Welcome to Netrider ... Connecting Riders!

Interested in talking motorbikes with a terrific community of riders?
Signup (it's quick and free) to join the discussions and access the full suite of tools and information that Netrider has to offer.

Post Office Virus

Discussion in 'The Pub' started by hornet, Oct 12, 2015.

  1. I'm waiting for something to come from China, so, naturally, when I get an email from Australia Post, I click on it.
    Of course, it's not from Australia Post, it's a virus. A split second later it has encrypted all my local documents, all my documents on my Microsoft OneDrive, and, worst of all, all the files in a DropBox which belongs to a colleague, but which I share.
    I've rolled back the configuration on the computer in question. I had all but a couple of files in my OneDrive saved locally as well, but if someone has a solution for the poor lady who's years of work has likewise been trashed, I'd love to hear it. All the info I'm reading on the 'Net says there's no recovering files once they've been worked over by this CryptoLocker bug, but I just thought one of my Netrider IT genius fellows might know differently.......

  2. If you contact Dropbox they can normally restore the old versions of the files from the last week. Give it a try as we had something similar happen but actually deleted the files and Dropbox recovered them for us.
    • Agree Agree x 3
    • Informative Informative x 1
  3. Worth a try, thank you very much!
  4. Agree, dropbox recovery. The Cryptolocker uses a long encryption key so it is not feasible to break by brute force. In the longer term:
    • Periodic Off Line backups.
    • Restrict Cloud shared areas to a particular shared directory so the majority of your storage is inaccessible to other people.
    • Agree Agree x 1
  5. It's a cunning virus, it has deleted all previous versions of files, locally and in both the Cloud storage areas as well
    I just had an email from my colleague to say that most of her files were backed up locally, which makes me feel a little, (but only a little) better....
  6. What sort of person creates a virus to do nothing else but destroy and harass others?

    I mean, as much as I think its a dog act, I can sort of understand someone going to the trouble to try and steal something, but just to wreak havoc? Idiots...
  7. it is ransomware
    • Agree Agree x 1
    • Informative Informative x 1
  8. #9 Jaytee, Oct 13, 2015
    Last edited: Oct 13, 2015
    As someone who works for an SSL/Security firm :p , generally speaking you cannot undo the encryption of your files as you do not own the private key to the corresponding public key used to encrypt the files.

    Even if you could brute force it the person who owns the documents would probably be dead before you opened it.

    Best advise, keep anything you do not want to lose , get hijacked or deleted stored offline.

    GFS backups ftw!

    • Agree Agree x 2
  9. ... and ransomware is a lucrative business, because people will pay whatever to get their data back!
  10. Unlucky hornethornet . I am not in IT and have only a reasonable user "IT awareness" so I'm suspicious of bloody anything that looks vaguely like this. I always check the incoming email address before opening any attachment or click on any link. I have to, I have a business and we get every conceivable plot/scheme/begging letter/lottery win/phishing email known to mankind every day. But that email address check inevitably gives the game away, even if its close its never quite genuine - like buying a Rorex watch...you can easily spot the fakes. So that's my feedback here - hope your data can be restored.

    I'm sure there are more sophisticated ways of checking, but remember I'm the guy who gets told he has an ID10T error by his BIL...
  11. The issue here, is that the data is essentially locked away with a padlock (using the ol padlock and key analogy). The ransomware guys ask for payment or they'll throw the key to the lock away, meaning that no one can unlock the files. Unfortunately, this is a case of security being used as a way of scamming people by protecting / locking them from their own data..

  12. Yup i understand the issue, my point was about not clicking on links/opening attachments in the first place - i.e. avoiding getting into this unfortunate position.
  13. I hear ya :)
  14. I'm still waiting on my reply from the Nigerian Prince who offered to give me lots of money. He just said he needed a deposit of $5,000 to guarantee my gift and my bank account details so he could deposit it. He sounded like such a nice guy too.
    • Funny Funny x 2
  15. What a PITA Hornet!

    I don't use a pc based email client due to virus concerns. I found that web based clients hosted by the majors have much better anti virus savvy than I could ever muster.

    So I don't see much spam, but then even when i do get a legit email, I rarely click on any link or attachment... and I'm so paranoid that before I even go to a site, I snag the url out of the link and run it past a Norton safe web or other url checker site.

    I even have different passwords for each site I access now... it's starting to get a bit much to manage I have to admit but so far it's kept me relatively safe.

    Touch wood I haven't just mozzed myself.
  16. Yeah, well, the irony was, as I said, I was waiting for a package to come from China, via Australia Post...

    I work behind an iron-clad firewall five days a week in the NSW Department of Education; anything that gets to you must be ok, because it wouldn't get to you if it wasn't. But this was my personal computer, out of work hours, and I just got careless........

    Thankfully I had emailed many of the documents to a friend, and he's sent them back to me today. As well, my poor colleague had the presence of mind to only upload her documents from her server, not use Dropbox as her primary storage, so she's been able to recover most of her stuff too.

    I've had that email address for donkey's years, but I might take your advice and close it down and just use my Gmail account as my main mail client.....
  17. And, while it isn't prophylactic, good backup habits* can change such things from catastrophic to simply painful or annoying.

    *Including at least one copy that's not connected to your system (which also protects from power surges and whatnot).
  18. Yes, indeed, I was able to restore most of my files from a hard drive in a caddy attached to my main PC. Its only turned on when I need it to be, so that even the computer it's attached to hardly knows that it exists, much less anyone or thing else.
    • Like Like x 1
  19. The Best Password Managers for 2015

    You sound like you need a password manager. I don't use one but they come highly recommended. I use hard copy back up for passwords.

    more tips from Learn
    • Informative Informative x 1