June 20, 2017 at 10:36 pm #1400
Tired of hearing about it. Here is the solution.
I will outline how to defeat ransomware. Never pay. It’s easy to defeat ransomware. Don’t support terrorism by funding terrorists. Reinstall the system. Start with the cmos/bios flashing (to ensure no root adaptations in the future), reinstall the OS, restore data/system from backup (always make routine backups). I am giving this away for free due to the widespread nature of this malware. But I accept all donations. Please feel free to redistribute this solution. And pass this along to the script kiddies that created this style of malware. Back to the drawing board amateurs. And more than welcome to try and hack me, but beware, I know electronics. And my skills involve 1 and 0. 8)
June 20, 2017 at 10:52 pm #1401
Cya on the darkweb.
June 21, 2017 at 12:54 pm #1402
Nice thoughts, albeit quite trivial.
Backups alone are what make/break the effectiveness of ransomware IMO. It appears common sense to us (the more ‘adept’ users) on ‘defeating’ such malware but most infections are really caused by that one asshat who opens up a dodgy email attachment and compromises their corporate network. Providing effective backup measures are in place, it seems almost trivial to pull the server down and apply a remedy. The only thing keeping ransomware in the game (I’d say) is good SE, and a lacking knowledge of IT systems – just leave that shit for the tech geeks, right?
As for ransomware being a ‘thing of the past’ – sure that makes sense, but how many industries/corporations are consistent in backing up their data? If the answer was ‘most’, then one wouldn’t be reading the news and seeing that big companies are still paying criminals to decrypt sensitive information seized by malware, right? Consider threat intel reports from last year, too: Ransomware attacks in emails spiked last year (relative to 2015) as well as the price to decrypt files. Why is that? Because so many people keep fucking paying them!
Ransomware is still popular and, until the ignorance of humanity is removed (which won’t be, to be honest ;P), it will still remain a threat. Skiddies or not, they still manage to make a fucking killing from it.
June 22, 2017 at 11:13 am #1413
Interesting, but I don’t see Erebus or any of its variants hijacking bitlocker but fair enough. Also consider ransomware in which their exists a custom encryption system designed by the author which is generated in RAM and wiped from the PC afterwards – in order to combat hardware reverse engineering.
I have a degree in EE Engineering to feel free to share the knowledge, ^^
Logic probe? That’d be awfully tedious :P.You’d probably be better using an analyser instead, since you can make it decompile and correlate it with the original code, but of course – if I had that money I’d may as well pay the bastards right?
June 22, 2017 at 6:16 pm #1416
I wasn’t mentioning the logic analyzer on purpose. I first studied EE way back in the early 90s. And have adapted to IT/cybersecurity as needed. I constantly diversify my skillsets to maintain marketability. There is an emerging market in hardware security, below the hardware protection layer. As you know, any ET/EE has always known of the vulnerabilities. We just usually don’t talk about them. But since I’ve been seeing specific new courses in “hardware hacking” I think it’s time we addressed this issue. Not publicly though.
Nice to see a colleague in the industry with similar skillsets. Most of these would be hackers are just script kiddies, and amateurs that need c, c++, perl, etc. to speak on our level. Only a handful of us know how to directly communicate with the hardware without anyone seeing us. I am a grey hat, but I don’t use black hat knowledge unless it’s in defense (counter intrusion). Cyberpunk ruined me. LoL.
I need to delete some of that post above. I went a little too in depth in my explanations. If any admin could please delete post #1404, and #1409 I’d greatly appreciate it. There is no edit feature for older posts, nor delete feature (a flaw in this forums design imho).
June 24, 2017 at 5:48 am #1428
You’re welcome ;P
You must be logged in to reply to this topic.