I'm warning you everybody. Becareful when browsing the internet, or else you will get something like this.
The Cryptolocker is your computer's worst nightmare. This can be spread through malicious websites or even through e-mail attachments, as well as drive-by downloads, so becareful when you're opening your attachments. Its first appearance was in September 2013, when it started blazing through a few PCs. These changes applied by the Cryptolocker can be restored through payment, using MoneyPak or Bitcoin, requiring US$300 in many cases, but some variations of the Cryptolocker demands a payment of US$100.
This type of ransomware is spread through plausible and carefully encoded e-mail messages, disguising as a purport to the victim's issue being sent from FedEX, UPS, or DHS, plus with an attachment containing a PDF file which disguises as Cryptolocker, which, in fact, is named "FORM_101513.pdf.exe" (if you tick "Always display File extensions)
Some variants of the Cryptolocker can disguise as an authorization to use a private vehicle, with its subject being "Subject: Authorization to Use Privately Owned Vehicle on State Business", and with text containing "All employees must submit form 101513 (attached), needed to approve mileage reimbursement.", and the malicious Cryptolocker PDF itself.
However, the most recent variations of Cryptolocker are noted through a download of a voicemail zip file, but once you open the voicemail, it's actually the ransomware itself.
Once the Cryptolocker program is run, it will be automatically installed in Documents and Settings, and it will add a registry key so it can run at startup, of course. Next, two processes are spawned by Cryptolocker. If one tries to kill one of the processes, the other one will attempt to start it up again. This problem can be resolved by selecting "Kill Process Tree", then selecting "Yes".
The next thing that Cryptolocker has to do is to contact a command and control server. The Cryptolocker grabs the RSA private key and is kept by the server. This can be detected as a local proxy. However, retracing is difficult as it comes from other countries.
The following files with the following extensions are encrypted by the nasty ransomware:
3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odc, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pdf, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, sr2, srf, srw, tif, wb2, wpd, wps, x3f, xlk, xls, xlsb, xlsm, and xlsx.
Within the Cryptolocker registry, HKCU\Software\CryptoLocker\Files contains the files being encrypted by Cryptolocker. However, these entries are recommended, but they can be not positive if you have paid for the ransom, as Cryptolocker will scan for the files that are encrypted, and then unlock them all.
If the Cryptolocker affects networking computers, more than one, each PC will be encrypted each time and it will require an equal number of decryption passes, and in the correct order. If you fail, no decryption is performed.
However, Cryptolocker's encryption keys are not absolutely the same, which is very likely. However, on various infected computers, it will be also neccessary for the victim to pay the ransom.
I've gotten worse, if you saw my previous post, I talked about, "The FBI Virus!!!!," -->
It say's it is the FBI saying you did a fake crime, blah, blah, blah, and it wants $300 fine VIA MoneyPak in 72 hours or you will get "arrested." It took a picture of me and sent it to the virus creator, it blocks all accessibility to happen. And what is defiantly a rip-off, is that it cost half the price the virus was wanting, to remove it.
Anyways, it is a good thing I got Avast! Antivirus, because I really don't want this to happen again.
Rollback Post to RevisionRollBack
I SUPPORT COMIC SANS
I am not just a head, I have a body too you know.
You also didn't mention if it blocks Task Manager, if it doesn't you do this: #1 End the Virus Process; #2 Delete the infected file; #3 Get a better Antivirus.
Also did anybody else notice that no one is being creative with their computer viruses like before? I mean really, they used to make downloadable virus games, a melting screen virus, a puzzle game virus, and much more. NOW, they are trying to scam you for your money.........
Rollback Post to RevisionRollBack
I SUPPORT COMIC SANS
I am not just a head, I have a body too you know.
Also did anybody else notice that no one is being creative with their computer viruses like before? I mean really, they used to make downloadable virus games, a melting screen virus, a puzzle game virus, and much more. NOW, they are trying to scam you for your money.........
Guess which gets more cash for the malware writers.
Also did anybody else notice that no one is being creative with their computer viruses like before? I mean really, they used to make downloadable virus games, a melting screen virus, a puzzle game virus, and much more. NOW, they are trying to scam you for your money.........
First it was fun for hackers to break stuff, then they found out stealing stuff is infinitely more fun.
Just don't look at online porn and have common sense with your emails.
Or only go to the big porn sites because they have to keep their image up by not giving their customers viruses. After all, how else are they going to make all that money if they're giving out free viruses with every video?
I'm warning you everybody. Becareful when browsing the internet, or else you will get something like this.
