Close

Results 1 to 8 of 8
  1. #1
    DF Jedi Zippeyrude's Avatar
    Join Date
    Dec 2002
    Location
    UK
    Posts
    4,312
    Thanks
    237
    Thanked:        791
    Karma Level
    492

    Default Ransomware resource

    At the Future of Cyber Security conference Europe the following resource was shared, if hope it's of use to to and might help you. Of course, it's easy to forget backups or security / pre infection back up point things can get tough.

    [Only registered and activated users can see links. ]

    Hope its of use...

    3 Thanks given to Zippeyrude

    DJ Overdose (19th March 2017), ivrytwr3 (19th March 2017), psxcity (19th March 2017) 


  2. #2
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    14

    Default Re: Ransomware resource

    That website requires updating especially what has happened in the past few weeks in respect to ransomware.

    Cerber Ransomware EK
    Firstly, Cerber Ransomware EK has returned in a worse form than ever, and is now classed as the top variant of ransomware.

    Doxware
    Secondly, 2017 as seen Ransomware evolved in to what we now call now Doxware. A variant of ransomware however it gathers all your ID held on your computer before encrypting your files, and then requiring the dreaded ransom. Usually, a 7 day period then if the ransom is not paid - bots auto-post you ID over the darkweb and surfaceweb every 30 minutes.
    [Only registered and activated users can see links. ]

    Backwards Ransomware
    Thirdly, we have a completely new approach of using a ransom. The attacker sends the target an email stating they will hack in to their system if $500 is not paid. This already happened to one school in the US.
    [Only registered and activated users can see links. ]

  3. #3
    DF Super Moderator DJ Overdose's Avatar
    Join Date
    Jul 2001
    Location
    On da decks.
    Posts
    9,904
    Thanks
    942
    Thanked:        2,124
    Karma Level
    1126

    Default Re: Ransomware resource

    What's surfaceware?


    DJ OD
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]

  4. #4
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    14

    Default Re: Ransomware resource

    I did not mention surfaceware, it was surface web which is a term that is used to define a website that can be crawled by search engines. It's normally classed as the standard web, but is only 5% portion of the internet.
    The second depth is the deepweb which is defined as a website that cannot be crawled by search engines. Anything you have to login to view is also classed as partially on the deepweb - again this only takes a 5% portion of the Internet.
    The third and the largest part(90%) of the internet is the TOR(The Onion Router) network, also called the darkweb. However, it cannot be accessed by the standard browser or search engines. You need the TOR browser to view anything on the TOR network, all areas you visit should end in the domain of .onion.
    HANSA is the main black market on the darkweb, where you can buy anything.

    People ask me if I use it - I do, but not for buying or selling, I go around finding database dumps and where they came from, so we can trace the places they have been pharmed from.

  5. #5
    DF Super Moderator DJ Overdose's Avatar
    Join Date
    Jul 2001
    Location
    On da decks.
    Posts
    9,904
    Thanks
    942
    Thanked:        2,124
    Karma Level
    1126

    Default Re: Ransomware resource

    Sorry yes, surfaceweb.

    Why is there no other 'TOR' browser? Alternate bets are the way surely. Invite only? Dial up style.


    DJ OD
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]

  6. #6
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    14

    Default Re: Ransomware resource

    There are TOR add-ons for Firefox - but most people tend to use the Linux OS, and the TOR Browser.

    Some people even use Private Tunnelled VPN's at Router Level, since this doesn't leak your DNS. I always check my DNS for leaks at [Only registered and activated users can see links. ]

    It's like now, my IP is London based, but I'm nowhere near London.

    I use OpenVPN to control my hardwired VPN, okay I attract attention sometimes because me data is encrypted by a 2048 bit key. I could use 1024 bit, but it can be cracked over time, while 4096 bit takes forever to generate new keys. As time passes I will update maybe to 4096 bit.

    You could code your own TOR browser, for Windows, all the .dll files are there mostly. But the TOR Browser Project, installs in to just a folder and is more secure than installing and writing registry entries all over the place. At least with TOR you can see what path you are taking before going on the TOR network.

    If you're not anonymous on the TOR network, no one will deal with you, and you will attract the 'unwanted' - that is the last thing you want.


    [Only registered and activated users can see links. ]
    Screenshot of the HANSA Blackmarket (*edited because I used it on a InfoSec website)
    TOR Address: [Only registered and activated users can see links. ]

    There are hundreds of blackmarkets on TOR which is why it takes 90% of the Internet, multi-billion dollar trading on a global basis.

  7. #7
    DF Jedi plug1's Avatar
    Join Date
    Jan 2001
    Location
    glesga
    Posts
    1,931
    Thanks
    359
    Thanked:        233
    Karma Level
    332

    Default Re: Ransomware resource

    spoof your mac is a good idea before you start

  8. #8
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    14

    Default Re: Ransomware resource

    Quote Originally Posted by plug1 View Post
    spoof your mac is a good idea before you start
    It is easier to spoof the MAC address on Linux, than Windows.

    With Linux its just a few lines and its done. With Windows its a PITA, but it still can be done.

    Good tip though, plug1

Similar Threads

  1. [NEW] Protecting yourself from WannaCry ransomware
    By evilsatan in forum PC Software
    Replies: 15
    Last Post: 22nd May 2017, 01:00 PM
  2. [NEW] I just received this on the War of Ransomware [ Security ]
    By Black Oracle in forum System Security
    Replies: 2
    Last Post: 13th June 2016, 10:07 AM
  3. Cryptolocker Ransomware Warning
    By MsDG in forum System Security
    Replies: 60
    Last Post: 25th November 2013, 07:26 PM
  4. XEX Resource Extracting
    By Raptor in forum Microsoft Consoles
    Replies: 0
    Last Post: 12th January 2010, 09:40 PM

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •