The Steel Guitar Forum Store 

Post new topic Ransomware question
Reply to topic
Author Topic:  Ransomware question
Brint Hannay

 

From:
Maryland, USA
Post  Posted 24 Jan 2019 11:06 am    
Reply with quote

A couple of times in the past I have been hit with phony alerts that locked my computer screen--no click anywhere would have any effect. (I must have brought them on myself by clicking on links in websites.) One claimed to be from the FBI, the other claimed to be from Microsoft. Of course, I was directed to call a phone number for "assistance" in unlocking the computer.

I knew these were bogus, but what to do? The solution I hit upon was simply to do a hard shutdown of the computer using the physical power button, then restart and see what happened. I couldn't see what else I could do. In each case upon restart the "lock" screen was gone and the computer functioned normally. I ran Trend Micro and MBAM scans and they came up clean.

My question is: I haven't seen anywhere on the web where this procedure is recommended, but it appeared to have worked. But it seems as though freezing the functioning of the computer required getting malware into the computer itself. Could simply rebooting really have cleared out the problem?

As a general question, non-techies like me are prone to worry that the bad guys may have sophisticated malware that can be on the computer and be undetected by security programs, having gotten "behind their backs", as it were--like those movies where "The call is coming from inside the house!". How realistic is this fear?
View user's profile Send private message Send e-mail

Wiz Feinberg


From:
Mid-Michigan, USA
Post  Posted 24 Jan 2019 2:57 pm    
Reply with quote

What you are describing is not Ransomware. It is a fake security alert that locks your browser, and/or consumes 100% of the cpu, locking up the system. In reality, this is better called Bluffware.

Since Bluffware alerts are browser based, closing the browser, or rebooting the system gets rid of them. They are usually coded to prevent you from closing the browser in the hopes you will phone the scammers for help.

Once you reboot and open your browser, if the browser preferences are set to reopen the previous tabs, it may open to the last visited website where the fake alert was acquired.

Some browsers are more susceptible than others to this kind of scripted attack. Some users are better protected than others with realtime anti-malware solutions that hook into top tier web browsers.

My current operating system and security is Windows 10 Home with Malwarebytes and Microsoft Windows Defender. I browse with the most current version of Firefox, which Malwarebytes hooks into. I use uBlock Origin to block malicious advertising. If I expect to wade into dangerous waters, I turn on NoScript, an Add-on extension for Firefox. It blocks JavaScript based attacks on the spot, before the fake alert pop-ups can be launched. Unfortunately, JavaScript is used for all manner of useful purposes and disabling it breaks many website functions.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
View user's profile Send private message Send e-mail Visit poster's website

Derrick Unger


From:
Newark Ohio, USA
Post  Posted 9 Feb 2019 6:46 pm     bluffware
Reply with quote

In windows 10 hit control,alt,and delete simultaniously..this will bring up task manager..click your browser, usually is the first thing listed..mine is Edge..then click end..should be able to restart your browser again immediately with no ill effects..I feel sorry for those people that do a hard shutdown with their power button..that can do strange things to your system.
_________________
Music is good for the soul..playing it is even better! Gretsch6strLapSteel*PeaveyNashville400*HudsonSD-10*DigitechRP360*FenderChampion100*PeaveyKB300*Goodrich120*Behringerx1204*BehringerMini4*Mullen S10"Discovery"*Peavey Vegas400*Princeton112plus*SuperChampX2*SidekickReverb65*Rumble100*MarshallMG50DFX*Nashville112
View user's profile Send private message Send e-mail

Richard Sinkler


From:
aka: Rusty Strings -- Missoula, Montana
Post  Posted 10 Feb 2019 7:19 am    
Reply with quote

I think Ransomeware is pretty much the same, except to unlock your computer, you have to send money. They never give you the info to unlock the computer. You need to give them money using a payment method used at Wal- Mart. Many fall for that. Rebooting doesn't get rid of it like the bluffware you speak of. There's a procedure you have to go through in safe mode. Pain in the butt.

That happened to me twice on my computer. That is more involved to get rid of. I have gotten the same ransomware requesting payment on my iPad, but just rebooting takes care of that.

The FBI one says they found child porn or illegally downloaded music, videos on your hard drive. They say to pay the "ransom" or get arrested.
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, NV400, NV112 . Playing for 54 years and still counting.
View user's profile Send private message Send e-mail


All times are GMT - 8 Hours
Jump to:  

Our Online Catalog
Strings, CDs, instruction,
steel guitars & accessories

www.SteelGuitarShopper.com

Please review our Forum Rules and Policies

Steel Guitar Forum LLC
PO Box 237
Mount Horeb, WI 53572 USA


Click Here to Send a Donation

Email admin@steelguitarforum.com for technical support.


BIAB Styles
Ray Price Shuffles for
Band-in-a-Box

by Jim Baron
HTTP