 
wifi4milez
Big Russ, 1918 to 2008. Rest in Peace
join:2004-08-07
New York, NY | Wow, that is sneaky! I dont think I have seen anything like this before, and I have to admit that it is a creative tactic!
--
I like dogs, guns, and cheeseburgers. Whats your malfunction? | |
|
 | MrBentor
join:2003-02-18
Seattle, WA
edit:
May 24th, @10:54AM
| Should be a capital crime. That is why we need to put those people who write those sorts or malicious programs put to sleep, if you know what I mean. And/Or solitary confinement until the release all the codes necessary decrypt the all files they encrypted, even if that means the rest of their life. | |
|
| | MrBentor
join:2003-02-18
Seattle, WA | Re: Should be a capital crime. It's time to send cousin Guido. | |
|
| | | youngo
join:2001-07-03 | Re: Should be a capital crime. i wonder if dmca protects ransomware. try decrypt your own ransom encrypted files and get sued?! | |
|
| | | | DVOOR8
join:2001-12-24
USA
 ·Optimum Online
| Re: Should be a capital crime. said by youngo  :i wonder if dmca protects ransomware. try decrypt your own ransom encrypted files and get sued?! Dont laugh, they will pay off some more politicians and have that law drafted by lunchtime, along with a 99 year prison term if you try and clan the trojan off your PC. | |
|
| | |
| | | 
verolom
join:2002-03-23
Eatontown, NJ
·Comcast
| Re: Should be a capital crime. Hey, Bulgarians have to eat too, you know  Besides the US still has a lot of weight in countries breaking its laws. Bulgaria, for example, and most of its people have aspirations to join the civilised world and given the opportunity, would even police themselves to make that happen.
This creative, although evil and malicious attack once again justifies having around a few reliable backup copies of your data. | |
|
| | | | 
Snickerdo
Premium
join:2001-02-28
Niagara Falls, ON
·Cogeco Cable
| Re: Should be a capital crime. said by verolom :Besides the US still has a lot of weight in countries breaking its laws. Bulgaria, for example, and most of its people have aspirations to join the civilised world and given the opportunity, would even police themselves to make that happen. Wow, that is one of the most arrogant comments I've ever read. Guess what? Team America is NOT the World Police.
--
Bigot - Someone that has won an argument with a Liberal.
Yes, I CanChat. Can You? www.fiberal.ca | |
|
| | | | |
verolom
join:2002-03-23
Eatontown, NJ
·Comcast
| Re: Should be a capital crime. Uhm, I don't believe I said that. I simply stated that the US has an influence over the affairs of other countries (by force or more often not) when defending its interests (laws).
Besides, maybe you should read more comments if you found this one arrogant | |
|
| | Aleck79
join:2003-07-23
College Station, TX
·Grande Communicati..
| nahh, just put them behind bars and spread rumors that the prisoner is a child molester. Even prisoners have some moral standards, he wouldn't last a day, literally.
And that way, hey, the government didn't do it | |
|
| Kearnstd
Elf Wizard
join:2002-01-22
Mullica Hill, NJ
| Re: Wow, that is sneaky! because once hey find out who it is the government could use the CIA to extract the needed info and then make the said hacker be hard to find for anyone but a fish. yes i support blackops against people who write this kinda stuff to the point of whacking them.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports | |
|
| | 
Timmah12a
@sympatico.ca | Re: Wow, that is sneaky! CIA: Terrorists be damned! we've got virus writers to go after!
Kearnstd: YAY! oh no! i'm exploding from being terrorized by a terrorist!! help!
CIA: uh oh spaghettio! too bad we're in bulgaria arresting the virus writer! | |
|
| KUppiano
Karl Uppiano
join:2003-02-02
Ferndale, WA
| said by wifi4milez :I dont think I have seen anything like this before, and I have to admit that it is a creative tactic! Do you think they can collect their $200.00 from people all over the globe and remain anonymous for very long? | |
|
nivago
Think For Yourself
join:2000-11-16
Little Rock, AR | USB drive Would it be safer to store personal files on a removable drive? Or is it also vulnerable to infection when you plug it in? | |
|
| |
| | |
| | | wilburyan
join:2002-08-01 | Re: USB drive Not if it's a Westurn Union Money order... a con artist's best friend  | |
|
| | | | 
Jason Levine
Premium
join:2001-07-13
Albany, NY | Re: USB drive Nope, it's an e-Gold account. I'm guessing the Feds have either already had the account frozen or are keeping it running at the moment just to track who's logging into it. | |
|
| | |
Jason Levine
Premium
join:2001-07-13
Albany, NY
edit:
May 24th, @11:28AM
| Exactly. If anything, this is a dumb criminal scheme.
