Ransomware As Fast As Possible
Вставка
- Опубліковано 21 гру 2015
- Criminals have started using new types of malware to hold your computer hostage for money. How does this work, and how can you stay safe?
lynda.com message: Sign up for your 10-day FREE trial at lynda.com/techquickie
Follow: / linustech
Join the community: linustechtips.com - Наука та технологія
Back your data to an external Hard drive, then UNPLUG that drive from your computer. Leaving it plugged in is a huge no no.
+Kabuki Jo This is the thing people don't get. They think if the have a backup on an external HD or NAS they are safe from things like Cryptolocker because they have documents/pics in two places. Yet whenever they have their PC on they have their External drive or NAS is mounted and so that gets encrypted as well.
+UKcuber Well yeah but the main reason you have a NAS is for hard drive failure, not for security reasons. You're right, it's just a NAS has other uses.
UKcuber
Correct. They don't understand that a NAS will become worthless if a Cryptolocker encrypts all of their NAS data. Making those backups worthless.
[CS] Baeger
True, NAS offers 0 security against Cryptolockers. Unless a way can be devised to make a NAS network "Read only" to prevent them from being encrypted by Cryptolockers.
+Kabuki Jo would be smart then to have a password for the NAS and for the NAS to feedback what files you are actually trying to change.
+Kabuki Jo
Currently have a duplicate of my entire OS and files on my old HDD. It's still slid into the hard drive cage of my case, but it has no power nor sata cables connecting it. No connection, but right there for easy plugging should I ever require it. I also aim to get an external SSD for further protection and convenience. Keeping separate and secure physical data storage around the house, disconnected from the computer is a wise choice. Wish more people did it.
Then there's just the basic steps for preventing an infection or encryption of all the files in the first place. I don't look at junkmail, I block banner ads and pop-ups, I don't click links I don't trust with my very soul. It's been years since my computer suffered any serious attacks on it, and when something (which has for years now only ever been something small) does sneak onto my PC, MalwareBytes whoops its ass for me.
This is why I use MalwareBytes. Even if a malware prevents it from scanning, I can boot it's chameleon mode and make my PC think it's actually just launching say Firefox, while it is actually just doing a deep scan.
+DJ Fen Fen Agreed, MWB is by far the best malware removal tool. Cameleon is a clever but a bit ironic feature: tehnically it's a Trojan, which packs anti-malware instead inside :)
+Ken Kalajdžič malware bytes is mostly a companion antimalware software, it's best to have a main antivirus with it like Avast or ESET
+redpheonix1000 - Troll Physics I LOVE mbam, but I HATE the new look. It looks like a fake anti-virus program now. DAMMIT MATERIAL DESIGN
Or use Hitman.Pro when hited by a ransmoware!
+CreeperCraft137 it's not even material...
my friend had a " you downloaded child porn or illegal music" I charged him 100$ to wipe his pc
+Dandre Urquhart That's quite the span.
Meanwhile I am just here wondering how you pronounce your last name.
Elite Hawk Ur-kart
+Dandre Urquhart You must be a great friend profiting from him. Ada boy.
+Dandre Urquhart
You charge your friends to fix their PCs? Nice. I wish i could do that. I would be rich by now. And probably with no friends.
Luke as fast as possible
+Gavin Crane you mean luke FAP?
+Gavin Crane still not as fast as linus ( ͡° ͜ʖ ͡°)
oh god °///°
You're all crazy.
To Athánatos You're only as crazy as the voice in your head tells you you are.
Vinyl records as fast as possible
antiquated. next.
+Sean Orion 8 Trak
+Sean Orion as fast as possible? that would be funny to see how far a vinyl can fly off a turn table
+Sean Orion revolutionary but then the fucking hipsters came along. that's it.
+Sean Orion Vinyl record is a spiral trench with small bumps inside of it. The needle (head of the arm that you place on the record) then moves up and down when the record is spinning. Up and down movement creates vibration in a diaphragm, then converted to an electric signal and is then amplified and then sent to speakers, and you've got sound. Variations in the bumps creates different frequencies, thus creating different sounds.
To record a vinyl, you basically do the reverse process (speak into microphone > makes a diaphragm vibrates > makes a needle move and "dig the trench" into the record).
That's the over-simplified basics, but yeah, that's pretty much it.
Fun fact: if you listen closely next to the needle, you can hear the music without having any headphones/speakers.
7/11 was a part time job
No. It was 9/5.
5/7 joke
berzu21 ISIS was a part time paris
Jacob Bengel
Hahahaha ;)
Happened to me once years ago every time i turned pc i got an fake Australian police screen saying i had downloading child porn and illegal dvds etc, and asked me to pay "a fine" to unlock it. PC guy removed it but was like 100 bucks!!! Good times!
+Thor, Supreme Commander of the Asgard Fleet i had the exact same thing happened to me too but with the fake canadian police instead for obvious reasons.
+Thor, Supreme Commander of the Asgard Fleet The same exact thing happened to my laptop! It said the FBI was on to me and had a picture of Obama with a disappointed face. It even took my picture with my own webcam! The encrypted virus happened to my Church also. They had to pay the money.
+Thor, Supreme Commander of the Asgard Fleet Luckily, I had to accounts on that laptop, and the virus only infected one, so I was able to use the other to remove the virus.
+Thor, Supreme Commander of the Asgard Fleet same but mine said it was fbi thats the only virus i got in years and havent gotten any after
+Thor, Supreme Commander of the Asgard Fleet I've gotten one of those from the Mexican police back on windows 98se, thank goodness I put all my important data on a Seagate tape backup drive(slow as shit, but saved my bacon in those days), and a 100mb Parallel Zip drive disks, and it was easy enough to do a fresh install of Windows 98se to get rid of it.
Depending on the virus, I actually find the challenge of removing it fun sometimes, not that I want to get hit with one again...
I edit the code to make it delete itself after rebooting :D
+SquidPlays guys if i ever get a virus on my laptop I will find and ask you guys for help
SquidPlays XD
How do you guys know how to do these things
Not kidding but make a tutorial and then monetize it and wait for a month and become rich
When I worked at a PC repair shop I had at least 3 computers come in every week with one of these.
Happily only the "Lock out" type which is quite easy to deal with. Most of the time they are just simple programs that are set to always be on top.
We did have someone who spent a crazy amount before he finally decided that maybe he should come to a computer shop to ask for advice.
I was always glad to have a "fast as possible" episode to quickly show them, and explain the kind of problem they are having, and why they should just come to someone for help rather then just believe what these viruses are telling them.
Some of the worst kind of malware so far.
Most that I've seen people get just show back up w/in 30 days even if people pay.
Your comment was encrypted.
they probably get infected the same way they did the first time. First time is already bad as they should have backups. But a second time a month later? That's on you at that point, you obviously don't care enough about your data to keep it safe.
Well my point being that when you pay for it they generally don't actually remove the ransomware
@@EposVox I guess that depends on which malware strain you get infected with. I'd imagine the antivirus would've removed it well before that would happen anyways? Unless you really don't care at all and have no security installed.
Ok
Last month my toaster was infected with ransomware. Fortunately, true to their word, after I paid them the money my toast popped up. However, it was burnt pretty bad. I also despise ransomware.
Are you kidding? My toilet was infected with ransomware! I had to throw $100 down the toilet to be able to flush it again.
My pencil was infected with ransomware. I like pencils better than pens.
@@want-diversecontent3887 :
My anus was infected by ransomeware. I had to wipe my hard drive clean.
lool my pencilcase was infected by a ransomware i had to instal avast and malwarebytes to retrieve my pens and my stuffs
When I worked at a PC repair shop, 99% of 'repairs' were malware removal, and 90% of those were regular customers who constantly got their machines infected. One of those customers didn't seem to understand why he should have to keep paying for our services when we had done the very same job the other day.
I honestly don't understand how people get infected so often. I haven't had malware for years.
Ransomware: GIMME ALL YOUR MONEY OR THE HARD DRIVE GETS IT!
