Close

Results 1 to 8 of 8
  1. #1
    DF VIP Member Zippeyrude's Avatar
    Join Date
    Dec 2002
    Location
    UK
    Posts
    4,317
    Thanks
    238
    Thanked:        792
    Karma Level
    534

    Default Ransomware resource

    At the Future of Cyber Security conference Europe the following resource was shared, if hope it's of use to to and might help you. Of course, it's easy to forget backups or security / pre infection back up point things can get tough.

    https://www.nomoreransom.org/

    Hope its of use...

    3 Thanks given to Zippeyrude

    DJ OD (19th March 2017),  ivrytwr3 (19th March 2017),  psxcity (19th March 2017)  


  2. #2
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    86

    Default Re: Ransomware resource

    That website requires updating especially what has happened in the past few weeks in respect to ransomware.

    Cerber Ransomware EK
    Firstly, Cerber Ransomware EK has returned in a worse form than ever, and is now classed as the top variant of ransomware.

    Doxware
    Secondly, 2017 as seen Ransomware evolved in to what we now call now Doxware. A variant of ransomware however it gathers all your ID held on your computer before encrypting your files, and then requiring the dreaded ransom. Usually, a 7 day period then if the ransom is not paid - bots auto-post you ID over the darkweb and surfaceweb every 30 minutes.
    http://www.darkreading.com/attacks-b...a/d-id/1327767

    Backwards Ransomware
    Thirdly, we have a completely new approach of using a ransom. The attacker sends the target an email stating they will hack in to their system if $500 is not paid. This already happened to one school in the US.
    http://lastbestnews.com/site/2017/03...se-disruptions

  3. #3
    DF VIP Member DJ OD's Avatar
    Join Date
    Jul 2001
    Location
    On da decks.
    Posts
    10,114
    Thanks
    1,008
    Thanked:        2,254
    Karma Level
    1104

    Default Re: Ransomware resource

    What's surfaceware?


    DJ OD

  4. #4
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    86

    Default Re: Ransomware resource

    I did not mention surfaceware, it was surface web which is a term that is used to define a website that can be crawled by search engines. It's normally classed as the standard web, but is only 5% portion of the internet.
    The second depth is the deepweb which is defined as a website that cannot be crawled by search engines. Anything you have to login to view is also classed as partially on the deepweb - again this only takes a 5% portion of the Internet.
    The third and the largest part(90%) of the internet is the TOR(The Onion Router) network, also called the darkweb. However, it cannot be accessed by the standard browser or search engines. You need the TOR browser to view anything on the TOR network, all areas you visit should end in the domain of .onion.
    HANSA is the main black market on the darkweb, where you can buy anything.

    People ask me if I use it - I do, but not for buying or selling, I go around finding database dumps and where they came from, so we can trace the places they have been pharmed from.

  5. #5
    DF VIP Member DJ OD's Avatar
    Join Date
    Jul 2001
    Location
    On da decks.
    Posts
    10,114
    Thanks
    1,008
    Thanked:        2,254
    Karma Level
    1104

    Default Re: Ransomware resource

    Sorry yes, surfaceweb.

    Why is there no other 'TOR' browser? Alternate bets are the way surely. Invite only? Dial up style.


    DJ OD

  6. #6
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    86

    Default Re: Ransomware resource

    There are TOR add-ons for Firefox - but most people tend to use the Linux OS, and the TOR Browser.

    Some people even use Private Tunnelled VPN's at Router Level, since this doesn't leak your DNS. I always check my DNS for leaks at https://www.dnsleaktest.com

    It's like now, my IP is London based, but I'm nowhere near London.

    I use OpenVPN to control my hardwired VPN, okay I attract attention sometimes because me data is encrypted by a 2048 bit key. I could use 1024 bit, but it can be cracked over time, while 4096 bit takes forever to generate new keys. As time passes I will update maybe to 4096 bit.

    You could code your own TOR browser, for Windows, all the .dll files are there mostly. But the TOR Browser Project, installs in to just a folder and is more secure than installing and writing registry entries all over the place. At least with TOR you can see what path you are taking before going on the TOR network.

    If you're not anonymous on the TOR network, no one will deal with you, and you will attract the 'unwanted' - that is the last thing you want.


    darkweb.jpg
    Screenshot of the HANSA Blackmarket (*edited because I used it on a InfoSec website)
    TOR Address: http://hansamkt2rr6nfg3.onion

    There are hundreds of blackmarkets on TOR which is why it takes 90% of the Internet, multi-billion dollar trading on a global basis.

  7. #7
    DF VIP Member plug1's Avatar
    Join Date
    Jan 2001
    Location
    glesga
    Posts
    1,934
    Thanks
    361
    Thanked:        234
    Karma Level
    393

    Default Re: Ransomware resource

    spoof your mac is a good idea before you start

  8. #8
    DF Member Threatbot1's Avatar
    Join Date
    Apr 2017
    Location
    Manchester
    Posts
    41
    Thanks
    12
    Thanked:        17
    Karma Level
    86

    Default Re: Ransomware resource

    Quote Originally Posted by plug1 View Post
    spoof your mac is a good idea before you start
    It is easier to spoof the MAC address on Linux, than Windows.

    With Linux its just a few lines and its done. With Windows its a PITA, but it still can be done.

    Good tip though, plug1

Similar Threads

  1. [NEW] Protecting yourself from WannaCry ransomware
    By evilsatan in forum PC Software
    Replies: 15
    Last Post: 22nd May 2017, 01:00 PM
  2. [NEW] I just received this on the War of Ransomware [ Security ]
    By Black Oracle in forum System Security
    Replies: 2
    Last Post: 13th June 2016, 10:07 AM
  3. Cryptolocker Ransomware Warning
    By MsDG in forum System Security
    Replies: 60
    Last Post: 25th November 2013, 07:26 PM

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •