DSI issues warning on ransomeware

[Thaivisa News]

Bangkok:- Cyber attackers have been spreading malwares to extort money from unsuspecting email users, The Department of Special Investigation (DSI) has warned its staff.

ASTV Manager reported on Sunday that the DSI Bureau of Technology and Cyber Crime has circulated a letter among its staff to warn them about the threat.

“The malwares are in attached files. If you open the files, the malwares will enter your computer and hold it hostage. It’s a ransomware,” the letter says, “If you want to access your computer again, you will have to pay about Bt20,000 in Bitcoin for the pass code from the cyber attacker”.

According to DSI, the attachments are saved in various file types including .pdf, .xls, .ppt, .txt, .py, .wb2, .jpg, .odb, .dbf, .md, .js, .pl, and .doc. They usually come with an email under eye-catching subjects like “account suspended or locked”. The deceptive email messages also tell recipients to open attached files for details.

DSI says email recipients should be cautious about messages they receive.

“If you do not know the exact reasons why such suspicious emails have arrived, call the sender for additional information. If you do not know the sender, please delete it to avoid getting malwares,” the DSI advises.

The warning has been issued after the DSI’s IT security program has detected dozens of ransomware-containing email messages during the past month.

It is called a ransomware because following the attack, victims will be asked to pay the money or “ransom”.

[kkerry]

A basic e-mail warning for years and years has been not to open attachments from unknown senders... but I suppose it doesn't hurt to be reminded.

[NCC1701A]

"ASTV Manager reported on Sunday that the DSI Bureau of Technology and Cyber Crime has circulated a letter among its staff to warn them about the threat"

so the DSI Bureau of Technology and Cyber Crime staff needs to be told about malware and viruses?

[SoFarAndNear]

Wow...the cybercrime department warns their staff to not open e-mail attachments of unknown senders. Welcome to year 2000...

[FredNL]

It is a known problem occurring only at Windows based computers.

Apple computers and those running on Linux won't have this problem.

Having a good virus scanner also protects you. I am having Symantec's Norton Internet Security and their online back up.

It is not freeware !!!

But the first lesson is; just delete the emails from unknown senders and their attachments.

Also illegal downloading (from torrent sites). Some DVDs I purchased in Bangkok were loaded with virusses. I brought them back and showed it to the seller(s).

They know and probably they are related to the scam too.

Edited May 4, 2015 by FredNL

[Peterphuket]

Good to Know Fred,

You're working for BREIN? lookes like

No chance in Thailand

[lvr181]

It is a known problem occurring only at Windows based computers.

Apple computers and those running on Linux won't have this problem.

Having a good virus scanner also protects you. I am having Symantec's Norton Internet Security and their online back up.

It is not freeware !!!

But the first lesson is; just delete the emails from unknown senders and their attachments.

Also illegal downloading (from torrent sites). Some DVDs I purchased in Bangkok were loaded with virusses. I brought them back and showed it to the seller(s).

They know and probably they are related to the scam too.

Only on Windows computers?

But then again, as Windows systems probably operate on the vast majority of computers used in the commercial world, why would you not target for the greatest return? Simple maths to me!

[FredNL]

Good to Know Fred,

You're working for BREIN? lookes like

No chance in Thailand

Not at all !!!

I have Thailand's #1 E-commerce solution company. The whole network is secured and working on LINUX.

I have had severall dvds and cdroms with virusses on them. I don't care if someone will have a virus on his/hers compuret due to their own stupidity.

Also my employees are trying their bootleg dvd and cdroms on the company's computers.

So just buy illegal software and get infected. I really don't care.

[hawker9000]

CryptoLocker and its clones are truly nasty stuff (and getting nastier). There's a product called CryptoPrevent which offers some protection from ransomware (don't be put off by the name of the provider - Foolish IT - they're legit). There's a payware version and a freeware version which just needs manual updating. Also, Kaspersky has recently released some CryptoLocker keys via an online tool and is in the process of releasing more - discovered by law enforcement on a C&C server during a botnet takedown awhile back - for one particularly nasty version of CrytpoLocker called CoinVault.

If you're much of a downloader, or deal with a lot of attachment-bearing emails, you need to understand the dangers of CryptoLocker. Some info here.