Me: *hands over all money*
Ransomware: PSYCH! *headshot*
And this is the exact reason why I always back up my files in multiple different locations. This is the worst thing that can happen other than a failure in your system
So I work for Geek Squad (I get awesome benefits, suck it). The most common issue I see people having is ransomeware. Specifically, since I'm in Canada, people get a pop-up from the "RCMP" saying their computer was used for child porn and they can not go to prison by paying 250 bucks. We usually just do what Linus said, boot to Safe Mode and run a custom antivirus to see if that fixes it, and if it doesn't, we backup the user data and wipe to whatever version of Windows they had. Which I always feel sorry that they had to pretty much start from scratch. But I've been virus free on my PCs since 2010 with only the free version of Avast, so maybe it's a learning lesson.
Be safe on the internet, folks.
I remember it was pretty much a link to Ransomware for me. I was just searching the internet. Randomly some pop up ad tells me I'm searching up something extremely illegal and the cops were already headed my way.
I then just restarted my PC and nothing else happened.
I'm glad you're saving technology around the world, love your vids
"Your battery system has been infected malware! Tap here to upgrade battery system NOW and get 100% more battery time!"
Hehe. These kind of fake warning-ads are funny.
"click here to improve Wi-Fi speeds!" while on wired
that happens to me like, 15 times this day now
+InfinityCraft This is exactly why I use adblock. Fuck that nonsense.
+InfinityCraft
Firefox with ad-blocker. Keeps many of the dumb ads at bay.
+InfinityCraft Engrish Flavour.
I once had one that still had {model} and {brand} on it that's literally what it said.
BIOS infection as fast as possible...
Boy, if you thought that get a malware in your hard drive was bad... the BIOS infection is a real nightmare.
I don't know if you guys ever read my comments in the past about making a video like this, but thank you , glad to share this with my clients.
"You know what Toby, when the son of the deposed king of Nigeria emails you directly, asking for help, you help! His father ran the freaking country! Ok?" - Michael, The Office America
This video popped on top of recommendations since this WannaCry thing is everywhere
Love me some ransomware :)
Love me some scammerware :D
+SquidPlays love me some skimpy underware
Small loan of a million ransomwares.
what does your comment mean bro
Yes
I just went through this with a neighbor. Fortunately, it was a new PC and I just did a recovery of the OS.
All is good ... until the next time she falls for it.
"Download ram" as fast as possible pls
who is watching this after getting to know about Wannacry.
me lol
Lol you got me
Me
Better question is who is watching this AFTER getting infected with WANNACRY?
I watched this because of Petya not WannaCry
thank you Linus for the ransomware video. i got hit hard and wanted someway to tell others about it. i got hit by the encryption type.. hopefully others will be spared from this kind of virus.
Thank goodness I'm so obsessed with backing up data. I could reset my entire operating system and I will have lost literally nothing.
I got hit by the second one because my stupid cousin tried downloading gta 5 for free on my PC.
Damn, shady buisness. How old is he? 7?
SquidPlays
7
+ShadyGaming "Free GTAV! No registration, no sms! Download Now!1!"
+ShadyGaming lol fail. i obtained gta 5 from a torrent and havent been raided
+ShadyGaming Shoutout to when GTA 5 dropped for consoles, and there were 10 gig torrents for the game... issue being, that they were straight up 10 gigs of virus', lmao.
that all in one pc burn..
This is so relevant today even though this was two years ago
My school literally got a message that they were a victim of ransomware
Unless they got in your BIOS/UEFI, there is always the option to reformat and start from scratch. Just hope you have family photos and the like, backed up somewhere and change the passwords for those services. Don't ever pay these criminals.
The first virus I've ever had on my Mac was ransomware, had my computer completely locked down and even hard reboots wouldn't get rid of. I eventually figured out how to remove it, but even still freaky stuff.
safe mode?
+redpheonix1000 - Troll Physics Maybe on Mac, but on windows I think you can use startup repair' locate the file (if you know the name) and delete it there.
+CreeperCraft137 I've seen a malware on XP SP3 that couldn't be removed in Safe Mode. I had to boot up an installer with a repair console.
+David Cox at least now there is SIP, so no-one can modify system files, so it is easy to remove
A quick little related fact:
Some months ago the city hall from a small town here in Brazil got victim of BitLocker. After a long analysis and failed attempt to decrypt the important files the conclusion from the engineers and analysts was simply to pay the ransom as it would be impossible to decrypt the files and yeah, don't be shocked this is Brazil, the city hall didn't had any backup of any file. And to make the whole thing event more interesting, its illegal to a public entity to pay for extortion with public money, so this city mayor got REALLY screwed.
Last year my step mother's pc got hit with a nasty bit of ransomware. It locked down all her personal pics, docs and vids with a ridiculous 2048 bit encryption. A little over 6 years of data and almost 9000 files that couldn't be recovered. I just about pulled all my hair out for nothing.
so what happened in the end?
did she get rid of it or were the files all gone
Like I said, it was a 2048 bit encryption which is super strong. She could have spent thousands of dollars trying to get people to unlock it with no guarantee of success, not to mention if she paid the ransom, there's no guarantee that they would have given her the key to unlock it. She had to cut her loses and toss the data upon deleting the partition on the hard drive. She learned a hard lesson to back up her data on an external drive.
Whenever I need to remove a virus from a computer I use the ultimate Nuke 'n Pave method of erasing and formatting the storage devices and reflashing the firmware of every flash chip, 100% of the time. No other method has the advantages of 100% guaranteed removal of all malicious software without having to interact with any of it. When it comes to encrypted files, it is easy to act like the virus has ATA secure erased an SSD containing them, so they cannot be accessed anymore, and the Nuke 'n Pave method works equally well in this case as with all other cases.
+๖ۣۜ♥๖̶tacokitten๖̶ well someday you are gonna find an usb peripheral with hacked firmware or a hijacked mobo bios, so you can reformat all you want, you wont fix anything
Just put it in DFU and reflash with Amel flip. problem solved
he also said he will reflash
EspHack
you did not read, i reflash if there is any suspicion of bios or device firmware malware
Marcus Lim yes that is what i do if it is a flash storage
+๖ۣۜ♥๖̶tacokitten๖̶ Just put bomb in PC and done.
+๖ۣۜ♥๖̶tacokitten๖̶ I don't remove viruses, I sell computers.
Coupon pop-up? You need a new laptop ma'am. I can recycle your old 2013 macbook, gimme.
I once had a website show up saying my files on my hard drive has been encrypted and I had to pay Bitcoins to decrypt them. The joke is, I was using my Chromebook and everything is in the cloud. xD
xD ransomware can't encrypt files in file storage #fail
And it's happening. Great.
I love the distain he has when he says "all in one pc". classic.
Arduino as fast as possible!!
You should do Potentially Unwanted Software (PUP).
It's Potentially Unwanted Programs (PUP) If It Was Potentially Unwanted Software It Would Be (PUS)
Don't Hate I'm Just Helping Out A Fellow Computer User.
I remember when I got infected with ransomware... it, fortunately, just locked my computer off and didn't touch my data.
Really useful to know, thanks!
who's here after " wannacry "
Many!
Women As Fast As Possible
But that's not about tech....
+SquidPlays Well. uhhhhh
Like men,but with boobs,and feminine. Also less arm hair. And also existent.
We have a Immature virgin here.... How does someone getting a virus have to do with a man or a woman. . .? Pendejo. . . You probably wonder why you're single.
MelodyZE r/woooosh
Reminds me of the ones that ring you on your phone, my mother got a call from one of these, they hung up quickly since she didn't own a computer.
Love the all in one pc dig at the end lol
when has the FBI EVER advised ANYONE to "just pay the random"!!?? this sounds suspiciously false. I'd like to see you cite your sources on this
Hey linus, your video was on the radio in the States:D
For the people that are wondering, yes you can format your whole PC which works fine if it is just on your PC. However certain versions of this nasty thing got network capabilities and that is where it really starts stinking. We had one of these things at work because a certain user clicked on a bad link and spend over 2 weeks doing nothing but trying to get it off the network and restoring data. Your backup data is only safe if it is not actually connected to the network itself else a ransomware might find its way to there as well.
Banner ads? Ads? oh right, those things I exterminated from my parent's pc and my sibling's pc with an Ad-Blocker.
Ransomware is great they have Indian call centers.
I work in an IT Support centre. A school we support got Locky on their server via an email a teacher opened. Luckily she didn't have many permissions so it didn't spread much. We removed it and booted up the last known good (which was the night before so nothing was lost)
I remember a few years back having my computer locked for "distributing illegal music..." yes, as if the music were illegal, not the distribution "... child pornography, and or animal pornography"
not even sure if that last one is illegal or not but i hadn't been involved in any of them so that alone told me it was a hoax
i mean seriously $500 to not serve a prison sentence? what kind of law enforcement actually runs that way?
Who came here from WannaCry(pt) ?
Anyone watching this in 2017 after wannaCry attack?
Thank you sir
Ugh... I had this problem with my 70+ year old neighbor. She had her 5000 pictures encrypted because she thought she won a trip to Spain. Good times
I am watching this video because I was trying to understand a video where a guy downloaded as much malware as he could
Thank you so much for this video 👍🏻👌🏻✌🏻
I've had to fix my grandparents computer wayyyy too may times, while saying: stop clicking random stuff until I am blue in the face... they are going to do it again (x _ x)
I DON'T KNOW WHAT TO BELIEVE RIGHT NOW. WHAT DO I DO?!
Only have one virus in the 13 or so years I've been using computers. Was on my PC one night, browser closed on it's own. Re-opened it and in the address bar something typed "We were having so much fun." Pooped my pants a little, shut down, formatted all drives.
I removed it for a friends pc recently, I just did a fresh install and wiped the drive completely. Took care of the problem! Hope this helps :)
I have had "Microsoft Support" call me several times on my land line, telling me that I have malware on my computer. They direct you to do this and do that so they can get access to your computer so "they can remove the malware". Right. Well, Microsoft doesn't call you - you call Microsoft Support for problems like this. Microsoft can't even know you have malware on your computer unless you tell them. If someone calls to tell you about the malware on your computer, tell them you have an Apple, then hang up. It's been a while since I got a call from them, so maybe they've given up on me for a while.
thankyou it was really informative sir
Randsomware sounds like a fair description of subscription-based antivirus programs that don't uninstall properly.
A few years ago, I got locked out of my PC for 'illegal activities', which was ransomware, and system restore solved my problem.
I had it happen today. It happened when there were ads that were made invisible and stretch across the screen so no matter where you click it still opens. I wish i could just kick this thing down as im poor and i cant afford this or even an updated antivirus as it gets as expensive as an operating system.
just an FYI for people, the cryptolocker version of this malware can spread to and encrypt files on a NAS so please use off site backup/ drop box
The encryption algorithm has nothing to do with the malware being able to load it's self during safe-mode.
Most ransomware targets files in the users directory.
What makes malware able to load during safe-boot is by loading it in the MBR before Windows begins to initiate, it's called a bootkit.
This is why i have both a 3 TB drive for monthly backups, and i do weekly backups to my home file server with shadow copy through freenas. then on top of that i have all of my drives encrypted with 256 bit AES
Ransomware is vulnerable to security programs that provide real time protection and security programs that kill malicious processes then runs a scan to quaratine and/or delete them.
radio lab has an awesome episode about this that came out last month
Thanks Linus! My sister had a Virus and a Friend of my father had a usb stick with Software that repares the Computer! My sister had no important Software and IT WORKED! Thanks Thanks Thanks Linus! I´ll subscribe!
I got hit with it when it was downloaded to my computer through the net a couple years back. Since I already knew about what this virus does, the information on the lockout screen was absolute bullshit. I certainly wasn't gonna pay these assholes, so I promptly wiped my boot drive and reinstalled my OS as well as my other programs. My dad got hit with the same virus as well. When he attempted to dismantle the virus, he ended up corrupting his OS. The only advice I can give to people that got hit by this virus is to keep your files stored on separate drive and wipe your boot drive clean. It's time consuming to reinstall your programs, but it's worth it in the end.
sounds like my parents, they actually have had this happening even tho there are ironically, parental controlls active..
biggest issue was that it changed every extension (.exe became .3475734587) etc. and renaming them did nothing, it would reverse before being able to open the browser for example, all important files were changed as well and was a hell to fix in folders with multiple types of files since they all got this random extansion. filetype not recognized.
something that always works is a fresh install. use them wisely!