First of all, they have an e-mail address (removed for purposes of the screenshot, but I'm sure it's fully visible in the "live" version). This is apparently a box that's being checked by the extortionists in some way, shape, or form. (Otherwise, how would they arrange for those $200 payments?) There's got to be a way to track who's accessed that account and from where.
In addition, it relies on redirecting users to a website to download the trojan. Find out who set up that website and you've found your scammer (or at least one of them).
Failing that, the authorities could e-mail the address pretending to be a user whose data files were locked out. (For additional authenticity, they could intentionally infect a sacrificial box that didn't have anything important on it.) Once contact is made, payment arrangements can be set up and the criminals tracked down.
This guy (group?) has left many ways to track them down. I wouldn't be surprised to hear of an arrest in this case in the not too distant future. (Law enforcement can take it's time in order to get things right sometimes, so that might slow down the actual arrest announcement somewhat.)
EDIT: The Websense article reveals that the payment method is an e-Gold account. This should be very easy to trace. In addition, the whole thing should be easy to take offline. Take down the website hosting the trojan and shut down the e-Gold account. (Sure, the scammers will release another version that connects to a different website and e-Gold account, but it'll take them offline for awhile.)
--
-Jason Levine
http://www.jasons-toolbox.com/
http://www.PCQandA.com/
http://www.urateit.com/ | |
|
| | | | 
Jerm
join:2000-04-10
Richland, WA
| Just FWIW... The websites aren't hosted on actual servers like you and I are used to: The website that downloads the trojans to the PC are actually hosted on infected zombie machines - ie cable modem, DSL, and other various broadband connection hacked machines.
Want to read more about zombie attacks? Great read here:
»grc.com/dos/grcdos.htm | |
|
| Ender_W
Does Microsoft Mean Small And Squishy?
join:2002-09-14
Saint Louis, MO | They will be at the same risk if plugged in. | |
|
|
Network Guy
join:2000-08-25
New York | Hmm Does the trojan have a deadline for ransom? And if so, does it go kamikaze on the file if you don't pay?
lol  | |
|
rob_in_chatt
Premium
join:2004-09-17
Chattanooga, TN | money damn now that is funny. i am not condoning it by any means but that is just too damn funny. | |
|
Jack Flash
join:2005-04-28
Saint Michael, MN | More Crapware Where did I leave my anti-ransom-ware?
I'm running out of disk space to store all the crapware killers I need to just to surf. | |
|
| DirtyMic
join:2003-11-19
Pompano Beach, FL | Re: More Crapware $200 to get my pron back? It just might be worth it. | |
|
|
| 
qdemn7
Smurf in My Loop
Premium
join:2003-09-16
Fort Worth, TX
| Re: Just have to... Jeezuz, going to Mac, for everything except for gaming, looks better and better every day. 
Damned scum. A bullet in the head sounds about right for these ........  | |
|
| | |
Derch
Premium
join:2004-10-16
Tulsa, OK | Forget it. I would just erase the partition and start from new rather than paying those asshats off. | |
|
| 
IronChefMoto
Premium
join:2001-02-08
Alpharetta, GA
| Re: Forget it. said by Derch :I would just erase the partition and start from new rather than paying those asshats off. Even better -- don't visit the website in the first place.
IronChefMorimoto
--
Shuttle SN85G4V3 (Gaming/Development): AMD Athlon64 3400+ | ATI 9800 Pro 256MB
Dell Latitude C810 (Work/E-Mail): Intel PIII-M | Onboard Video
Shuttle SK41G (Wife): Athlon XP 1800+ | Onboard Video | |
|
ninersfan
join:2001-02-09
Hayward, CA |  Update your machines
| |
|
|
| alfnoid
Premium,MVM
join:2002-02-18
·Comcast
| Re: He used a Yahoo e-mail account said by Jason Levine :Apparently, the would-be extortionist is using a yahoo.com web mail account. (Actual address found in a Slashdot comment.) Now a bunch of people are just going to flood this person with junk emails with the subject line he wants to see.
