Author

Topic: [GUIDE] Beginners Protect Yourself from Ransomware!!! (Read 632 times)

legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
If you're really worried (and have the resources), you could have one computer/device for your at home wifi, banking, work and email (plus a few other trusted sites) ONLY, and another device that you use for browsing random websites, take with you and use public wifi, go on holidays with etc (but that you don't access your email with)...

Personally, I am using one of my laptops exactly as you described only at home secured network and only for important things, no browsing, downloading or anything. Still, during banking session, we can be infected so you never know but in the last few years I wasn't hacked even once so maybe it works. I hope  Wink.

Added to the list: If possible try to use one computer only for banking and other important things (no email, no browsing, no downloading programs or open attachments on this machine) for all online activities use a different computer, with no important data.

...you shlould never to leave your network unsecured!!!...While setting the WIFI password, try to make it extremely strong ...

Thanks again for this suggestion @Cryptovigi already added to the list as "Never leave your network unsecured and try to make the WIFI password extremely strong."

If anybody knows any other way how to secure the computer or stay safe online, please share.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
Thank you for sharing, it's a helpful guide...

I am happy you like it.

Like you said, to be safe online you have to learn a few correct habits when using a computer and especially when browsing.

Majority of the time problems happens because of bad online behavior, like downloading files from unknown sources and installing malware from an email attachment.

Additionally, we have to teach our family members, how to use a computer correctly, when there are more people at home, especially children.

Windows has some parental controls, but this is not enough and guidance is needed to learn our children, how to stay safe online.
hero member
Activity: 1050
Merit: 529
Student Coin
Thank you for sharing, it's a helpful guide.
I heard this before and I'm just lucky I was not a victim of this yet. (hopefully not)

I think the only thing I made which is correct is I always back up my files, and in case my computer will be compromise, I think I can let go of this.
Additionally, I avoid downloading files in the internet using my computer which I store all my necessary data, like private key, and others.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...Lately, fibre cable companies seem to have upped security, and router default passwords are now non-universal, which is how it should be, since a vast amount of the population has now clue about router configuration...

Despite the efforts of companies as you say there are still people with no clue about routers and configuration additionally a lot of them is still using this same old router with a universal password and will be for another few years until something brakes.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
<…>
Actually, that didn’t seem all that difficult to do, at least a year or two back. While having a go at hacking my own router (to tests vulnerabilities), I also acted as an “ethical hacker” on some neighbouring WIFIs, managing to access a few of their routers that were still using the default universal username and password. Obviously no harm was done, but it gaveme an idea of how easy it was back then.

Lately, fibre cable companies seem to have upped security, and router default passwords are now non-universal, which is how it should be, since a vast amount of the population has now clue about router configuration.

Ransomware is less likely to come directly from your neighbours (vs general internet), but you never know what they could do if they manage to gain access to your personal network.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
This is a really detailed list and there are few points I wasn't aware of but I am missing the simplest one which is: encrypt your files. Windows has the possibility to encrypt valuable data and you can do it in a few clicks. I think maybe this is something you want to add to this list because I am using it for a long time and saved me many times from my data to be stolen.

Thank you @Crypto Mania for your suggestion. Of course, I will add it to my list and merit you with my next free smerit. Indeed this is the first step to protect your files on computer and I am actually using encryption for my valuable files like docs. I just don't know how I forget this one.
hero member
Activity: 714
Merit: 611

While talking about computer security, we should also mention in a few words about network security. Currently, probably 90% of users use Wi-Fi - so it's worth to remind that you shlould never to leave your network unsecured!!!
While setting the WIFI password, try to make it extremely strong - in the case of a network access, using a difficult and long password is not a problem at all because you enter it only once (in one device) not every time you log in - so it's worth taking care of security.
You should also change the router administrator password, because the pair "admin" "admin" (or "admin" "12345") probably appears in 90% of routers.

Remember that if someone breaks into our network, he can also hack into our computers, files, spread virus, monitor traffic in our network, sniff our logins and passwords to websites and send spam or even use our network (IP address) for other illegal activities (like for example sharing/sending child pornography etc.)

legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
... i would like to know if its possible that some of these companies in this data security business could be behind some of these notorious malware's because i found it odd that only one company successfully decrypted infected PCs.
Of course, is possible that some companies in the data security business are behind this notorious malware but I don't think Malwarebytes is one of them.