+lolindirlink i also did use mass-extension changing programs which saved a lot of time.
if the virus encrypts your drive, will you still be able to use your system restore? Or does it fuck up your restore points?
My roommate got this ransomware before. Thankfully it did not encrypt the data so it was easy to remove it. I have been using PC for a while now and I learned to backup my stuff. I keep the external HDD unplugged as well so if this ever happens, I will just reinstall windows.
When i encounter that problem about ransomware, i must do to reformat my own computer if i have not enough money for that solving this issue.
what about those bit torrent copyright notices that people receive forwarded from their isp that ask for settlement payment? would that be like ransomware?
My kid's PC got hit by the CrytoLocker, luckily they only encrypt the Documents folder which had nothing in it, so I didn't have to pay for it. But yeah, it went around Avast free version so something to consider is to always keep current backups of important files.
I got some on my iPad Safari and was luckily able to get rid of it. Thanks for this video though!
And this is why I have a copy of a C folder on my external hard drive.
I use OneDrive for business to back up my files, is that fairly safe from ransomware?
The last one was actually done to my school district's network. all the teachers are locked out of their user and can't access their files.
I had that a lot years ago. It kept accusing me of terroristic activities, child pornography or sending spam (gasp!), claiming to be the police. It wasn't quite sure which one of the three was true, but it was very sure that I could be let go for 100$. All of that, with grammar on par with google translate.
Luckily, those were weak. All they did was stopping the explorer process and locking their image into the foreground on startup. I had another bootable partition which was completely unaffected, so I could scan and repair the main partition from there. It was scary at first and later on just annoying.
I had once that lock-out fake FBI ransomware on my netbook (not the encrypting kind) and I didn't have any AV on it, so I proceeded to booting up into Safe Mode, and checking the registry where I found the source and killed the virus myself.
My dad's corporation didn't have that same luck. The virus got into my dad's computer, and it spreaded through the entire company, killing all files along the way. I built myself a botnet with all those office computers (they were brand new, and had CUDA-compatible cards, and one of the fastest Ethernets I've ever seen), so I used all that high speed connection and computing power (big servers with higher-end processors included) to try, and after like 2 months of slow computers for everyone, finally cracked the single password to all the files by brute-force. My dad insisted on paying me after he saw me recover all the company's data, but I'm a teenager who only stays in his bedroom/cave, what am I gonna use that money for? I refused.
linus media group: they have enough power to decrypt an encrypted drive
it happened to my dad, what i did is boot it up in safe mode and made the pc go back to an earlier save (a month ago), and it fixed it
also i would recommend removing the ethernet cable or turning the wifi off because some of these programs like to verify data with some form of server
Happened to me today.
The pain is real.
Do u fix it ?
@@basseverexclusive8047 No, I lost a lot of stuff. Nothing I lost I have ever gotten back.
@@Pfromm007 same shit just happened to me. Will have to completely reset my pc from skratch at this point... all my art i worked for and all important school files I had are now gone... urgh. I wish this were just a bad dream... years of work just gone because of a single trojan file....
+techquickie you forgot to mention that some encrypting variants of ransomware are broken and there are sites that may give you the key
Happened to my dads work computer and the IT at where he works was freaking out because they thought it was real.
My ela teacher fell victim to ransomware, all of her lesson files were gone. That was a interesting year of school.
the way you said "all in one pc -_-" XD
Quantum computing as fast as possible! Do it.
they have done it already
I had one of those ransomware before. I was afraid that my information was compromised while I was dealing with moneypak transactions for shopping. It locked my user account up so I couldn't do anything. So I just did a factory reset since I didn't want do deal removal and searching for hidden viruses that it gave me.
So how does it work, is it just being unlucky and having a page load up in the browser or do you have to click on "download" or some kind of .exe program from that page? Would seem like you're screwed if its merely a link.