New Ransomware virus targeting video game save files specifically. Be careful, yo.

Discussion in 'Unrelated Discussion' started by tehtrekd, March 13, 2015.

  1. tehtrekd

    tehtrekd Post Master General

    Messages:
    2,996
    Likes Received:
    2,772
    cwarner7264 likes this.
  2. websterx01

    websterx01 Post Master General

    Messages:
    1,682
    Likes Received:
    1,063
    Interesting.

    I spent 30 minutes the other day sluething around on "free Steam Wallet" websites. It was fun, but cleaning up my FB and computer wasn't so much fun lol.
    Last edited: March 13, 2015
  3. tatsujb

    tatsujb Post Master General

    Messages:
    12,902
    Likes Received:
    5,385
    I have all these games and steam and I have yet to have this happen to me.

    I think the .exe didn't manage to run on my linux :p
    thetrophysystem likes this.
  4. squishypon3

    squishypon3 Post Master General

    Messages:
    7,971
    Likes Received:
    4,357
    I got this once on Windows 7, I was terrified.

    Fixed it using malware bytes while running in safe mode :3
  5. arseface

    arseface Post Master General

    Messages:
    1,804
    Likes Received:
    502
    I browse the internet in what are possibly the least possible safe ways, without any antivirus.

    Haven't seen this yet.
    thetrophysystem likes this.
  6. tatsujb

    tatsujb Post Master General

    Messages:
    12,902
    Likes Received:
    5,385
    you didn't get this, squishy.

    I don't think you understand what encryption is.

    if your files really are locked and encrypted with RSA.

    there's no fuking way in 3 billion years you're decrypting it even with the most powerful computer on the planet.

    you need the private key and that's the only way you're getting your files back.
  7. squishypon3

    squishypon3 Post Master General

    Messages:
    7,971
    Likes Received:
    4,357
    I mean I got ransomware, jeese. =S
  8. DeathByDenim

    DeathByDenim Post Master General

    Messages:
    4,328
    Likes Received:
    2,125
    His point was (in typical tatsujb fashion...:rolleyes:) that if you really had been infected with ransomware, your files would have been encrypted and you would have no means of decrypting those files anymore. You can happily remove the infection, but that won't decrypt your files. Those would be lost forever unless you buy the decryption key or have a back-up.

    Did you have to restore your files from back-ups afterwards? If not, then it wasn't ransomware, or you just didn't care for the files that it deleted. Though there was a case of ransomware that actually stored the decryption keys on the victims computer. Minor bug there. :)
    tatsujb likes this.
  9. thetrophysystem

    thetrophysystem Post Master General

    Messages:
    7,050
    Likes Received:
    2,874
    There are more ransomware out there that hold your computer without actually doing anything to it besides locking basic features, than there are ones that encrypt files. The ransomware that doesn't encrypt, are fixed once the registry is fixed and the changes made by the virus removed, and then the virus is 100% removed from the computer. The ones that do encrypt, sometimes store the key in the virusware itself or use a weak encryption.

    The rare instance of this particular one, is just really good ransomware that literally poses a real threat.
  10. squishypon3

    squishypon3 Post Master General

    Messages:
    7,971
    Likes Received:
    4,357
    Erm.. My screen was replaced on boot up by something telling me that I need to pay up because I was caught doing "illegal activity", it was said to be the British police; very very formal looking.

    After I fixed it up with malware bytes it was fine, maybe the better versions have that- But if it tells me I must enter in a credit card to pay a fee to get tmy computer back.. it's ransomware.
  11. tatsujb

    tatsujb Post Master General

    Messages:
    12,902
    Likes Received:
    5,385
    no it's not! (it's not the same as the above your's was a fake ransom-ware because there was nothing it was holding ransom as you clearly demonstrated, you on your own were able to remove the message on the screen which was nothing ever but a message on your screen, sure people would have paid but in this case I doubt that program even had an off switch once you'd paid. It's a "noobware" not a ransomware". The difference is very striking and I can see that you cannot quite fathom how bad the situation could get).
  12. DeathByDenim

    DeathByDenim Post Master General

    Messages:
    4,328
    Likes Received:
    2,125
    Oh, be nice, eh? It's not that easy to tell the difference. Anyway, the virus that @squishypon3 got infected with is just the "Metropolitan British Police Virus". And like you said, it's all fake:
    (source)
    It's just a scam, not ransomware. All of your files are in fact safe and you just needs to clear the infection and you are good to go.

