Osiris Ransomware

The war between wetware and hardware.
User avatar
Pyrrho
Posts: 25863
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6
Has thanked: 2711 times
Been thanked: 2766 times

Re: Osiris Ransomware

Post by Pyrrho » Thu Jan 19, 2017 1:39 am

Probably mentioned this already but...last year I took over webmaster duties for a client web site. Because the previous agency had displayed the client's email address publicly on multiple pages, the inbox for that address has been spammed to high heaven. I see several "FedEx" emails in the spam bin every day. When we redesigned the site I replaced the email addresses with secure contact forms that strip garbage from whatever shit gets input or copy/pasted into the form, etc.

However all it takes is one hacked email account that has your email address in a contact list. Had to block one of my brother's email addresses because it has been hacked and I was getting and continue to get all sorts of garbage from that account.
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.

User avatar
Witness
Posts: 16428
Joined: Thu Sep 19, 2013 5:50 pm
Has thanked: 1988 times
Been thanked: 2715 times

Re: Osiris Ransomware

Post by Witness » Thu Jan 19, 2017 1:47 am

I hope the NSA opens all attachments to ed's e-mails. Just to be sure, ya know… :mrgreen:

User avatar
Doctor X
Posts: 67472
Joined: Fri Jun 04, 2004 8:09 pm
Title: Collective Messiah
Location: Your Mom
Has thanked: 3374 times
Been thanked: 2140 times

Re: Osiris Ransomware

Post by Doctor X » Thu Jan 19, 2017 4:34 am

Pyrrho wrote:However all it takes is one hacked email account that has your email address in a contact list. Had to block one of my brother's email addresses because it has been hacked and I was getting and continue to get all sorts of garbage from that account.
Usually from some idiot who "mass-ccs" everyone thereby giving out legitimate addresses. I have blocked fools who do that when I tell them not to. I do not want your Aunt Gertrude who likes to masturbate to Merle Olson having my e-mail.



What?

--J.D.
Mob of the Mean: Free beanie, cattle-prod and Charley Fan Club!
"Doctor X is just treating you the way he treats everyone--as subhuman crap too dumb to breathe in after you breathe out."--Don
DocX: FTW.--sparks
"Doctor X wins again."--Pyrrho
"Never sorry to make a racist Fucktard cry."--His Humble MagNIfIcence
"It was the criticisms of Doc X, actually, that let me see more clearly how far the hypocrisy had gone."--clarsct
"I'd leave it up to Doctor X who has been a benevolent tyrant so far."--Grammatron
"Indeed you are a river to your people.
Shit. That's going to end up in your sig."--Pyrrho
"Try a twelve step program and accept Doctor X as your High Power."--asthmatic camel
"just like Doc X said." --gnome

WS CHAMPIONS X3!!! NBA CHAMPIONS!! Stanley Cup! SB CHAMPIONS X5!!!!!
AL East Champs!!

User avatar
Anaxagoras
Posts: 21441
Joined: Wed Mar 19, 2008 5:45 am
Location: Yokohama/Tokyo, Japan
Has thanked: 1383 times
Been thanked: 1173 times

Re: Osiris Ransomware

Post by Anaxagoras » Thu Jan 26, 2017 8:13 am

So I'm curious if you managed to solve this problem Ed?
A fool thinks himself to be wise, but a wise man knows himself to be a fool.
William Shakespeare

User avatar
ed
Posts: 33001
Joined: Tue Jun 08, 2004 11:52 pm
Title: Rhino of the Florida swamp
Has thanked: 437 times
Been thanked: 751 times

Re: Osiris Ransomware

Post by ed » Thu Jan 26, 2017 10:55 am

Well, there is, as far as I was able to determine, no way to decrypt the files. I happened to have a folder that was a backup which I copied along with the encrypted version, to a backup drive. I also moved all the encrypted files there. Perhaps one day a reliable decrypting algorithm will surface. That was 26gig btw. Basically all the pictures we have taken since day 1.

