALL cases they are 100% clueless as to how they could possibly have a virus. After all, they NEVER go to any "weird" sites and they have anti virus, 'isnt that supposed to protect me?" lol

Cant protect you from yerself brah

Roughly half the work I do is remote and it pretty much goes down like this. To make matters worse, my idiot coworker keeps disabling real-time protection on deployed endpoints because he believes it should only be scanning at night when nobody is using the computers. Surprise when half these offices get infected :awe:

 

[redzo]

Roughly half the work I do is remote and it pretty much goes down like this. To make matters worse, my idiot coworker keeps disabling real-time protection on deployed endpoints because he believes it should only be scanning at night when nobody is using the computers. Surprise when half these offices get infected :awe:

Some one should fire him ASAP. The live antivirus shield is the only reason why anyone should purchase an antivirus, otherwise you could just use free on demand scanners and good luck at disinfection after the system bytes the dust.