Edited May 4, 2015 by hawker9000

[doesitmattter]

Good to Know Fred,

You're working for BREIN? lookes like

No chance in Thailand

Not at all !!!

I have Thailand's #1 E-commerce solution company. The whole network is secured and working on LINUX.

I have had severall dvds and cdroms with virusses on them. I don't care if someone will have a virus on his/hers compuret due to their own stupidity.

Also my employees are trying their bootleg dvd and cdroms on the company's computers.

So just buy illegal software and get infected. I really don't care.

You have Thailand's #1 ecommerce solution, yet you don't seem to know anything about this ransomeware trojans!

I suggest you to read up a bit on this. It definitely also affects Linux as well as IOS, Android mobile OS's as well!

FYI, this trojan comes in many forms. Not only in email attachments, but also (and many times!) in the form of browser cookies and of course in downloaded files from any source. Running a free virus scanner and Malwarebytes on the background is most of the time sufficient, but these latest versions are getting nastier every time.

[Eagleizer]

It is a known problem occurring only at Windows based computers.

Apple computers and those running on Linux won't have this problem.

Having a good virus scanner also protects you. I am having Symantec's Norton Internet Security and their online back up.

It is not freeware !!!

But the first lesson is; just delete the emails from unknown senders and their attachments.

Also illegal downloading (from torrent sites). Some DVDs I purchased in Bangkok were loaded with virusses. I brought them back and showed it to the seller(s).

They know and probably they are related to the scam too.

Spreading disinformation like this is irresponsible! Ransomware attacked

Apple computers as early as 2 years ago. All OS are threatened.

BTW: Norton is NOT a good virus protection. There are free protection that are

a lot better.

When you don`t know what you are talking about, it`s better to not say anything...

[hawker9000]

It is a known problem occurring only at Windows based computers.

Apple computers and those running on Linux won't have this problem.

Having a good virus scanner also protects you. I am having Symantec's Norton Internet Security and their online back up.

It is not freeware !!!

But the first lesson is; just delete the emails from unknown senders and their attachments.

Also illegal downloading (from torrent sites). Some DVDs I purchased in Bangkok were loaded with virusses. I brought them back and showed it to the seller(s).

They know and probably they are related to the scam too.

Spreading disinformation like this is irresponsible! Ransomware attacked

Apple computers as early as 2 years ago. All OS are threatened.

BTW: Norton is NOT a good virus protection. There are free protection that are

a lot better.

When you don`t know what you are talking about, it`s better to not say anything...

To be fair, I believe only the Windows OSs are vulnerable to CryptoLocker, but there are other equally dangerous ransomware products and the other OSs ARE vulnerable to them.

Here's an article from about a year ago discussing one that attacks Android: it's ransomware, but locks the device rather than encrypting the hard drive.

[nikster]

Apple computers have been relatively safe from malware for a very long time. There are two reasons for this: One, there's fewer of them around and malware is not cross-platform. So if you write new malware you have to choose which platform to target, and you're probably going to go for the biggest one. Two, Macs are harder to hack. Apple has an automated system that generally kills any virus outbreak on the Mac platform within days of discovery.

That said, it's not impossible to target Macs, and Macs have been targeted by actual malware in the wild a handful of times over the last couple of years. No doubt because Mac is steadily increasing market share. So it does happen.

For email, just use Gmail or another provider where attachments are scanned at the server side and be done with it. Gmail won't even show you these attachments, they get auto-removed. In fact, you won't even see the emails, they go straight in the spam folder.

[hawker9000]

There's no substitute for plain old headwork when it comes to avoiding infections. AV, anti-malware, anti-spyware, firewalls, fully patched OSs & applications, etc., are all necessary. But all can be undone by a careless, unaware user doing something dumb just one time. All that said, Crypto-Locker and its variants, esp. the more recent ones, represent a particularly nasty threat that's getting progressively nastier as time goes by. And I'm not sure I'd recommend anyone depending on their AV -OR- their OS to combat it, no matter how good you think your AV is or how immune you think your OS is.

Criminals get a lot of mileage out of exploiting the false sense of security of their victims.