    What actual ransomware does is encrypt your files. So it transforms files like this:
    Code:
    This is a very important file and I have no back-up!
    into this (encrypted with RSA2048 key):
    Code:
    hQEMA+JjrR3QjhmwAQf+NH5V8ddbUUZB4QRmPOXpPhC/NBruxbHaAUnMNiFDRUtnvUifkZhQU9Qx
    ahtBUCe5peYtnwpQ3CWRKaFlI8TA++jl+IoYeqNtTT2ejgBEOe1/tjNK41pRY2/ebF8Ql60uxemQ
    20FyGrc/WIyO8sv/CuHuUUvnn4OU++K9RZL5nmBDKS/VnAPE0+dszQPpJAtRASMhPs5O9DJAHoAP
    YS9zcivY9liViXQ/4g1d9QSdeeVUfSLtPakTwsj3jb3C3ru1tqwauCHyasrtgFG9t0+RurBMewtX
    tEyI72SlvGKsfyFLOGcPJ5CFQ5aEQTZLL+VR51B4iq0KzyA1ri8eKREjTNJwAU9nIHU4S53TELeN
    YFj2W4DBcM5iPCtLhj5IinGjvLJiB4yRnXmvQfCg/7d+xfmR2bNyVC9ORbdP3higx4DCc+vp+B1g
    txWn+iGsq4+Kil2xi02gWvfNP7F/8j67igD0L/S1z1VZ2wI7K4jf1ioiTw==
    To decrypt that, you would need my secret key. I will sell you the secret key for a nice sum and you can use it to decrypt your files again to regain access. And if you don't, you need 3 billion years of computing time on a super computer to retrieve your files. Good luck with that! (Well, maybe the NSA has a shortcut. :))
    tatsujb likes this.
  13. tatsujb

    tatsujb Post Master General

    Messages:
    12,902
    Likes Received:
    5,385
    hint: no they don't ;)
    websterx01 likes this.
  14. thetrophysystem

    thetrophysystem Post Master General

    Messages:
    7,050
    Likes Received:
    2,874
    Both "hold your computer for ransom"...

    What you just described, is as such:

    I am a Starcraft tournament participant at top tier. I meet a lot of people who launch Starcraft, but they aren't players because they are terrible at using the game. They are not players, I am. The difference is I actually play it and they barely can operate it at all. I am "Player" and they are "noobware"...

    Or, even more funny, the classic old stereotype/insult to @Geers , a la: Yew cawl dat a nife?
    [​IMG]

    dats nawt a nife... dis ish uh nife!
    [​IMG]
  15. DeathByDenim

    DeathByDenim Post Master General

    Messages:
    4,328
    Likes Received:
    2,125
    The difference is that one is a scam (you pay money, and nothing happens), the other is ransom (you pay money, you get you computer/files back).
    tatsujb likes this.
  16. DeathByDenim

    DeathByDenim Post Master General

    Messages:
    4,328
    Likes Received:
    2,125
    How do I know you are not a NSA agent, eh?! ;)
    tatsujb likes this.
  17. arseface

    arseface Post Master General

    Messages:
    1,804
    Likes Received:
    502
    Is it considered ransom if I tell you you'll never get your daughter back unless you drop $10,000 cash at a location before 2:00 PM... if she's really just at school?

    Answer that, and the debate can end.
    thetrophysystem likes this.
  18. tatsujb

    tatsujb Post Master General

    Messages:
    12,902
    Likes Received:
    5,385
    ???
    that's a scam.

    100% sure that's what you call it.
  19. arseface

    arseface Post Master General

    Messages:
    1,804
    Likes Received:
    502
    BAM Debate over.
  20. thetrophysystem

    thetrophysystem Post Master General

    Messages:
    7,050
    Likes Received:
    2,874
    It was ransom in an episode of Detective Conan. What next, are we going to argue if the name is "Case Closed" or "Detective Conan"?

Share This Page