This is a nightmare virus, I hope it stays far far away from my PC
Recently I got a request from a friend to fix his computer which was affected by this ransomeware, and It's over, there is nothing to do once you are infected, unless you know how to decrypt (which is rly complex at least for me). Also this makes you unable to do a system restore.
So yea the only way out is to have a backup.
Comment has been collapsed.
Considering the strength of the encryption used and the current tech we have, you might be able to crack it before the heat death of the universe.
Well until quantum computers are more advanced and mainstream anyway.
Comment has been collapsed.
shouldn't be easy to get infected unless you're a 10 years old that googles "world of warcraft download", and even that would probably direct you to the official websites
also, don't antivirus programs detect such files as infected?
Comment has been collapsed.
If you don't download free pirate games or don't click malicious links, should be okay then.
Comment has been collapsed.
If you read the article you will see it uses a flash banner exploit.
Comment has been collapsed.
Ya. That's another reason why I don't pirate or use hacks. Other than the fact that it is stupid, illegal, immoral, and can get you banned.
Comment has been collapsed.
that is why everyone should:
- not use IE
- use noscript
- disable flash (enable for selected sites where needed)
other good addon: requestpolicy (prevents loading content from other sites)
Comment has been collapsed.
noscript which? Noscript Lite? Noscript security suite?
Comment has been collapsed.
install firefox
install noscript
install flashfirebug
dont open random ass javascripts
dont worry about random ass harmful scripts
Comment has been collapsed.
Don't install Firefox(Chrome uses HTML 5), update HOST file, don't worry about harmful scripts.
Comment has been collapsed.
Firefox is safer than Chrome when you use NoScript and RequestPolicy and don't whitelist everything.
Comment has been collapsed.
Firefox is one of the most insecure browsers only being slightly more safe than Netscape. Even Internet Explorer is safer than the current Firefox.
Not only is Chrome the best option due to the fact it doesn't need Flash but you can also install NoScript on it as well.
Comment has been collapsed.
What is your source for that? The amount of found vulnerabilities doesn't directly indicate something is less secure than others. 100 minor vulnerabilities is safer than 10 critical vulnerabilities.
Chrome doesn't need Flash because it's built-in. Some sites still use Flash for videos and other things so Chrome does still need it for some sites. There is no NoScript or RequestPolicy for Chrome, but those addons probably have some clones for Chrome.
If you're talking about Chrome not using Flash on Youtube, it's because Google has decided to use dash playback for html5, which requires an implementation of Media Source Extensions. Firefox's MSE implementation is still buggy and unfinished, which is why Firefox uses Flash on Youtube for now. (or a limited html5 player) Firefox can play html5 videos perfectly fine unless they are using dash.
My main reason for not using Chrome is the ugly UI that's designed for small screens. Sucks that it spread to Firefox too.
Comment has been collapsed.
Just a heads up, you might want to read about the Chrome extension µMatrix , formerly a part of "HTTPSB" aka HTTPSwitchboard. I bet you'll like it, even though Chrome is abhorrent it makes it nice for when Chrome is required.
Edit: P.S. Idk about you but my Firefox is sexy.
Comment has been collapsed.
I guess we won't talk about the amount of data Google mines from your browser. The unique token generated on installation that identifies your machine, the additional unique RLZ identifier sent the "first" time you use the address bar and every time you use *.google.com, and of course a clientID (also unique) all used in collation and correlation. Maybe I already told you too much. ;]
Comment has been collapsed.
yeah just install chrome to make sure google is tracking you
Comment has been collapsed.
if you think that Chrome is required for Google to track you, you're out of your mind.
Android phones, their search engine, youtube, adsense, google maps... I could keep going on, but the point is that they've taken over enough of the internet that you'd actively have to go out of your way to keep them from building a profile on you.
Comment has been collapsed.
This has been going on for some time,the only difference is instead of locking access to like your documents or music or such,now they are aiming at video games.
Flash is not safe it is best to just have it disabled.You shouldonly enable its use if you really need to use it.I wish HTML5 was only around and flash dumped for good.You should also never keep anything important on a pc that is connected to the net in case you get infected.I know that can not always happen,but the less you risk the less you will lose.I keep all my music on a another drive along with all files i wish not to lose.
It is easier then you think Zero to get infected even if you do all you said,You might as well just not click on anything on the net as any of it can be infected with something.Keep your stuff backed up and this will matter if it happens.If i got this i would just format and start over with my backups.
Comment has been collapsed.
I don't really get how single player games are affected?
Wanted to play Bioshock 2 as well. ;_;
Comment has been collapsed.
If you read the article you will see that the files are encrypted with a strong key and you are asked to pay otherwise have the key deleted.
Comment has been collapsed.
I think igotElbows meant how Bioshock 2 on Steam can be affected by this, if your PC is not infected and the game is legal then should be no problems.