HAHAHA
peace | |
|
| | 
azinator
CS is the DEVIL
Premium
join:2000-08-12
Alma, AR | Re: He used a Yahoo e-mail account sign the person up for tons of pr0n advertising  | |
|
| alfnoid
Premium,MVM
join:2002-02-18 | Heh, yeah, but I'm sure they have filters deleting anything not including the subject line he wants to see.
At least I would, but then again using a yahoo account doesn't make him the smartest animal around...so who knows.
peace | |
|
shrtckt1
Fried Rice
Premium
join:2005-05-18
Athens, GA
edit:
May 24th, @12:55PM
| Marketing?? It makes you wonder if someone is just trying to sell software.... | |
|
| |
bokamba
Chengdu Rocks
Premium
join:2002-04-05
Falls Church, VA | Another workaround Or if you ever bothered to make a backup of your files, the loss would be minimal. Whenever I remind friends and family to make backups, the response is "oh yeah... I should do that sometime." | |
|
|
IronChefMoto
Premium
join:2001-02-08
Alpharetta, GA
| Re: Another workaround said by bokamba :Or if you ever bothered to make a backup of your files, the loss would be minimal. Whenever I remind friends and family to make backups, the response is "oh yeah... I should do that sometime." And you're surprised by this why? Most geeks/computer savvy types are lucky if they can get their parents to buy a computer let alone turn one on and sit in front of it in a productive manner.
Reminding the types of users at which these scams are targeted to do things like backups is pointless.
IronChefMorimoto
--
Shuttle SN85G4V3 (Gaming/Development): AMD Athlon64 3400+ | ATI 9800 Pro 256MB
Dell Latitude C810 (Work/E-Mail): Intel PIII-M | Onboard Video
Shuttle SK41G (Wife): Athlon XP 1800+ | Onboard Video | |
|
|
he he ack
@comcast.net | Did you know it's hilarious what you Windows users go through on a daily basis? Might want to consider not using a kid's computer anymore and switch to an adult's platform. | |
|
| 
Mega DETH
It's All About The Ping
join:2003-08-20
Watertown, WI | Re: Did you know If switching to an "Adult platform" would make me act/post like you (i.e. an a$$).......
no thanks
--
"Action does not equal Achievement" | |
|
| 
wxboss
This is like Deja vu all over again.
Premium
join:2005-01-30
Jacksonville, FL
clubs:
edit:
May 24th, @02:57PM
| The knowledgeable Windows users don't go through this stuff because we know our machines and how to properly take care of/ secure them. Which is more than I can say for users of your type of plug-n-play OS. | |
|
Ctrl Alt Del
Premium
join:2002-02-18
| GoBack to the rescue I love this program. | |
|
|
loganster
join:2002-12-21
Buchanan, TN
| If using Yahoo Mail... If they are using Yahoo Mail and they are in hopes of catching the person I'm sure if they are smart enough to write a bug like this that they are smart enough to remember to use a proxy when checking the mail. | |
|
| 
PC Dreams
Premium
join:2000-10-02
Springfield, MO
clubs:
edit:
May 24th, @06:48PM
| Re: If using Yahoo Mail... Wow What a neat idea. Good thing everyone is using their brain and doing BACKUPS!!
Oh wait, that would be to much work!?  | |
|
| |
BeenDone
@rr.com
| Re: If using Yahoo Mail... This is nothing so new the spyware companies have been doing this all along. First you get there crapware and then they charge you for a removal tool. Without, it will be a pain in the ass for most users to take off. Even for power users having to restart several times to do scans and edit registry keys in safe mode is a pain in the ass. | |
|
ssj4android
Redefining Reality
join:2002-04-14
Wyoming, MI | Sent an email to the previously mentioned address Using a spamguard address of course. Wonder if they'll reply. Have they been caught yet? | |
|
fred-online
@dock.net
| Your Data, Held Hostage 1) Bad computer user training leads to bad stuff happening.
2) Bad employee computer use policies leads to bad stuff happening.
3) As a sysadmin, I've seen even apparently the most well trained programmers get hacked, and that resulted in corporate infection.
4) Nothing's free, don't click on anything you aren't absolutely sure is safe.
5) Don't submit to your baser sexual and gambling vices on employeer's computers. SysAdmins know and can prove who you are, even if the company owner is clueless about computer security. We gotta protect our own jobs ...
6) Our employeers often don't give SysAdmins adequate resources to do the job right, but sysadmins have ways of getting adequate free stuff that keep sysadmins employeed when users get fired for screwing up the works. | |
|
|
|
|
Your Data, Held Hostage
·
·
·
So..
