For PC Virus Victims, Pay or Else
From The New York Times:
Kidnappers used to make ransom notes with letters cut out of magazines. Now, notes simply pop up on your computer screen, except the hostage is your PC.
In the past year, hundreds of thousands of people across the world have switched on their computers to find distressing messages alerting them that they no longer have access to their PCs or any of the files on them.
The messages claim to be from the Federal Bureau of Investigation, some 20 other law enforcement agencies across the globe or, most recently, Anonymous, a shadowy group of hackers. The computer users are told that the only way to get their machines back is to pay a steep fine.
And, curiously, it’s working. The scheme is making more than $5 million a year, according to computer security experts who are tracking them.
. . . .
Essentially online extortion, ransomware involves infecting a user’s computer with a virus that locks it. The attackers demand money before the computer will be unlocked, but once the money is paid, they rarely unlock it.
In the vast majority of cases, victims do not regain access to their computer unless they hire a computer technician to remove the virus manually. And even then, they risk losing all files and data because the best way to remove the virus is to wipe the computer clean.
. . . .
Researchers say criminals now use victims’ Internet addresses to customize ransom notes in their native tongue. Instead of pornographic images, criminals flash messages from local law enforcement agencies accusing them of visiting illegal pornography, gambling or piracy sites and demand they pay a fine to unlock their computer.
Victims in the United States see messages in English purporting to be from the F.B.I. or Justice Department. In the Netherlands, people get a similar message, in Dutch, from the local police. (Some Irish variations even demand money in Gaelic.) The latest variants speak to victims through recorded audio messages that tell users that if they do not pay within 48 hours, they will face criminal charges. Some even show footage from a computer’s webcam to give the illusion that law enforcement is watching.
The messages often demand that victims buy a preloaded debit card that can be purchased at a local drugstore — and enter the PIN. That way it’s impossible for victims to cancel the transaction once it becomes clear that criminals have no intention of unlocking their PC.
Link to the rest at The New York Times
Since the value of the files on an author’s computer can be very high – a manuscript representing months of work – PG advises preventative measures. He is undoubtedly more paranoid than necessary, but here are some suggestions (PG uses them all):
1. Antivirus/Anti-malware software to prevent infections in the first place – Norton
2. Online backup of your files so you have them even if your computer is hosed – Mozy is easy to use. Install it and the program automatically backs up your files to Mozy servers via your internet connection several times per day. You can try Mozy out free. Prices begin at $5.99 per month for 50 GB. If you have more than 50 GB of data files and don’t want to pay more, you can configure Mozy to back up only the important ones. Dropbox is another excellent program that can be used for backup. If you use more than one computer, in addition to storing your files in the cloud, Dropbox can continuously synchronize files on all your computers so the latest novel draft on your desktop is also on your laptop. If one computer gets zapped by a virus, you can use the files Dropbox has synced on another computer. PG is not your tax advisor, but he expects the cost of Mozy and/or Dropbox service is probably a reasonable business expense for authors who make money from their writing.
3. Local backup of your files as a belt-and-suspenders solution which also lets you restore your files faster than you can with Mozy or Dropbox. You do this by purchasing a cheap large external hard drive like this
4. All the backups are not just for protection against viruses and malware, but also cover you if your computer is stolen or if Hurricane Sandy drowns your home or office.
, Amazon will pay Passive Guy a small affiliate commission on any of your purchases.
I’ve actually had this happen and you can reset your computer so that the virus and the frozen screen goes away. If you have another computer, you can look up how to do it online.
No! Norton is not good for Mac users!
It used to be top choice, but not anymore. It can actually break OS X.
Sorry for my Mac insensitivity. I’ll leave it to others to suggest good Mac antivirus programs.
Sorry for the knee-jerk reaction.
I’m a Mac-user, myself, and I almost broke my computer with Norton because I remembered it as the “it” program it once was. Fortunately, I thought to check reviews before installing…
I use Intego’s Mac protector. It is no free, but it is very highly rated and it does the trick as far as virus and Trojen-horse catching. I pay about $65 US/year, although I assume that will go up due to exchange rates, inflation, French taxes (Intego is a French company), et al.
Another Mac in the house used MacAfee, but also now runs Intego. Never had problems with the MacAfee, but needed something a little stronger security-wise.
I got that around 8 months ago. A pain to remove. HINT: if you give these b@@@@@@#s your credit card number, they will sell your identity on. Don’t do it.
I used a online forum (bleeping computer) to talk me through the fix steps.
N.b. I had an antivirus which picked up the infection but part of it still got through. Now I surf using sandboxie, a free program. It prevents drive by infections.
Curiously, the thing that bothers me the most is that the computers usually don’t get unlocked anyway. If you establish a reputation of leaving it locked after geting the money, why would anyone pay?
That’s a particularly stupid thing to be bothered by, I know, but…
No computer = no Internet for a lot of folks, and therefore = no way to check info about the scammers…
A point! I do confess it. I suppose many people wouldn’t be aware of these reputations in advance.
Any writer who does not have an offsite automatic backup system like Mozy is just playing with fire. There are just way too many things that can go wrong and cause you to lose hundreds, if not thousands, of hours of work. I used Mozy, but switched to SugarSync because it had more of the features I wanted. There are many other services to choose from. Just be sure to pick one and start using it before disaster strikes.
I use CrashPlan for my backups, love it, and have had my bacon saved by it multiple times.
Dropbox is also fabulous, but you need to use care and understand how it’s different. Dropbox synchronizes files. Delete from your Dropbox folder and it deletes from the cloud and the other attached machines. Modify a file and those modifications propagate to other machines/cloud.
This is important when considering extortionate malware. If it deletes your files, they’re gone. If it surreptitiously encrypts your files, they’re trapped everywhere.
Dropbox is fantastic for productivity across multiple machines and highly effective at saving your data in the event of hardware failure (such as a dead drive). It will not protect against changes or deletion in the way that versioning backups such as TimeMachine can or that retaining (i.e. not tossing ‘deleted’ files) backups can. I love Dropbox and use it daily, but I don’t consider it a primary backup tool.
Rich
I agree and I’ve been doing all these things for years. Can’t ever have too much virus/malware protection and backed up files. Just backed up my entire hardrive last night, in fact.
I used a free virus program (macafee), and they hacked my computer and used it to sell goodness knows what. The worst part of this, aside from the lack of profit sharing, was it slowed my computer to a sloooooow crawl.
When I got a new computer, I installed Norton, and have had no problems. So, I’ve decided to pay for a feeling of security. Hopefully, Norton will cover it!
In terms of backing up my stuff, I just e-mail things I want copies of to myself. I figure MSN Hotmail is pretty secure from going out of business – I hope!
Also, thanks for the head’s up about this particular hacker org.!
Email can be deleted — I’d burn to CD or use a separate machine, personally.
Mental note: burn my various libraries to CD. >_>
Abeth – thanks, food for thought.
A simple cloud backup techmque I use for text files: I send myself an email message with the latest version of my document as an attachment.
When I was writng my book, and had a folder full of files of all types, I used an iPod touch as a backup hard drive. There’s a terrifc andd cheap program for Mcs called DiskAid that makes transfering fies and folders from Mac to portable devices and back very easy.
I don’t curently run an anti-virus program on my Mac, but in my Windows XP days, used NOD32
It is morally wrong to allow suckers to keep their money.
- some awful, awful guy who kinda sorta had a point
The problem is that most of these kinds of scammers have the money paid to them from your credit card via Western Union–which is then entirely unrecoverable. No matter how good Visa is at protecting you from normal cc number theft, (because it dings the store instead of you), it can’t get the money back from WU, so you’re screwed.
I can vouch for Malware bytes, I’ve had to use it for my parents’ computer. Spybot Search and Destroy, too. Keep those on flash drives.
I’ve been looking for a good backup program, just because I no longer have the option of slaving a failed drive to a good drive.
I use Amazon’s cloud drive for backing up my WIP, since I don’t need to install the app on my work computer (when I want to write before my day/during lunch).
Crashplan + Dropbox + Local Clone. Mac OS X or Linux. Good practices.
Especially good practices.
Never used antivirus when I was on Windows. Hogged resources. Never needed it anyway. If you use good practices you will only potentially get burned by viruses that antivirus can’t find or destroy yet anyway. Remember it’s always behind the attackers by a step. I’ve seen too many people get bured by viruses while running protection software.
Crashplan has unlimited backup for about $50 per year.
If money is an issue, your most important writing files can be backed up on Dropbox for free with space for a few of your pictures and whatnot.
Supposedly Microsoft Security Essentials is much better with resources than other antivirus programs, David.
Ubuntu Linux + Mozilla Firefox + NoScript to keep the bad guys out (plus not blindly clicking or downloading everything in sight).
Automated nightly backup to a second hard drive + my personal web space + Dropbox for when the bad guys eventually do get in (which they haven’t yet).
And… “victims do not regain access to their computer unless they hire a computer technician to remove the virus manually.” So the files aren’t actually encrypted then? The virus just says they are? (Or the encryption is very weak.) Amateurs…
Steven, the Trojan.FakeAlert I saw just copied everything to a temp directory, and changed the permissions. Nowt difficult about it.
BUT, the Trojan.FakeAlert is often packed with a ZeroAccess rootkit, which is sophisticated.
People who get rid of the Trojan.FakeAlert often can’t get rid of ZeroAccess.
Fair point. I suppose if the bad guys can get a ransomware program onto your machine, they might as well try installing less obvious stuff too, so that they still have control over your machine when (you think) the ransomware is gone.
I used to be an avid PC user until a virus killed it. I went Mac and never had another virus. For 12 years now, I’ve been virus-free without running any anti-virus software. I think you know where I’m going with this…
How do you know you are virus free? For at least the last 5 years, the majority of viruses have been designed to be as silent as possible.
If there’s a virus there, it’s done me no harm nor done any harm to any of my files or anything else. I can live with that kind of virus.
Or maybe they’re just waiting for you to finish your novel so they can publish it a day ahead of you?
If its a simple keyboard tracking program you may never know its there.
I went Dropbox and a couple of BIG thumbdrives some time back. MacAfee seems to be doing the trick otherwise.
Well, they’re a little late on the uptakes since I have 14 titles out and none have been stolen.