Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Locked thread
pram
Jun 10, 2001


Thanks Ants posted:

What an unfortunate URL

lol

Adbot
ADBOT LOVES YOU

Double Punctuation
Dec 30, 2009

Ships were made for sinking;
Whiskey made for drinking;
If we were made of cellophane
We'd all get stinking drunk much faster!


Thanks Ants posted:

What an unfortunate URL

It is kind of accurate about IT, either way you read it.

Don Lapre
Mar 28, 2001

If you're having problems you're either holding the phone wrong or you have tiny girl hands.


After a few weeks id say this new set of variants is about an infinite times more common now than cryptolocker was in 2013. Everyone is loving getting it.

Kazinsal
Dec 13, 2011




Any idea what the most common attack vectors are? Sketchy porn and torrent sites?

Don Lapre
Mar 28, 2001

If you're having problems you're either holding the phone wrong or you have tiny girl hands.


If this is where its coming from i dont know, but the most common malware vector ive seen lately is the "lets search google for itunes, clicks first adwords link for itunes and installs whatever the gently caress is linked"

Thanks Ants
May 21, 2004

#essereFerrari




That but also with Adobe Reader, Chrome etc.

Varkk
Apr 17, 2004



Thanks Ants posted:

That but also with Adobe Reader, Chrome etc.

Given the way things are going I am sure it is only a matter of time before it gets bundled with a Java or Flash update from an official channel.

Kazinsal
Dec 13, 2011




Varkk posted:

Given the way things are going I am sure it is only a matter of time before it gets bundled with a Java or Flash update from an official channel.

It's okay, Chrome won't be supporting Java (or any other NPAPI plugins) anymore soon, and in fact has dropped support on Linux already, and who the gently caress uses Flash anymore for anything other than ads?

Tapedump
Aug 31, 2007


College Slice

Face-loving-book games. poo poo loads of (lovely) video content.

Kazinsal
Dec 13, 2011




For all four people who haven't updated to something that can do HTML5, sure.

snackcakes
May 7, 2005

A joint venture of Matsumura Fishworks and Tamaribuchi Heavy Manufacturing Concern



A client of ours got hit by Cryptowall the other day. Good thing they had Shadowprotect! Oh...hey...why does it say the last successful backup was August 2013? That wasn't a fun conversation but they took it a lot better than I expected.

We use ShadowProtect as our main backup solution, by the way. It works pretty well. In the above case the client chose to ignore the e-mail alerts which warned them of failed backups. We weren't paid to manage them.

Don Lapre
Mar 28, 2001

If you're having problems you're either holding the phone wrong or you have tiny girl hands.


snackcakes posted:

A client of ours got hit by Cryptowall the other day. Good thing they had Shadowprotect! Oh...hey...why does it say the last successful backup was August 2013? That wasn't a fun conversation but they took it a lot better than I expected.

We use ShadowProtect as our main backup solution, by the way. It works pretty well. In the above case the client chose to ignore the e-mail alerts which warned them of failed backups. We weren't paid to manage them.

Yea, our mirrored array says degraded or something every time we restart but i press f1 and it works fine.

Tapedump
Aug 31, 2007


College Slice

Kazinsal posted:

For all four people who haven't updated to something that can do HTML5, sure.
Okay, but did you mean to dismiss my first statement? Cause HTML5 don't cover a large, if not vast, majority of Facebook games.

And that's the answer to your question, "Who the gently caress still uses Flash ... ?" Millions upon millions of people.

Kazinsal
Dec 13, 2011




Tapedump posted:

Okay, but did you mean to dismiss my first statement? Cause HTML5 don't cover a large, if not vast, majority of Facebook games.

And that's the answer to your question, "Who the gently caress still uses Flash ... ?" Millions upon millions of people.

Facebook is recommending Flash to not be used for game development anymore in favour of HTML5. Flash isn't going anywhere yet, because Chrome for example has PepperFlash (using PPAPI, which is much more secure than NPAPI) and I think Firefox still uses Adobe's Flash Player. But I wouldn't mind seeing it go entirely.

Nintendo Kid
Aug 4, 2011

by Smythe


Kazinsal posted:

Facebook is recommending Flash to not be used for game development anymore in favour of HTML5.

That's effectively meaningless.

Yip Yips
Sep 25, 2007
yip-yip-yip-yip-yip

Flash has been "dead" for going on 5+ years now.

Whirlwind Jones
Apr 13, 2013

by Lowtax


Yip Yips posted:

Flash has been "dead" for going on 5+ years now.
It's dead in the sense that I don't have to use it for anything that I actually care about so effectively it is dead to me.

Yolomon Wayne
Jun 10, 2014

You call it "The Big Bang", but what really happened is


Grimey Drawer

Thanks Ants posted:

Not running as local admin, and not allowing applications to execute from inside the user profile I thought covered most bases? If you're supporting customers who want local admin for everyone and no restrictions then I guess you're hosed.

Just to chip in again, our users are no admins and cant even cha<nge their desktop background color, but this thing manages to gently caress up their harddisks.
Just got another notebook with another variant, this time 2048bit encryption.
Lol.

skooma512
Feb 8, 2012

You couldn't grok my race car, but you dug the roadside blur.


Yolomon Wayne posted:

Just to chip in again, our users are no admins and cant even cha<nge their desktop background color, but this thing manages to gently caress up their harddisks.
Just got another notebook with another variant, this time 2048bit encryption.
Lol.

This is why Linux guys love to talk mad poo poo about Windows. I love what it lets me do, I don't have anything else, but it's so trusting and you can hosed up so bad even without admin rights. It's too late to redo it because of all the legacy stuff.

Cryptowall doesn't seem to be on Mac, and it's likely not as easy to get even if it was.

Yolomon Wayne
Jun 10, 2014

You call it "The Big Bang", but what really happened is


Grimey Drawer

skooma512 posted:

This is why Linux guys love to talk mad poo poo about Windows. I love what it lets me do, I don't have anything else, but it's so trusting and you can hosed up so bad even without admin rights. It's too late to redo it because of all the legacy stuff.

Cryptowall doesn't seem to be on Mac, and it's likely not as easy to get even if it was.

I hear this a lot, and my usual reply is that if i had to chose wchich platform to design a virus for, id naturally chose the one with the most potential victims.
Im sure you could get some poo poo like this going on macs or even linux, but why bother with the handful of those if theres billions of windows out there to target?

psydude
Mar 31, 2008

Perry'd.


Weren't there several versions of cryptolocker that targeted Macs, as well?

chocolateTHUNDER
Jul 19, 2008

GIVE ME ALL YOUR FREE AGENTS

ALL OF THEM


psydude posted:

Weren't there several versions of cryptolocker that targeted Macs, as well?

Yes, one came into my job a few weeks ago.

sarehu
Apr 20, 2007

(call/cc call/cc)

skooma512 posted:

This is why Linux guys love to talk mad poo poo about Windows. I love what it lets me do, I don't have anything else, but it's so trusting and you can hosed up so bad even without admin rights. It's too late to redo it because of all the legacy stuff.

All the user's files are user-accessible in Linux too.

Orcs and Ostriches
Aug 26, 2010




The Great Twist

Yeah, there's no reason crypto* would need or even want to gently caress up all of the c drive. How is it going to run and extort money if it fucks system files up?

All they need are basic user rights to get at the files worth encrypting.

HalloKitty
Sep 30, 2005

Adjust the bass and let the Alpine blast


skooma512 posted:

This is why Linux guys love to talk mad poo poo about Windows. I love what it lets me do, I don't have anything else, but it's so trusting and you can hosed up so bad even without admin rights. It's too late to redo it because of all the legacy stuff.

Cryptowall doesn't seem to be on Mac, and it's likely not as easy to get even if it was.

I know it's XKCD, but



Don't really see how Linux changes anything in Cryptolocker's case.
NT6 does have low privileges by default and raises them (almost always only) due to a user saying so, but even that annoys some. Maybe there's a better way, but it doesn't seem they're worlds apart.

HalloKitty fucked around with this message at 11:02 on Dec 5, 2014

Double Punctuation
Dec 30, 2009

Ships were made for sinking;
Whiskey made for drinking;
If we were made of cellophane
We'd all get stinking drunk much faster!


OS X has the Applications directory and various other important directories made writable by all administrators by default, no confirmation dialog or sudo required.

Not Wolverine
Jul 1, 2007

by Fluffdaddy


HalloKitty posted:

Don't really see how Linux changes anything in Cryptolocker's case.

Most Linux software I install comes from the package manager from a distro managed archive whereas most windows software comes from a website. But if was downloading a cryptolocker bin for linux from a sketchy website it would still fail to run due to dependency hell. :rimshot:

Adbot
ADBOT LOVES YOU

pixaal
Jan 8, 2004

All ice cream is now for all beings, no matter how many legs.

Yolomon Wayne posted:

I hear this a lot, and my usual reply is that if i had to chose wchich platform to design a virus for, id naturally chose the one with the most potential victims.
Im sure you could get some poo poo like this going on macs or even linux, but why bother with the handful of those if theres billions of windows out there to target?

Have we forgotten shell shock already? Most viruses that horribly mess up the system use an exploit to get admin. They might hook into another program but if Linux was the main OS users would have unupdated versions of things running too. Its pretty hard to hit a server because you don't have flash or java usually without a drat good reason.

Give someone enough motivation and they will crack anything. People crack videogame consoles cellphones and other odd operating systems all the time to run at higher user levels.

  • Locked thread