I have here an article which shows the pros and cons of the new Malwarebytes software, maybe you should read it. Here link

A few years ago IOBIT was blocked by Malwarebytes because of malware and adware in their products. This is a very big company and many people run their programs.
I have heard (also some time ago) that this company is managed by hackers. I haven't heart lately anything new from IOBIT but to be safe I never downloaded their software.
So yes big companies can be dangerous and we have to be alarmed and check everything before installing.

I think if you hold on to my list and use good habits when browsing the net and especially downloading software or open emails attachments.
In the last 7 years, my devices where not infected and I am literally non stop online with my phone, laptop, TV, radio, desktop, work station, tablet, and even freezer in kitchen is connected to the web.
member
Activity: 893
Merit: 43
Random coins :)
You mentioned Malwarebytes in the OP being a good security software and a good anti-malware which i have personally used for a long time believing it had the said qualities  Roll Eyes but unfortunately about a month ago or so my PC was infected by some malware called Gandcrab which literally encrypted my files and made my pc unusable unless i paid the required ransome of ~$1000.... of course i did not pay the ransome because someone from some forum said a fix would come after a few months, which came as expected but i had no time to wait...went with a fresh copy of windows to get back a working PC. 

But i would like to know if its possible that some of these companies in this data security business could be behind some of these notorious malware's because i found it odd that only one company successfully decrypted infected PCs.
jr. member
Activity: 34
Merit: 21
If you're really worried (and have the resources), you could have one computer/device for your at home wifi, banking, work and email (plus a few other trusted sites) ONLY, and another device that you use for browsing random websites, take with you and use public wifi, go on holidays with etc (but that you don't access your email with).

So you have one more safe and protected device for accessing work/email/banking and so on, and another device that you are a bit more open with and can visit other websites as this computer/device has zero or limited info of value on it.

This won't completely reduce the risk (particularly if you're clicking on links you shouldn't in your email), but so many stories seem to relate to people hooking up to public wifi that actually taps into your system and takes your personal information, installs a keylogger for your passwords etc. Or visiting a website that installs malware because you clicked a link you shouldn't.

Also maybe have a think about trying out Brave browser - you'll be supporting a crypto project, which may also reduce your risk of (accidentally) clicking ads you shouldn't since they'll be removed from the webpage.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
Thanks for THIS topic! I was a victim of ransomware and believe ME... It's NOT pleasant...
Could you detail your case in order to leave a real case testimonial on how it happened, what occurred, and how you resolved the situation? It would be interesting to leave that sort of information to raise awareness and allow people to understand the process better from head to tail.
member
Activity: 476
Merit: 92
This is a really detailed list and there are few points I wasn't aware of but I am missing the simplest one which is: encrypt your files. Windows has the possibility to encrypt valuable data and you can do it in a few clicks. I think maybe this is something you want to add to this list because I am using it for a long time and saved me many times from my data to be stolen.
sr. member
Activity: 742
Merit: 395
I am alive but in hibernation.
That was the only explanation I was able to find when used "rm -rf /..." as a search query.

After I published my post I have seen that this command is changed a few times in different comments but was too late and already published.


rm  is remove command.
-r   option means run the command "recursively". ( it will remove the directories even they have sub directories)
-f   option mean "force" . It will not ask for any confirmation for deleting.
/    is "root" directory.(it is the start of every directory)

so "rm -rf /" means that you just want to wipe out everything from your system.

Best way to learn about the unix command is to type "man " in your unix console.

Currently I am not in unix system so I took the help from this page.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
That wasn't the point ETFbitcoin was making though. He was specifically referring to rm -rf / , which pretty much means forcefully remove everything in your Linux OS; which is actually a lot worse than the "delete system32" prank with Windows.
For more information: https://www.tecmint.com/linux-rm-command-examples/

The "point" has nothing to do I just needed to know what that command does/is.

That was the only explanation I was able to find when used "rm, -rf, /..." as a search query.


mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
...Run command rm -rf / (DON'T RUN IT)...

When I saw this command I just immediately had to know what this is and makes, made fast Google search and



I assume there will be more members with the strive to know what that, means.

That wasn't the point ETFbitcoin was making though. He was specifically referring to rm -rf / , which pretty much means forcefully remove everything in your Linux OS; which is actually a lot worse than the "delete system32" prank with Windows.

For more information: https://www.tecmint.com/linux-rm-command-examples/
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...Run command rm -rf / (DON'T RUN IT)...

When I saw this command I just immediately had to know what this is and makes, made fast Google search and



I assume there will be more members with the strive to know what that, means.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Linux devices aren't prone to ransomware attacks[1]; but I think the chances of your Linux device being infected is significantly low compared to Windows devices. If your Linux device gets infected, chances are, you've done something really really stupid, or the attack was focused specifically on you.


[1] https://www.bleepingcomputer.com/news/security/b0r0nt0k-ransomware-wants-75-000-ransom-infects-linux-servers/

I agree, additionally user who started using Linux often running command or modify system setting without knowing what it actually do and which could be dangerous such as :
1. Add 3rd party repository
2. Run command rm -rf /[/tt (DON'T RUN IT)
3. Add sudo when a command isn't working as expected

Pretty much. I'm also guilty of doing the "copy the command that I don't understand" on random forum posts on the web, when I can't seem to fix something when I was first starting out with Linux Mint a couple of years ago.

What does the rm -rf /[/tt command do though? Couldn't find info on Google. I'm aware that rm is remove, but what does it remove?

Nvm. Just realized it was a typo on your side lol.
full member
Activity: 980
Merit: 114
Regular backup of files is the key to not losing tour important files to viruses I will go for backup any day if you files are always backup you don't have much to be afraid of unless tour password is compromise and you need a change of password but apart from that backing up files is the best.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Seems like the guide is for Windows user. Hmm, should we add "Use GNU/Linux" as a way to protect ourselves from ransomware then?

Linux devices aren't prone to ransomware attacks[1]; but I think the chances of your Linux device being infected is significantly low compared to Windows devices. If your Linux device gets infected, chances are, you've done something really really stupid, or the attack was focused specifically on you.


[1] https://www.bleepingcomputer.com/news/security/b0r0nt0k-ransomware-wants-75-000-ransom-infects-linux-servers/
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
... Do not use an administrator account every day. It's a really simple way that can protect you against many malicious software and viruses...

Very good suggestion @Cryptovigi will be added to the list of course.

Actually, personally, I am always surfing using an account with no administrator privileges from obvious reasons quoted above.

My next free merit will be awarded to this post.
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
Also don't forget to encrypt files that contain sensitive data such as passwords.

Better use your common sense and keep it simple. Being suspicious and exagerating in taking precautions may have negative effects.
legendary
Activity: 3122
Merit: 1398
For support ➡️ help.bc.game

Just want to add that while following given pointers above...

..people should also used their "COMMON SENSE".

Sometimes even how powerful our security is, people used to fall on trap because of their own doings.
member
Activity: 280
Merit: 14
This are important tips that are very much often neglected.
"installing a good security software" this is very necessary your device should have a good security protection to prevent intruders
hero member
Activity: 714
Merit: 611

In your list I miss one - probably the basic thing (especially in Windows), which is very often overlooked: Do not use an administrator account every day. It's a really simple way that can protect you against many malicious software and viruses. And unfortunately, I think that 90% of users think that using an administrator's account is cool and gives the user more power in everyday use.

legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
Backup is so important for so many reasons that it's crazy not to have one...Like OneDrive, Dropbox, Google drive or other free services
...several portable harddrives and backup important documents daily to them, syncback free will do this...
if you get whacked, just reformat/reimage the OS drive and restore the documents from the latest backup drive...

BACKUP, BACKUP and one more time BACKUP!!!

Is the most important thing if you have valuable data you can't lose.
legendary
Activity: 4354
Merit: 3614
what is this "brake pedal" you speak of?
another easy method of ransonware protection is to have several portable harddrives and backup important documents daily to them, syncback free will do this. leave a drive plugged in overnight and have syncback do its backup in the wee hours of the morning. then in the morning unplug that drive and plug the next one in the rotation in. if you have several days (drives) worth of backups, all disconnected from the computer, ransomware cannot touch them.

if you get whacked, just reformat/reimage the OS drive and restore the documents from the latest backup drive.

the important thing is to have several drives that you rotate, and keep all  but one unplugged. the more drives you rotate, the better.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
In order to protect from ransomware, it is important to use good computing habits and security software.

