OFFROADSUBARUS.COM

Go Back   OFFROADSUBARUS.COM > General Forums > General Forum

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 13th November 2014, 08:14 PM
Kevin's Avatar
Kevin Kevin is offline
Administrator
 
Join Date: Jul 2008
Location: Sydney, Oz
Year: MY'03
Model: Forester
Transmission: A/T
Posts: 4,371
Kevin is on a distinguished road
Default Beware of cryptolocker emails!

Beware of cryptolocker emails!
http://www.smh.com.au/it-pro/securit...30-11egcy.html

Cryptolocker Email Campaign

12th
Nov
2014
Symantec has observed a new variant of the “Cryptolocker” email campaign appearing to
originate from the “NSW Office of State Revenue”. This new campaign was seen on 12th
November at approximately midnight and is similar to a campaign initially observed on 30th
October.
The subject line of the email this time reads “Traffic Offence ID: <series of random numbers> -
carries 3 demerit points”.
The email is well crafted - delete it immediately!
__________________
MY'03 Foz AT XS with centre lock-up
MY'10 Triton AT GLX-R 2.5 DiD
www.subaruclub.com.au
Reply With Quote
  #2  
Old 13th November 2014, 08:32 PM
NachaLuva's Avatar
NachaLuva NachaLuva is offline
Senior Member / Product Developer
Contributing Member
 
Join Date: Oct 2011
Location: SE Melbourne
Posts: 5,489
NachaLuva is on a distinguished road
Default

Thanks for the heads up
__________________
SUBIELIFTOZ, QUALITY LIFT KITS FOR SUBARUS
1" & 2" lift kits; custom lift kits; all models
Reply With Quote
  #3  
Old 13th November 2014, 09:05 PM
SuperRu's Avatar
SuperRu SuperRu is offline
Admin
 
Join Date: Jul 2008
Location: Little Five Points (Atlanta, GA) USA
Year: 2004
Model: Forester XT
Transmission: 4EAT
Posts: 374
SuperRu is on a distinguished road
Default

Cryptolocker is nasty stuff made me change my backup procedure. I now have an almost current backup off the LAN at all times. I rotate them between two Synology NAS boxes.
__________________
Richard
04 XT.... 98S
Reply With Quote
  #4  
Old 4th December 2014, 06:44 PM
DavAmb DavAmb is offline
Member
 
Join Date: Jun 2014
Location: Corinella
Year: 2008
Model: Forester
Transmission: Manual 5 speed
Posts: 33
DavAmb is on a distinguished road
Default

We've just received an alert for an email that claims to be "Annual Form - Authorization to Use Privately Owned Vehicle on State Business". Keep an eye out for this nasty!
Reply With Quote
  #5  
Old 29th March 2015, 10:04 PM
Ratbag's Avatar
Ratbag Ratbag is offline
Administrator
 
Join Date: Jan 2012
Location: Bayside, Melbourne, Vic
Year: MY06, MY10
Model: Forester SG & SH
Transmission: 5MT/DR & 4EAT Sports
Posts: 6,205
Ratbag is on a distinguished road
Default Crypto ransomware attacks

There is a utility program that alters the Windows Local Security Policy settings that effectively blocks any/all executable files from running from all the usual locations (email folders, etc).

For a review on this program, see BleepingComputer.com here:

http://www.bleepingcomputer.com/viru...re-information

The utility program is available from Foolish IT here:

http://www.foolish it.com/download/c...ent-installer/ (copy and paste the URL, then remove the space between "foolish" and "it", the language filter here destroys the URL otherwise ... ).

One of my (ex-)clients got this nasty pox on one of their computers last Friday. That computer has had all document data completely destroyed on it (.txt, .doc, .xls, .pdf, .jpg, .zip, etc), by being encrypted using 2048 bit encryption.
Fortunately, their main Outlook .PST file appears to be undamaged.

One of the staff opened a .ZIP file attached to an email ...

Of course, ethics forbids the paying of any kind of ransom ...

The only thing that saved the rest of the computers was the (deliberate, on my part) lack of explicit drive mappings!

Always use UNC path names for mapping devices, folks (e.g. \\computername\drive_letter\path_name).
NOT explicit drive mappings (e.g. "Z:").

DO NOT leave backup HDDs plugged in and turned on!!

Last edited by Ratbag; 29th March 2015 at 10:06 PM. Reason: language filter - RB
Reply With Quote
  #6  
Old 29th March 2015, 10:15 PM
SuperRu's Avatar
SuperRu SuperRu is offline
Admin
 
Join Date: Jul 2008
Location: Little Five Points (Atlanta, GA) USA
Year: 2004
Model: Forester XT
Transmission: 4EAT
Posts: 374
SuperRu is on a distinguished road
Default

Quote:
Originally Posted by Ratbag View Post
...
DO NOT leave backup HDDs plugged in and turned on!!
Good advice. I have a Synology box that only powers up for a couple of hours every M-W-F evening and does a back up. I'm thinking about adding a DS115 that is dormant except for a quick Sunday evening backup.
__________________
Richard
04 XT.... 98S
Reply With Quote
  #7  
Old 30th March 2015, 01:43 AM
Ratbag's Avatar
Ratbag Ratbag is offline
Administrator
 
Join Date: Jan 2012
Location: Bayside, Melbourne, Vic
Year: MY06, MY10
Model: Forester SG & SH
Transmission: 5MT/DR & 4EAT Sports
Posts: 6,205
Ratbag is on a distinguished road
Default

Perhaps also worth setting an automatic AV update and full scan to occur just prior to the auto backup ... .
Reply With Quote
  #8  
Old 22nd July 2015, 06:03 PM
Kevin's Avatar
Kevin Kevin is offline
Administrator
 
Join Date: Jul 2008
Location: Sydney, Oz
Year: MY'03
Model: Forester
Transmission: A/T
Posts: 4,371
Kevin is on a distinguished road
Default

I believe these are surfacing again disguised as emails from Australia Post
__________________
MY'03 Foz AT XS with centre lock-up
MY'10 Triton AT GLX-R 2.5 DiD
www.subaruclub.com.au
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -3. The time now is 11:33 AM.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.