Ransome wear

[Z15CAM]

How to combat it?

 

[JackMDS]

By keeping updated clone file of you HD/SSD.

Can be done to external Drive or Cloud service that is offered by some of the Clone software vendors.

If Ransomware takes over, you can format the HD/SSD and install the Clone file back to the Drive.

 

[Z15CAM]

By keeping updated clone file of you HD/SSD.

I agree but to recognize when you are being attacked is another matter.

I found that e-mail fake parcel shipment with a Tracking ZIP attachment and extracting to a JS script makes one vulnerable.

 

[Z15CAM]

Makes you wonder if the Federal Postal System isn't compromised

 

[master_shake_]

oh my god!

i got that exact email and then laughed when i saw it was from new zealand.

 

[Z15CAM]

In other Words "WHO's Leaking Parcel Post Tracking"

 

[sweenish]

Makes you wonder if the Federal Postal System isn't compromised

Nope, just straight PEBKAC.

 

[Z15CAM]

PEBKAC = Idiot error

 

[John Connor]

Ransom WEAR?

 

[Z15CAM]

Come on John it was typo error not a spelling error. I suspect you're insinuating "Ransom Where" - LOL

 

[John Connor]

Okay... If you're looking to combat ransomware then look into a sanboxing program. Like Sandboxie for your browser, VooDoo Shield or the expensive Anti Executable. There are many other sandboxing programs. Go here and look around. http://www.wilderssecurity.com/widget-pages/secprods/

 

[PliotronX]

Ransom WEAR?

I am glad I'm not the only one!

As for ransomware, it all spreads like any other malware, the main vehicles being loaded ads (particularly Adobe Flash based) and phony e-mails with convincing content and attachments or hotlinks to aforementioned malicious websites. Good habits when dealing with e-mails and uninstalling Adobe Flash will boost your personal protection from RW more than any real-time antivirus. The emphasis should be on cold backups or backups that the RW cannot modify. This means not relying on shadow copies or "previous versions" as it's commonly known. Backups are paramount, they offer a peace of mind that no other security measure can give you.

 

[Z15CAM]

This is serious Crap. So what you got a recent backup image dismounted.

Not many people do that or understand the consequences..

 

[Ketchup]

The emphasis should be on cold backups or backups that the RW cannot modify. This means not relying on shadow copies or "previous versions" as it's commonly known. Backups are paramount, they offer a peace of mind that no other security measure can give you.

This is what I do at home. Regular backups to the server are weekly. The server is backed up to drives stored in a separate location a few times a year, so at the very least they are not sustainable to such a threat, and data of the most value (at least to us) is secure.

 

[biostud]

How does it affect files shared across services like onedrive?

I als do regular backups, have a good AV, and use the brain before clicking on links.

 

[John Connor]

Wipe it and install another OS.
You can boot another OS and get most relevant info I'm pretty sure.
IDK,my friend's daughter got it and I just wiped it and gave her a fresh OS.

I hate when people just say format. That's a cop out. Protect yourself from the first place. I have never, EVER had to reformat because I was owned in all the years I've used Windows.

 

[sweenish]

Yeah, but saying to protect yourself is even worse advice [right now] since they're already infected. You're basically telling a pregnant girl to practice safe sex.

Without knowing the severity of the ransomware, a wipe may be the only option. From there, yeah, lock it down. I haven't wiped because of malware for a long time.

 

[John Connor]

Well, if you have ransomware now, then depending on which type, there already might be a tool to reverse it. Hitman Pro also has a tool. If no tool exists then yeah, fess up to being owned and wipe away.