Jump to content
kelal

Ramsomware Warning TeslaCrypt 3.0

Recommended Posts

My computer recently became infected with a devastating malware program called TeslaCrypt3.0. This, and others like them are truly dreadful as they encrypt all your files, making them unreadable, and then demand a ransom, usually about $300. Thousands of photographs and documents can be lost as there is currently no way to unencrypt them and even if you paid the ransom (definitely not recommended), there is no guarantee that a key would be provided.

I have been fortunate because I had backed up thousands of photographs and other files on a separate external disk, and it had not been attached to the PC at the time of the attack. I have lost a few files that were on the pc but I was lucky. I have now reformatted my pc HDs reinstalled Windows and other programs on clean disks.

This type of malware is becoming more and more common and can get past virus checkers. The only way to defeat it is to back up everything regularly on a separate, external disk. Never keep the backup disk attached to the PC except when doing the backup.

There is a lot of information about TeslaCrypt 3.0 on the web.

Take care

Patrick

  • Upvote 3

Share this post


Link to post
Share on other sites

I blame the farmers giving modified food to the cows.

 

:)

  • Upvote 1
  • Downvote 1

Share this post


Link to post
Share on other sites

My computer recently became infected with a devastating malware program called TeslaCrypt3.0. This, and others like them are truly dreadful as they encrypt all your files, making them unreadable, and then demand a ransom, usually about $300. Thousands of photographs and documents can be lost as there is currently no way to unencrypt them and even if you paid the ransom (definitely not recommended), there is no guarantee that a key would be provided.

I have been fortunate because I had backed up thousands of photographs and other files on a separate external disk, and it had not been attached to the PC at the time of the attack. I have lost a few files that were on the pc but I was lucky. I have now reformatted my pc HDs reinstalled Windows and other programs on clean disks.

This type of malware is becoming more and more common and can get past virus checkers. The only way to defeat it is to back up everything regularly on a separate, external disk. Never keep the backup disk attached to the PC except when doing the backup.

There is a lot of information about TeslaCrypt 3.0 on the web.

Take care

Patrick

But serious now. Thanks for the info. You never know these days what is happening in the net.

 

Mirco

Share this post


Link to post
Share on other sites

My computer recently became infected with a devastating malware program called TeslaCrypt3.0. This, and others like them are truly dreadful as they encrypt all your files, making them unreadable, and then demand a ransom, usually about $300. Thousands of photographs and documents can be lost as there is currently no way to unencrypt them and even if you paid the ransom (definitely not recommended), there is no guarantee that a key would be provided.

I have been fortunate because I had backed up thousands of photographs and other files on a separate external disk, and it had not been attached to the PC at the time of the attack. I have lost a few files that were on the pc but I was lucky. I have now reformatted my pc HDs reinstalled Windows and other programs on clean disks.

This type of malware is becoming more and more common and can get past virus checkers. The only way to defeat it is to back up everything regularly on a separate, external disk. Never keep the backup disk attached to the PC except when doing the backup.

There is a lot of information about TeslaCrypt 3.0 on the web.

Take care

Patrick

 

How did the attack happen in your case?

 

wim

Share this post


Link to post
Share on other sites

Not too sure - I am usually very careful, but I suspect it may have been a fake Update Flash Player or Java  popup.

Share this post


Link to post
Share on other sites

Wikipedia says "This malware infects computers via the Angler Adobe Flash exploit." whatever that is.

 

Out of interest - which version of Windows and which Browser are you running?

Share this post


Link to post
Share on other sites

This is becoming all to frequent here in the states, at least in Oklahoma.  Periodically I see a piece about it on television. They have been targeting banks, law enforcement, small and large business, and who knows who/what else.  In the case of law enforcement and businesses, they have to pay the ransom to get back in business.  I guess a fortune can be made by the crooks. 10 instances at $300 is a quick $3,000.  And you know they are doing many more than that a day.

 

It is definitely becoming a world where we all need to back up everything, I mean everything, on other HDs and then disconnect.  Which is what I do anyway, before all this junk started up.  Soon as I do it, I disconnect the HDs. Immediately. That's always been my MO.

edit-typo

Edited by Betty LaRue

Share this post


Link to post
Share on other sites

This is becoming all to frequent here in the states, at least in Oklahoma.  Periodically I see a piece about it on television. They have been targeting banks, law enforcement, small and large business, and who knows who/what else.  In the case of law enforcement and businesses, they have to pay the ransom to get back in business.  I guess a fortune can be made by the crooks. 10 instances at $300 is a quick $3,000.  And you know they are doing many more than that a day.

 

It is definitely becoming a world where we all need to back up everything, I mean everything, on other HDs and then disconnect.  Which is what I do anyway, before all this junk started up.  Soon as I do it, I disconnect the HDs. Immediately. That's always been my MO.

edit-typo

 

Somewhere I've read an estimated 325 million $ for 2015.

