Skype Ransomware Worm Spreading Fast, Says Trend Micro

[exfileme]

There's a Skype Trojan that will possibly lock users out of their PC, demanding $200, if infected.

Skype Ransomware Worm Spreading Fast, Says Trend Micro : Read more

 

[billgatez]

People still fall for this kind of stuff?

 

[Guest]

Believe it or not, regardless of whether or not the world is getting more technological with the advent of phones with computing power, people still cannot look after their own computers as they would with say cars.

Heck some people can't even do simple maintenance on anything really.

 

[echondo]

You've got to be kidding me -_- this is the same thing that has been happening over Facebook for years now and yet nobody learns!

Guess idiots will be idiots!

 

[frombehind]

damn, I remember the first few times this was tried... they were only asking for 40 bucks back then. Word was they netted almost 80mil in about a week.

On one hand, I want to say I am in the wrong line of work... =D

On the other, I really hope these people are burnt at the stake for this, only because if they aren't... that would be like the FBI declaring "open season" on the casual computer users.

 

[adgjlsfhk]

Couldn't you delete this after you are locked out by restarting your computer in safe mode with internet disconnected and ending the process?

 

[A Bad Day]

Skype users are urged to upgrade to the newest Skype version, install all Windows security patches, and update their anti-virus client.

I know people who still uses IE7 on their vanilla Windows Vista...

 

[beayn]

[citation][nom]adgjlsfhk[/nom]Couldn't you delete this after you are locked out by restarting your computer in safe mode with internet disconnected and ending the process?[/citation]Not sure about the details on this one, but some of them take over exe file associations so you can't run anything, even going as far as disabling task manager, regedit and command prompt.

Others add a few thousand registry entry to block nearly every known antivirus / antimalware program from running. I usually find it fun to remove these types of things from client computers, to see if the author thought of all the tricks...etc.

 

[The-Darkening]

[citation][nom]adgjlsfhk[/nom]Couldn't you delete this after you are locked out by restarting your computer in safe mode with internet disconnected and ending the process?[/citation]

I don't think the people that gets infected with this can do that...

 

[MAC_HATER]

im sure the creator of it sat in a dark room with 1's and 0's projected onto the walls while he used a laptop while wearing a balaclava

oh stock photos you so funny

 

[assasin32]

Yup people sadly fall for this crap, I have to reinstal an OS because my family member downloaded not once but twice in one month something that the "computer" said they needed to watch their videos online. Or to "speed up & fix" the computer. Dispite the fact that I setup the computer and have it fully automated to clean, run virus scans, defrag, etc and all the software they need to do everything they want and told them this.

Their complaint was the video wasn't working on some unknown website that doesn't give you a good download speed or randomly times out. I fixed it the first time around, second time around the machine is fubar and not worth the hassle anymore I am just going to force them to backup their files and I will redo the OS, though the word "backup" makes them enter stupid mode despite telling them all I want them to do is copy & paste their files to this folder.

So yes I am not surprised that these attacks still work. When in doubt attack the weakest point of security which is generally the user, prey on ignorance it's easier than trying to exploit a machine. I am sure we all have these kind of stories sadly, so it should come to no surprise.

 

[Guest]

[citation][nom]echondo[/nom]You've got to be kidding me -_- this is the same thing that has been happening over Facebook for years now and yet nobody learns!Guess idiots will be idiots![/citation]
Don't use facebook and haven't know about this infection until now.

 

[A Bad Day]

[citation][nom]beayn[/nom]Not sure about the details on this one, but some of them take over exe file associations so you can't run anything, even going as far as disabling task manager, regedit and command prompt.Others add a few thousand registry entry to block nearly every known antivirus / antimalware program from running. I usually find it fun to remove these types of things from client computers, to see if the author thought of all the tricks...etc.[/citation]

There was one virus that corrupted task manager, regedit, and command prompt, which required an OS reinstall to fix.

Although the McAfee OAS didn't pick it up, I manually deleted the virus because the folder containing the 100 MB monster was conveniently located in "My Documents".

 

[techcurious]

[citation][nom]assasin32[/nom].. though the word "backup" makes them enter stupid mode despite telling them all I want them to do is copy & paste their files to this folder.[/citation]
Make sure you check to see if they did actually copy the files, rather than create shortcuts! 😉
"I don't understand what's the problem.. Look. When I double click on the file here it opens... so it's copied. See?"
How many times have we seen people create a shortcut to a file, on their USB flash drive, test the file and make sure it works, and then scratch their heads when the file wont open on another PC? hehe

 

[chulex67]

i have to say that if you are a frequent user of this website and u download the file then u either had one of those 3 stupid moments in your life and u went full retard or u are just plain retarded.

 

[bin1127]

I don't know about you guys, but I'm always glad to help out my long lost uncle in cambodia with his 4th liver transplant.

 

[aaron88_7]

This is where not enough people are mentioning the awesome program that is Sandboxie

 

[ko888]

[citation][nom]adgjlsfhk[/nom]Couldn't you delete this after you are locked out by restarting your computer in safe mode with internet disconnected and ending the process?[/citation]
You must have missed the part where it encrypts your data files. How does disconnecting from the internet help you to get the data files back especially if you don't have backup copies of those data files before the worm encrypted them.
The ransom part is to get you to pay them within a certain time period to have them decrypted or the data files will be deleted.

 

[cphorn15]

I honestly just had a customer try to purchase a Green Dot Moneypak card for $200 dollars in order to unlock his computer. I guess this must be what he was talking about. I just told him to take it to Geek Squad since he doesn't seem to understand scams anyway.

 

[assasin32]

[citation][nom]techcurious[/nom]Make sure you check to see if they did actually copy the files, rather than create shortcuts! "I don't understand what's the problem.. Look. When I double click on the file here it opens... so it's copied. See?"How many times have we seen people create a shortcut to a file, on their USB flash drive, test the file and make sure it works, and then scratch their heads when the file wont open on another PC? hehe[/citation]

Ohh that one I never thought of, I be sure to double check for that, thanks. I would hate to be at family dinners for the next few years if that's what they did.

 

[Pherule]

Got send a link to the file from a contact. This was three days ago so I was not aware that it was malicious.

I downloaded the zip, unzipped it, then checked the extension of the file inside. I was expecting .jpg or .png due to the message stating it was a picture. When I saw .exe I thought lolno, not opening that.

So I deleted it. So far so good. No infections.
I'm running Comodo Internet Security, Malwarebytes, and Comodo Firewall. Oddly enough neither Comodo nor Malwarebytes detected it as a virus. A good antivirus should be capable of picking up zero-day malware, so this makes me wonder...

 

[beayn]

[citation][nom]A Bad Day[/nom]There was one virus that corrupted task manager, regedit, and command prompt, which required an OS reinstall to fix. Although the McAfee OAS didn't pick it up, I manually deleted the virus because the folder containing the 100 MB monster was conveniently located in "My Documents".[/citation]If that's all it corrupted, you could have copied the files from another system. Sometimes SFC /scannow /offboot /offwindir (win boot disc) will fix corruptions. System restore sometimes fixes that too.

Too many systems go through our storefront infected and/or broken by McAfee :/

 

[rebel1280]

Backup backup backup backup. Cant say that enough, I setup my moms computer to do just that as she is click happy. I think i got a virus - WIPE - restore (mostly pics) done. Every 6 months i do an image backup of the drive so if she calls,i just tell her to use the disks i left on the top left drawer, it will tell her what to do

 

[tripledouce]

the weakest part of any OS is the thing between the chair and keyboard.

 

[chicofehr]

As a computer tech, I can honestly say people can be pretty stupid and on purpose too. I install Kaspersky Internet Security on many computers and I get many of them back with viruses. Why is that?

Skype Friend: Hey buddy, I got an awesome movie for you to watch. It's 1080P full length movie!!!!
Skype User: Wow a movie!!!!! I will download the link........ virus.exe 266KB
Security Software: File blocked for containing a virus!!!!!!
Skype User: Hey my friend sent me a video and I want it!!!!!! I'll disable my security software for 5 minutes so I can download the movie because I can trust anything from my friends
Security Software: Are you sure you want to disable your security software?
Skype User: Yes, YES YES!!!!!! I can trust my friends!!!!! STUPID SECURITY PROGRAM!!!!!......
What is happening?!??!?!!?!!?! My computer just froze!!!!! WHAT!!! IT says I need to pay $70.00 for a program to remove a virus from computer!!!! OK my Credit card # is 55555-5555-5555-5-55 there now I'm OK 😛

This is the typical computer user I find. I wish our schools would educate kids about internet safety 🙁