Comment has been collapsed.
I don't know of any evidence that shows that reliable pirate distributions are infected.
Comment has been collapsed.
what I meant is that you still can play your Bioshock 2 for example on Steam without any problems since it's not infected.
Comment has been collapsed.
But surely not their servers, correct? I mean downloading any of the mentioned games from the Steam client, i.e. BioShock 2 as was mentioned, would only download the files, no java or flash banners to exploit. Correct? I mean Steam couldn't be distributing this virus to everyone downloading these games or they'd temporarily pull them from the Store and servers.
This is not cool, though. Why do people do bad things >:(
Comment has been collapsed.
You can get the ransomware from infected sites through a flash exploit. Steam is not distributing it, but if you happen to get the ransomware, it will probably encrypt everything Steam related, which will prevent you from playing the games.
It's kinda silly to target games as those are easy to just reinstall after getting rid of the ransomware.
Comment has been collapsed.
Yeah, but according to the article linked by the OP you will lose all your save games, mods, and other files beyond the default "fresh install."
Definitely not the end of the world for me, but I'd hate to meet the Diablo player who lost his character he's been advancing for years. :p
Comment has been collapsed.
Cloud saves, using software that backs up your saves to dropbox, or backing up your saves on an external works fine too. :)
Comment has been collapsed.
Okay I keep reading to disable flash, but how do I do that?
Comment has been collapsed.
if u got chrome: settings - Show advanced settings... - Privacy - Content settings - JavaScript - do not allow (you can manually enable it for each site by clicking the icon on the address bar on right) and Plug-ins - Block by default
also chrome://plugins - ctrl f Flash - disable
Comment has been collapsed.
Might I ask how I re-enable flash for certain websites? Also is everything you explained a sufficient replacement for downloading Noscript? As I can't find that plugin for google chrome.
Thanks for your help :)
EDIT: Okay, here's what I did, is this sufficient? I've disabled javascript as you described, and only run it on certain sites that I trust. I disabled plug-ins by default, but re-enabled Flash. Now all sites ask me if they should run plug-ins or not, and I've just white-listed the sites I frequent. (So that means flash is still disabled along with other plug-ins by default on other sites right?
Comment has been collapsed.
Can anyone give me a crash course in NoScript usage? Thanks :)
Comment has been collapsed.
Left click its icon, and then allow what you want. If you trust the site, enable at least the top level domain, which is bolded. You also might want to enable the content delivery network (CDN) domain if it exits. If the site still doesn't work properly, look at remaining domains and allow what you need. Googling the domains will help you figure out what they are, and you can blacklist the domains that track you if you want.
NoScript will break many sites until you have accumulated a decent whitelist, but it doesn't take that long.
Comment has been collapsed.
If that happens to me, I'd stop playing games for good ^^ I sometimes feel like they're holding me back anyway :P
Comment has been collapsed.
From reading some of the comments, are you guys saying like, there's currently no way to get rid of the virus, as on currently installed OS, but like reinstalling OS, from a full reformat would fix the issue, or could it be somehow affecting something that won't let you reinstall OS ?
Comment has been collapsed.
Well, just reinstalled Windows, so it wouldn't be such a problem.
Comment has been collapsed.
This is Scary... Well thanks for the advise! i will try to protect myself...
Comment has been collapsed.
Thanks for the heads up D: Looks like this will be another week of panic D:
Comment has been collapsed.
Sorry, I'm a little bit confused. Are you saying that it is currently unsafe to load up a game that is included on the list or the ransomware prevents you from playing games that are on the list?
Comment has been collapsed.
Read the article, there's a malware going around that uses flash exploit to infect your computer and encrypt your files and then demand payment for them to be unencrypted otherwise they will delete the key as they claim. They have also started to target game files.
Comment has been collapsed.
sooo is it safe to play the game if you already have it installed? or should i uninstall it asap? cuz ive had fallout 3 installed for months now. and idk if this virus is retroactive or if i could only be infected if i fresh install fallout 3
Comment has been collapsed.
The virus infects via websites normally and it encrypts your computer files and asks for money to decrypt them, it has now started doing this to game files as well. Game files themselves are not the source of the infection.
Comment has been collapsed.
Obviously if they ask me pay 500$ for unlock my skyrim game for example, ill not pay, Reinstall the game its cheaper i think (free)
Comment has been collapsed.
So I don't have to worry about this unless I click on flash ads? say hypothetically, if I haven't downloaded anything for the past 2 months and all I do is use steam, can I still open steam now? I haven't played on steam for 3 days so....I have no idea wuts goin on
Comment has been collapsed.
Right when i decided to replay DA:O, perfect timing...
Comment has been collapsed.
Thanks for heads up, disabled flash auto-play and now it is ask to play.
Comment has been collapsed.
Links below.
Hope you have backup.
Source
pastebin
Comment has been collapsed.