 

wim

Share this post


Link to post
Share on other sites

I get Adobe flash player update popups on a regular basis. I generally ignore them until the nagging gets too much to take. What's the best way to figure out whether or not these update notices are legit?

 

Backing up on external hard drives and then unplugging is what I do as well. I stay away from "clouds" as well. I figure that it's just a matter of time before these viruses strike them. Perhaps they already have. 

Share this post


Link to post
Share on other sites

When you get the pop up, can't you just go to the Adobe site and get the latest update rather than clicking on the email link? I realize links are sooo much easier.....but....

  • Upvote 1

Share this post


Link to post
Share on other sites

What's the best way to figure out whether or not these update notices are legit?

 

Never click on a link in the email - go to the Adobe website through your browser and check for updates there.

 

Edit - Betty beat me to it... :)

Edited by Vincent Lowe
  • Upvote 1

Share this post


Link to post
Share on other sites

 

What's the best way to figure out whether or not these update notices are legit?

 

Never click on a link in the email - go to the Adobe website through your browser and check for updates there.

 

 

Good idea. I'll start doing that. I never click on e-mail links, just the popups, which sound to be just as risky.

  • Upvote 1

Share this post


Link to post
Share on other sites

My current idea is that I will completely detach my editing, picture storage and archive workstation from the Internet. I could use a separate PC for email, browsing and the like. The main problem is that I do value the cloud for my writing and being able to automatically sync between three computers, my small laptop (in my news camera bag), my large laptop that I use when travelling by car/motorhome (RV) and my desktop PC.

 

The alternative is to have a replica master archive PC that I connect my main PC to just for backup and synchronisation, perhaps with the Internet switched off. At the moment I do backup my pictures, catalogue and most of my writing to a separate disk which I swap weekly, but I could do with making that swap more frequent.

 

The problem is creating a workflow that will minimise the inconvenience of such a set up.

Share this post


Link to post
Share on other sites

If you use Firefox, only ever use your AddOns manager (use the menu or type "about:addons" in the browser address bar).  From there, click the link at the top ("Check to see if your plugins are up to date").  You will then be forwarded to the Mozilla site and their 'Check Your Plugins' page.  This will check your plugins for you and provide links to the correct and safe websites where you may update any outdated plugins.

Share this post


Link to post
Share on other sites

If you use Firefox, only ever use your AddOns manager (use the menu or type "about:addons" in the browser address bar).  From there, click the link at the top ("Check to see if your plugins are up to date").  You will then be forwarded to the Mozilla site and their 'Check Your Plugins' page.  This will check your plugins for you and provide links to the correct and safe websites where you may update any outdated plugins.

 

Didn't know that. Thanks.

Share this post


Link to post
Share on other sites

Are these ransomware malwares infecting just Windows PC's or are Apple OS X systems also vulnerable?

Share this post


Link to post
Share on other sites

Are these ransomware malwares infecting just Windows PC's or are Apple OS X systems also vulnerable?

These things are invariably operating system specific - i.e. Windows or Apple. EDIT: Just to be clear, everything is potentially vulnerable, Windows probably more so than OS X but it is unlikely (not impossible) that any particular malware will work on both.

 

This kind of ransom ware is almost as old as the PC. I remember working with the police (as an independent technical expert) back in the late 1980s on the "Aids Virus" as it was called (it was a lifestyle questionnaire with ransom ware included, a Trojan Horse really)... created by Dr Popp, if I recall correctly, another piece of ransom ware. Very similar - you had to pay or infect two other PCs in order to decrypt your files. Popp had run to Panama and used a Panamanian account for his ill gotten gains - bit of an oops moment when the US invaded. 

 

Just goes to show that nothing changes... other than the leadership in Panama!

Edited by TokyoM1ke

Share this post


Link to post
Share on other sites

I refuse to install Flash. Upon joining Alamy I was very disappointed.

 

Luckily the Chrome browser handles Flash on web pages without it being installed on my Mac. I only use Chrome for Alamy, and never general web browsing. So as long as Alamy doesn't start serving malware...

 

But if it does, we've got bigger problems!

Share this post


Link to post
Share on other sites

I refuse to install Flash. Upon joining Alamy I was very disappointed.

 

Luckily the Chrome browser handles Flash on web pages without it being installed on my Mac. I only use Chrome for Alamy, and never general web browsing. So as long as Alamy doesn't start serving malware...

 

But if it does, we've got bigger problems!

Not quite sure I understand your point - nobody has suggested that Alamy is or will be "serving malware".

Share this post


Link to post
Share on other sites

Didn’t say they were, but trailed off because no site is secure these days. 

 

The point was that Alamy using Flash is a disappointment. There are better options. (They also don’t use SFTP.) I was glad that Chrome does Flash without having to do a system install of it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.