Your browser is obsolete!

The page may not load correctly.

Encrypt everything

Закодировать всё

Other issues in this category (24)
  • add to favourites
    Add to Bookmarks

Real life is not like the movies

Read: 29908 Comments: 2 Rating: 9

Friday, June 23, 2017

A bad hacker is trying to compromise a server in order to commit some great evil. A good hacker notices something’s wrong and attempts to stop the bad hacker. They both type frantically on their keyboards and use complex sentences full of unfamiliar words. Sure enough, the good hacker wins (the “Arrow” TV series).

#drweb

https://www.kinopoisk.ru/article/2935337

But those are hackers—what about ordinary users? Can they tell if something "strange" is going on?

  • Hello; I opened an email, and my system began to freeze so I waited a bit and then restarted it. It booted up really slowly. And when the boot process completed, everything was encrypted.
  • The infection occurred instantaneously. My operating system warned me that it needed to be restarted because of a system error. After I restarted it, my files were gradually encrypted.
  • I was watching news on a social networking site; I didn't download anything or open any links. My system really slowed down and then up popped a Wanna Decryptor banner showing a ransom demand. The banner continued popping up every five seconds. Some 40 minutes later my anti-virus caught 14 Trojans one after another.

Technical support requests

This means that after observing malicious activity, the person just continued using their computer like nothing happened. Or, if something strange appeared to be happening, they decided to solve the problem in the usual way by restarting Windows and then went back to doing what they were doing before. None of them were using Dr.Web, but nonetheless this situation is outrageous!

A ransom demand keeps popping up for 40 minutes and the user is still waiting for something... For what exactly?

In most cases, hacking goes unnoticed. But even if we allow for a second that servers can monitor suspicious activity and administrators get notified in time when situations are bad, attacks are deflected in a completely different way. In short: administrators disable or block all server network interfaces or the network ingress point (in extreme cases by disconnecting the hardware). After that they calmly analyse what it was all about.. These steps are performed in one or two seconds, and no epic battle ever happens. Therefore, if you believe that someone has gained unauthorised access to your computer, first disconnect it from the network (the Internet), and then take your time to determine what actually happened (install an anti-virus, reinstall Windows, etc.).

Myths about cyber attacks and hackers in movies

https://www.kinopoisk.ru/article/2935337

No more needs to be said.

#security #hacker #hacking #myth #encryption_ransomware

The Anti-virus Times recommends

Unlike WannaCry, some encryption ransomware programs don’t wait until after encryption is complete to display a ransom demand. Even if you see a message on your screen (and you’ve already notified tech support about the incident), it is quite possible that the Trojan is still encrypting your files.

That's why if you see a message from encryption ransomware:

  • Pull the plug on your computer immediately! Don’t give the malware time to respond and remove traces of its activity while the system is performing shutdown routines. Initiating a system shutdown can signal to the Trojan that it needs to cover its tracks or finish destroying data. Using a machine that’s probably infected or compromised is both brave and foolish…
  • If your computer is acting strangely, launching Dr.Web scanner should be your first order of business!
  • If your files got encrypted, don't dig around in the system or start carrying out any curing: that could result in files being deleted that are essential to recovering your data.
  • Keep Dr.Web LiveDisk on hand or be sure that you know how to download it. Power off your computer, download Dr.Web LiveDisk, and start the scanner.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments

Comments to other issues | My comments