On Wed, 16 Sep 2015, jwsmobile wrote:
One system, or did it propagate thru the organization?
Did you eradicate it, then get a tool for the decrypt?
Not very hard to stop it, but the damage that it does to the files (RSA
encryption) is irreparable, unless you pay the ransom. A significant
percentage of the victimes pay up! A few people have reported that the
malevolent assholes are honorable, and do provide a working key. A small
few report NOT getting the decryption key.
Without major distributed work on it, decryption through brute force key
trials would take millenia.
The purveyors of one variant were stopped, and their key database
revealed. I don't know if or why they are still alive.
Curious as to details here to think about measures to stop it, or mitigate
it.
I'd apologize for the off topic direction, but this is a pretty serious
threat that is hard to find info on that isn't bullshit or glossed over.
Reply offline if you would rather, but I suspect anyone with classic
Windows XP systems and the like should pay attention.
It relies on social engineering (suckers).
Sometimes PDF files, but, I now think that I got it by falling for a fake
Adobe upgrade popup.
