LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (https://www.linuxquestions.org/questions/general-10/)
-   -   Next us? (https://www.linuxquestions.org/questions/general-10/next-us-4175483634/)

jefro 11-06-2013 02:39 PM

Next us?
 
Will linux be the next target?

http://www.pcworld.com/article/20606...w-service.html

Ztcoracat 11-06-2013 02:56 PM

Quote:

it sounds as though they have to try to decrypting your data with every stored private key until they hit one that produces a plausible result.”
That could take a while right? Jefro?

This kind of stuff makes me worry a tad-

jamison20000e 11-06-2013 03:18 PM

Wow, hope not or hasn't. It's not good business to began with so whose to say when they pay the key works?

Germany_chris 11-06-2013 03:23 PM

http://www.overclock.net/t/1435157/a...00-in-bitcoins

Toward the end there is a solution

Ztcoracat 11-06-2013 03:52 PM

In the link that Germany chris posted a man in the thread mentions:
Quote:

It may be possible to just isolate each machine on a network to its own subnet in order to minimize damage
Someone also mentioned that because the virus can jump across network drives and encrypt anything. If that's the case that really is disconcerting!
I'm not sure entirely sure how one could perform this type of "isolation" I'm not on a server-

Anyone's thoughts on this?

@jamison20000e-;)
I agree with you. Even if one does pay it may not get rid of the virus.
This is another example where intelligent and craftiness have went in the wrong direction- IMO

Germany_chris 11-06-2013 04:21 PM

Quote:

Originally Posted by Ztcoracat (Post 5059629)
In the link that Germany chris posted a man in the thread mentions:


Someone also mentioned that because the virus can jump across network drives and encrypt anything. If that's the case that really is disconcerting!
I'm not sure entirely sure how one could perform this type of "isolation" I'm not on a server-

Anyone's thoughts on this?

@jamison20000e-;)
I agree with you. Even if one does pay it may not get rid of the virus.
This is another example where intelligent and craftiness have went in the wrong direction- IMO

It's kinda why I pulled the chris cloud down for a bit

moxieman99 11-06-2013 06:20 PM

Quote:

Originally Posted by Ztcoracat (Post 5059604)
That could take a while right? Jefro?

This kind of stuff makes me worry a tad-

Shouldn't take too long. Remember, they only have to match it against their own database of keys. It's not like they're generating random keys.

andrewthomas 11-06-2013 07:18 PM

Quote:

it sounds as though they have to try to decrypting your data with every stored private key until they hit one that produces a plausible result.”
They never have to decrypt the data. They just have to deprive you of the data.

Next us?

Backup, backup, backup.

Ztcoracat 11-06-2013 09:28 PM

Quote:

Originally Posted by moxieman99 (Post 5059692)
Shouldn't take too long. Remember, they only have to match it against their own database of keys. It's not like they're generating random keys.

Thanks-;)

unSpawn 11-07-2013 12:40 AM

Quote:

Originally Posted by jefro (Post 5059593)
Will linux be the next target?

What exactly written in this article makes you speculate that?

sundialsvcs 11-07-2013 08:57 AM

Malware that maliciously encrypts your data ought to be able to run on any operating system ... and the fundamental solution to the problem is the same: a backup program, running continuously in the background, which stores data in volumes and directories that only it is authorized to get to.

The backup software is privileged to search through any directory, but it runs under a user-id that can't be directly logged-in to, and it creates and maintains storage files that only it can read/write. So, you can't tamper with your own backup, and neither can any application running on your behalf.

It shouldn't be too difficult to trace this scheme back to the perpetrator, since the bitcoin system actually can be very well tracked. (Since the tokens are one-of-a-kind, they are the perfect "marked(!) bills.")

jamison20000e 11-07-2013 09:01 AM

From what I've read cryptolocker is an .exe but yes I agree backup, for me it's to Blu-ray every month or so.

Germany_chris 11-07-2013 09:09 AM

Quote:

Originally Posted by sundialsvcs (Post 5060060)
Malware that maliciously encrypts your data ought to be able to run on any operating system ... and the fundamental solution to the problem is the same: a backup program, running continuously in the background, which stores data in volumes and directories that only it is authorized to get to.

The backup software is privileged to search through any directory, but it runs under a user-id that can't be directly logged-in to, and it creates and maintains storage files that only it can read/write. So, you can't tamper with your own backup, and neither can any application running on your behalf.

It shouldn't be too difficult to trace this scheme back to the perpetrator, since the bitcoin system actually can be very well tracked. (Since the tokens are one-of-a-kind, they are the perfect "marked(!) bills.")

If your backup is continuous that means the drive is connected and that means tha happy bit of malware will take it too. It will take all data connected to the computer punkt. Ars isn't going to cover any but of crappy malware this one is no joke because it can jump in your network. This can jump from my wifes virtualized Windows to my/our NAS (free NAS)to her dropbox..it it is in any manner connected to you computer/network it's locked.

NetBot 11-07-2013 01:34 PM

If this malware is exe, then this shouldn't affect Linux system. Is this correct? Also, not everybody uses wine and some would even uninstall wine if it were installed by default.

Germany_chris 11-07-2013 02:05 PM

If there is a Windows user anywhere on your network you're vulnerable.

NetBot 11-07-2013 02:40 PM

Quote:

Originally Posted by Germany_chris (Post 5060198)
If there is a Windows user anywhere on your network you're vulnerable.

In my current setup I have no running services/daemons not even samba.


All times are GMT -5. The time now is 11:09 AM.