{Warning}: Fake 'Lost Files' Data Wiper Poses as a Windows Security Scanner

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: MATHReX on October 04, 2019, 03:39:14 PM

That's the thing with anti-virus software, they won't protect us from human error.

In fact, in most cases good AV which is regularly updated with the latest av/antimalware definitions and heuristic analysis can protect us from our own mistakes.
That's exactly what security software is for, for prevention and not only for cleaning the operating system when it is infected with virus/malware.

Ransomware protection is work in way that such software is trying to disable access to the location where ransomware is first trying to encrypt user data. Another method is to create fake files, something like bait for ransomware, and if such files get changed in any way, security software will try to delete/quarantine ransomware.

Any kind of protection is better than none, but the paid solutions of reputable companies are my only choice when it comes to protecting my computer.

Orange Mango

member

Activity: 130

Merit: 10

This happens with many ant-virus, prizes, inheritance and many other things, forst they create panic and then they shorten the time you have to react so that you panic while trying to quickly make a decision because you are afraid of the consequences that you are being "warned about" you can tell that by the red clour they put around the message so it screams at you. When I read messages like this I just ignore them. Most are filtered.

nakamura12

hero member

Activity: 2268

Merit: 669

Bitcoin Casino Est. 2013

Quote from: Lucius on October 04, 2019, 08:36:49 AM

So far there is no payment to posted address, but that does not mean that no one has become a victim of this ransomware. The majority does not want or can not pay the requested amount, or they want to pay, but they don't understand how to do it with BTC.

The best protection from ransomware is a regular backup, but even better is to prevent something like that from happening. Always be careful what you download, use good antivirus/antimalware/firewall with updated definitions, to put it more simply lock the door of your device to prevent unwanted guests from visiting you.

Some security programs have ransomware protection (Malwarebytes Premium), the only question is how effective it is when the attack occurs.

It may be true that there are people who fell for this trick already that these criminals made. They may have change the bitcoin address shown in there to make it look like they haven't steal bitcoins from their victims. IMHO, some antivirus/antimalware doesn't protect your device that much especially the free ones. As you mentioned, you are not even sure about the protection even if it's premium.

MATHReX

sr. member

Activity: 861

Merit: 281

The only reason I have a virtual machine on my PC when I want to download some stuff to check.
That's the thing with anti-virus software, they won't protect us from human error. That's why it is so important to think thrice before opening even a file from an unknown source.

MichaelX

newbie

Activity: 27

Merit: 27

This is a modern form of a social engineering attack.

They fool you into downloading and running the trojan by posing as some authority or someone you know or trust.

The prudent thing to do is open a new browser window and type in some of the words that appear, to search for them, and see if you come up with anything.

If you really need some sort of functionality, it is better you look for it yourself. A good data wiper would be something known like Eraser, or to wipe the drive would be DBAN.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

So far there is no payment to posted address, but that does not mean that no one has become a victim of this ransomware. The majority does not want or can not pay the requested amount, or they want to pay, but they don't understand how to do it with BTC.

The best protection from ransomware is a regular backup, but even better is to prevent something like that from happening. Always be careful what you download, use good antivirus/antimalware/firewall with updated definitions, to put it more simply lock the door of your device to prevent unwanted guests from visiting you.

Some security programs have ransomware protection (Malwarebytes Premium), the only question is how effective it is when the attack occurs.

DdmrDdmr

legendary

Activity: 2310

Merit: 10758

There are lies, damned lies and statistics. MTwain

Sounds like the modern version of those scum lowlifes that call you pretending to be from Microsoft support, claiming that you have a "virrrusss" on your computer, which they will kindly remove after you give them remote access to install their removal tools.

All things said, one should never download and run any programs, less of all if it comes "proactively" via email. We should take the extra 5 or 10 minutes it takes to validate everything against the alleged original source (in this case Microsoft) to see if there is such a tool, and of there is, download it from there if (and only if) necessary.

Baofeng

legendary

Activity: 2576

Merit: 1655

Quote

A Windows Security Scanner that states it encrypted your files is being distributed by spam, but whether by bug or design, it instead corrupts binary data in a victim's files.

A few minutes later, it will show what appears to be a ransom screen from the Lost Files Ransomware. This screen tells you that you need to send $500 USD in bitcoins to the 13nRGetwvc7UZF8P5KM9bWqHGK6tMk7wyf bitcoin address in order to decrypt your files.

https://www.bleepingcomputer.com/news/security/lost-files-data-wiper-poses-as-a-windows-security-scanner/

Just giving everyone a heads-up specially that the cyber criminals are asking for BTC here.

So far no one has fallen for this trick because it was detected early. Unlike WannaCry wherein it has amassed thousands of dollars. So just be careful!!!

Topic: {Warning}: Fake 'Lost Files' Data Wiper Poses as a Windows Security Scanner (Read 161 times)