The Cryptolocker is your computer's worst nightmare. This can be spread through malicious websites or even through e-mail attachments, as well as drive-by downloads, so becareful when you're opening your attachments. Its first appearance was in September 2013, when it started blazing through a few PCs. These changes applied by the Cryptolocker can be restored through payment, using MoneyPak or Bitcoin, requiring US$300 in many cases, but some variations of the Cryptolocker demands a payment of US$100.
This type of ransomware is spread through plausible and carefully encoded e-mail messages, disguising as a purport to the victim's issue being sent from FedEX, UPS, or DHS, plus with an attachment containing a PDF file which disguises as Cryptolocker, which, in fact, is named "FORM_101513.pdf.exe" (if you tick "Always display File extensions)
Some variants of the Cryptolocker can disguise as an authorization to use a private vehicle, with its subject being "Subject: Authorization to Use Privately Owned Vehicle on State Business", and with text containing "All employees must submit form 101513 (attached), needed to approve mileage reimbursement.", and the malicious Cryptolocker PDF itself.
However, the most recent variations of Cryptolocker are noted through a download of a voicemail zip file, but once you open the voicemail, it's actually the ransomware itself.
Once the Cryptolocker program is run, it will be automatically installed in Documents and Settings, and it will add a registry key so it can run at startup, of course. Next, two processes are spawned by Cryptolocker. If one tries to kill one of the processes, the other one will attempt to start it up again. This problem can be resolved by selecting "Kill Process Tree", then selecting "Yes".
The next thing that Cryptolocker has to do is to contact a command and control server. The Cryptolocker grabs the RSA private key and is kept by the server. This can be detected as a local proxy. However, retracing is difficult as it comes from other countries.
The following files with the following extensions are encrypted by the nasty ransomware:
3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odc, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pdf, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, sr2, srf, srw, tif, wb2, wpd, wps, x3f, xlk, xls, xlsb, xlsm, and xlsx.
Within the Cryptolocker registry, HKCU\Software\CryptoLocker\Files contains the files being encrypted by Cryptolocker. However, these entries are recommended, but they can be not positive if you have paid for the ransom, as Cryptolocker will scan for the files that are encrypted, and then unlock them all.
If the Cryptolocker affects networking computers, more than one, each PC will be encrypted each time and it will require an equal number of decryption passes, and in the correct order. If you fail, no decryption is performed.
However, Cryptolocker's encryption keys are not absolutely the same, which is very likely. However, on various infected computers, it will be also neccessary for the victim to pay the ransom.
Cryptolocker references:
http://en.wikipedia.org/wiki/CryptoLocker
http://www.switchfast.com/switchfast-blog/2013/10/2/virus-alert-cryptolocker-ransomware.aspx
I don't trust something that bleeds for seven days and doesn't die. That's just crazy. -WayTooManyLlamas
Linux
My house is made of steel, with paper for doors.
GODDAMN IT
STUPID GENDERFLIP VIRUS
Moneypak virus?
I am actually gonna do this. Alright, just click the damn things. Now. You must.
Well actually I'm not sure about Mac, but Linux really is quite secure. Have you ever actually used it by chance?
My house is made of steel, with paper for doors.
Program your Linux by yourself, it's unhackable, the reason that your version is different of every other ones.
It say's it is the FBI saying you did a fake crime, blah, blah, blah, and it wants $300 fine VIA MoneyPak in 72 hours or you will get "arrested." It took a picture of me and sent it to the virus creator, it blocks all accessibility to happen. And what is defiantly a rip-off, is that it cost half the price the virus was wanting, to remove it.
Anyways, it is a good thing I got Avast! Antivirus, because I really don't want this to happen again.
I am not just a head, I have a body too you know.
Also did anybody else notice that no one is being creative with their computer viruses like before? I mean really, they used to make downloadable virus games, a melting screen virus, a puzzle game virus, and much more. NOW, they are trying to scam you for your money.........
I am not just a head, I have a body too you know.
Guess which gets more cash for the malware writers.
KEKDOT Highways & Freeways in Minecraft - Stack Interchange
What happens if I don't get the key in time? xD
#BAUM4EXILE2014
:^)
HELP CAPSLOCK KEY FELL OFF IT SWITCHES ON AND OFF, HELP PLS.
Actually, some go as far as disabling safe mode. Like the FBI Moneypak, which seems to be sorta like this one.
First it was fun for hackers to break stuff, then they found out stealing stuff is infinitely more fun.
But wow man, like, that doesn't even make sense now that I think about it.
Or only go to the big porn sites because they have to keep their image up by not giving their customers viruses. After all, how else are they going to make all that money if they're giving out free viruses with every video?
'Cause they rely on donations and their nephews to do protection instead of trained companies.
i quit