The most important is to have a saved and tested backup of your data that can be restored in the case of an infection or any other emergency, such as a virus, malware or ransomware attack.

Backup is so important for so many reasons that it's crazy not to have one.
I use cloud back up which is amazing. Free and I can access my data anywhere and anytime. Like OneDrive, Dropbox, Google drive or other free services
legendary
Activity: 2170
Merit: 1789
Seems like the guide is for Windows user. Hmm, should we add "Use GNU/Linux" as a way to protect ourselves from ransomware then?

Btw, for extreme condition, maybe disconnecting from the internet and never connect devices from outside your environment is one of the best technique to avoid any ransomware or virus in general.
legendary
Activity: 2492
Merit: 1215
Didn't know that you are so popular.
I would like to add, that changing password frequently helps alot.

legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
In order to protect from ransomware, it is important to use good computing habits and security software.

The most important is to have a saved and tested backup of your data that can be restored in the case of an infection or any other emergency, such as a virus, malware or ransomware attack.

You should also make sure that your computers are not running remote desktop services connected directly to the Internet.
Instead, you should always use a VPN service that the computer stays hidden and is only accessible to trusted users, those who have VPN accounts on your network.

Next defensive barrier is good security software that uses behavioral detections to find and fight with ransomware. Old softs use signature detections or heuristics which is not enough these days.  
The most known is Malwarebytes Anti-Malware and is free in the basic version which is enough to scan the computer and find the threats.  Malwarebytes Anti-Malware contains behavioral detection that can prevent many ransomware infections from encrypting computer.

Make sure you are following these security habits, which in many cases are the most important steps of all:

  • BACKUP your valuable data.
  • Encrypt your files
  • Never open attachments if you do not know who sent them.
  • if you know the sender and don't trust fully try to use a sandbox or other device with no valuable data.
  • Scan all received attachments with tools like Virustotal.
  • Do not connect Remote Desktop Services directly to the Internet, use VPN service like free Hotspot Shield.
  • Windows updates should be installed as soon as they come out!
  • Update all programs frequently, especially: Java, Flash, Adobe Reader, and all other because older programs contain security vulnerabilities that can be exploited by malware.
  • Install good security software that uses behavioral detections or white list technology.
  • Use only strong passwords.
  • Never reuse this same password on other sites.
  • Make sure your SPAM filters are working in the email software (largest distribution methods for ransomware is through SPAM emails).
  • Enable the viewing of Extensions (Windows and macOS do not show the extensions of a file and makes it easy for malware distributors to trick users).
  • Be careful of what you download from the Internet (Free downloads may also come with a hidden ransomware surprise).
  • Rename vssadmin in Windows (ransomware infections will execute the vssadmin.exe command in order to delete all shadow volume copies on a computer).
  • Disable Windows Script Host (infections are installed via attachments that are script files coded in JScript or VBS).
  • Disable Windows PowerShell (Windows PowerShell is also used to install ransomware or even encrypt files).
  • Disable Remote Desktop, otherwise change the port! (If you are using it, then you should change the port to something other then the default port of 3389).
  • Setup Software Restriction Policies in Windows (Software Restriction Policies - a method that allows creating various policies that restrict folders an executable can be started from).
  • Create Application White List Policy in Windows (Software White List Policy configure Windows programs to execute only what you specify. Prevent unknown programs from running and locks the computer down completely not allowing any unauthorized programs to run).
  • Do not use an account with administrator privileges when using  Windows for everyday computer usage.
  • Never leave your network unsecured and try to make the WIFI password extremely strong.
  • If possible try to use one computer only for banking and other important things (no email, no browsing, no downloading programs or open attachments on this machine) for all online activities use a different computer, with no important data.
  • BACKUP!!!(The most important thing and guarantee for your data because sometimes after an attack the only way to restore data is to use the BACKUP copy).

Conclusion
Though it may feel like there are a lot of steps, most of them require you to just change your computing habits or perform a task once and not worry about it again.
If you follow these steps, not only will you be protected from ransomware, but also from almost all other malware.


Ochrona przed złośliwym oprogramowaniem i wirusami.
https://www.bleepingcomputer.com/news/security/how-to-protect-and-harden-a-computer-against-ransomware
Jump to: