Have a Question About "The Perfect Crime"

[Monroe]

I've been hearing about this "Cryptolocker Ransomware" for several months happening to various people. Seems like the simple solution is to not open a strange e-mail.

Cryptolocker Ransomware Being Described As ‘The Perfect Crime’

Chief Correspondent Joe Shortsleeve, WBZ-TV

December 18, 2013

http://boston.cbslocal.com/2013/12/18/cryptolocker-ransomware-being-described-as-the-perfect-crime/

BOSTON (CBS) — It is being called the perfect crime and it has law enforcement around the globe baffled.

It all starts with a simple email. “They are scared and they are angry. It is a real terrible experience for them.”

Joe Ruthaford is talking about computer users who mistakenly launched a potent internet phishing scheme. He recently saw one of those ravaged computers in his Beacon Hill repair shop. “It is extremely damaging. It is one of the worst ones.” It’s called cryptolocker ransomware.

Kevin Swindon is with the FBI in Boston. “I would think about this particular type of malware as what would happen if your computer was destroyed,” Swindon said.

In the past 90 days, thousands of people worldwide have opened a seemingly innocuous link to track a holiday package. Suddenly, all the files on their computer are encrypted.

Joan Goodchild is the editor of “CSO,” Chief Security Officer magazine based in Framingham. “This is a criminal operation. They are holding your folders and files ransom. We call this ransomware because that is exactly what it is. You need to pay in order to have access to them once again.”

And that is exactly what happened last month at the Swansea Police Department. Cryptolocker ransomware took over the department’s entire computer system and the police were forced to pay a $750 ransom to get back control.

As the ransomware takes over your computer, a countdown clock appears and shows victims how long they have to pay up. That means purchasing a key, or software, to reverse the process. And victims must do that using the online virtual currency known as bitcoins.

“Once you have purchased a bitcoin, then the transaction that you use that bitcoin in is encrypted, and therefore you cannot trace it,” explained Goodchild.

Swindon says it appears to be the perfect crime. The FBI tells WBZ-TV they are very worried about this spreading in 2014.

The scheme could be the work of organized gangs overseas. So far, no one has been caught.

---------------------------------------

OK ... notice the Bitcoins are involved but I have a simple question ... if a person's computer were to get hit with this virus and a person has an "image backup" handy and has important files backed up on a flash drive (with no virus of course) then just a redo of the image backup should bring the machine back to a "perfect state" and no ransom to pay ... right? Of course, my important files are small compared to a business or a police department ... so I can see a problem there. If this virus doesn't get into the BIOS then the image backup should work, if I understand this thing.

...

[jaclaz]

OK ... notice the Bitcoins are involved but I have a simple question ... if a person's computer were to get hit with this virus and a person has an "image backup" handy and has important files backed up on a flash drive (with no virus of course) then just a redo of the image backup should bring the machine back to a "perfect state" and no ransom to pay ... right? Of course, my important files are small compared to a business or a police department ... so I can see a problem there. If this virus doesn't get into the BIOS then the image backup should work, if I understand this thing.

The "theoretical" (the one noone actually follows) backup routine is the following:

• daily (which doesn't mean "once in a while" or "when I remember doing it", it means daily) connect one of two identical external drives to a machine and back up data on it, then disconnect the external device and put it in a safe place (the next day use the "other" external drive).

If (like many people that actually do backup) you are using a NAS or however network attached storage or however you keep the "backup disk" connected to the machine you are as exposed to that kind of ransomware as if you had NO backup strategy at all.

Making - say - once a month an actual image of the machine disk (capable of bare metal recovery) is a plus, but the OS and all apps can be reinstalled, the important part is just the data.

jaclaz

Edited December 20, 2013 by jaclaz

[Monroe]

Ok ... I can see that the "alternate" daily storage backup is the way to go for everyone but for my situation (very small scale!) I do the once or twice a month image backup. If I had to reinstall XP from scratch, it would be a disaster for me big time. Having to install all the software, all the settings and tweaks ... not something I want to even think about.

I wonder with the Bitcoins involved and not traceable as to where the money went, if that will bring "law enforcement" and governments demanding all that be changed ... have to see how all that plays out with the Bitcoin future.

Have another question since I mentioned an "image backup" ... if the BIOS does get infected with a virus then the image backup would be usless or not? ... an image backup only backs up the C drive and nothing else, at least to my knowledge?

...

[jaclaz]

Have another question since I mentioned an "image backup" ... if the BIOS does get infected with a virus then the image backup would be usless or not? ... an image backup only backs up the C drive and nothing else, at least to my knowledge?

An image (as I conceive it) is a "forensic sound" image of the WHOLE disk (not only C: drive).

Though if an actual BIOS virus, something like the ol' Chernobyl virus:

http://en.wikipedia.org/wiki/CIH_(computer_virus)

strikes the PC won't boot and you will need some more advanced recovery options, usually BIOS files can be found or however taking a backup of the BIOS is not an issue at all.

jaclaz

[ROTS]

Solution, use an early version of another operating system that is unable to see the encryption.

Recently, some odd sounding person, called my grandparents house asking about their computer. They even tried to describe the computer they was using, by making suggestions that it is a Mac or PC ( ha ha ha ). I finally said, " No, body have any computer, in this place. " In general, it might be the same people who puts viruses on your computer, and then charge you cash, to fix it.

I have also read about certain well know crime families in the past have invested heavily in technology. Trying to get peoples credit card numbers though pornography websites.

This is nothing new, just another method of jacking somebodies property. That is why I do not use Yahoo anymore. I know their are tons of people are using my password opening my mail and such.

........................................................................................................................................................................................................................................................................................................................................

On another note, the only reason why this crime works is because the perp is monitoring the cash flow, of the victim. Like how the Feds, busted a pair of a guys who took a picture of them with a wad of money in their car ( thank you %%##%book ), as well as the drug hustler woman who had an amazingly high electric bill, your money flow is being monitored.

So the perp is watching your purchases, then strikes at those people who are using the computer for purchases. Imagine if I start taking pictures of my mansion cabin or penthouse view apartment, or my many spouses, or whatever, then talk about them via a high profile place like $#$($@book. They might even pose as one person, be your friend, and then strike like a scorpion, while pretending to be your friend.

I don't like thieves, especially when they work for the government and call it doing their job. In this case generating as much fear as possible to encourage people to buy into things they do not need like insurance and laws that hurt peoples privacy.

............

About Bitcoins. Bitcoins is a nice invention, and it would be a good idea with somebody who has too much money to invest in. From my understanding the "coins" retain their value even when the value of the money has fallen, so you never lose your money with bitcoins and everybody has a safety net currency. I believe the inventor of Bitcoins is Japanese, and in Japan this is an on going practice, to store your money in another currency as a safety net. Like take the exchange rate around certain events.

By using Bitcoins your purchases are balanced, but now your dealing with an exchange system that is holding your money hostage until you cash out, or exchange it for commodity. Did the Bitcoin also fall?

Another problems is how store owners wants to tax the online sale prices, because they feel, they are not being fair to one another. I think this is stupid because it should follow the garage seller rule.

Edited December 21, 2013 by ROTS

[ZortMcGort11]

I could solve this "cryptolocker" BS in as long as it takes for me to insert my DOS boot disk in the A: drive and type "Format C:". I have the original installation files of all my programs backed up on CD's and thumb drives. All my photography is backed up and archived on more than one CD and thumb drive as well. Thus, everything I care about on my computer is backed up. This is why I don't like the bloated monstrosities that are newer operating systems. I will never use Windows XP or newer operating systems. They are nothing but bloatware ridden spyware, intended to snoop on the user. I "own" my computer, Windows and Microsoft do not. I'm not renting my computer from Microsoft. Why should I need their permission to re-install their bloatware crap on my MY computer? Not only are these poor people victims of ransomware, they're also victims of Microsoft. The computer they purchased is being rented to them by these snooping nitwits. XP and newer are solely designed to take your computer from you. Microsoft XP is like a toaster that has to be registered every time you toast a piece of bread.

[ZortMcGort11]

you'd probably have to ask the FBI or NSA, or the kind folks at McAfee, since I bet they're the ones who make those things to begin with... :-)