Quickbooks got slammed, the license files were corrupted I guess. We were going to get the latest copy which we did. Prob is that the business machine runs win7 and cannot install IE11 which is necessary for QB. That is a work in progress.

Meanwhile, I am trying to restore all the dropbox crap. Not as simple as it sounds.

I'll probably get the dropbox stuff fixed today/tomorrow. IE11? Who knows. Might just bring the machine in and nuke and pave with win10.

Also Zebra printer fucked up. Haven't looked into that yet.

How was your day?
Wenn ich Kultur höre, entsichere ich meinen Browning!

User avatar
Anaxagoras
Posts: 21441
Joined: Wed Mar 19, 2008 5:45 am
Location: Yokohama/Tokyo, Japan
Has thanked: 1383 times
Been thanked: 1173 times

Re: Osiris Ransomware

Post by Anaxagoras » Thu Jan 26, 2017 12:04 pm

Damn, that sucks.
A fool thinks himself to be wise, but a wise man knows himself to be a fool.
William Shakespeare

User avatar
Grammatron
Posts: 33453
Joined: Tue Jun 08, 2004 1:21 am
Location: Los Angeles, CA
Been thanked: 1713 times

Re: Osiris Ransomware

Post by Grammatron » Fri May 12, 2017 6:40 pm

https://www.theguardian.com/society/201 ... ber-attack
Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients.

The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS England has declared a major incident. NHS Digital said it was aware of the problem and would release more details soon.

User avatar
Pyrrho
Posts: 25863
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6
Has thanked: 2711 times
Been thanked: 2766 times

Re: Osiris Ransomware

Post by Pyrrho » Sat May 13, 2017 12:25 am

Image
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.

User avatar
Grammatron
Posts: 33453
Joined: Tue Jun 08, 2004 1:21 am
Location: Los Angeles, CA
Been thanked: 1713 times

Re: Osiris Ransomware

Post by Grammatron » Sat May 13, 2017 2:22 am

This is why we gave up freedom for NSA and "Five Eyes" so shit like this does not happen. When it does happen I expect a surgical strike inside the asshole of whomever pressed the button. Otherwise, what's the fucking point?

User avatar
Doctor X
Posts: 67472
Joined: Fri Jun 04, 2004 8:09 pm
Title: Collective Messiah
Location: Your Mom
Has thanked: 3374 times
Been thanked: 2140 times

Re: Osiris Ransomware

Post by Doctor X » Sat May 13, 2017 3:34 am

Cheaper to buy a Mac.

--J.D.
Mob of the Mean: Free beanie, cattle-prod and Charley Fan Club!
"Doctor X is just treating you the way he treats everyone--as subhuman crap too dumb to breathe in after you breathe out."--Don
DocX: FTW.--sparks
"Doctor X wins again."--Pyrrho
"Never sorry to make a racist Fucktard cry."--His Humble MagNIfIcence
"It was the criticisms of Doc X, actually, that let me see more clearly how far the hypocrisy had gone."--clarsct
"I'd leave it up to Doctor X who has been a benevolent tyrant so far."--Grammatron
"Indeed you are a river to your people.
Shit. That's going to end up in your sig."--Pyrrho
"Try a twelve step program and accept Doctor X as your High Power."--asthmatic camel
"just like Doc X said." --gnome

WS CHAMPIONS X3!!! NBA CHAMPIONS!! Stanley Cup! SB CHAMPIONS X5!!!!!
AL East Champs!!

User avatar
Pyrrho
Posts: 25863
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6
Has thanked: 2711 times
Been thanked: 2766 times

Re: Osiris Ransomware

Post by Pyrrho » Sat May 13, 2017 4:10 am

No kidding.

https://www.wired.com/2017/05/ransomwar ... ts-warned/
One reason WannaCry has proven so vicious? It seems to leverage a Windows vulnerability known as EternalBlue that allegedly originated with the NSA. The exploit was dumped into the wild last month in a trove of alleged NSA tools by the Shadow Brokers hacking group. Microsoft released a patch for the exploit, known as MS17-010, in March, but clearly many organizations haven’t caught up.

“The spread is immense,” says Adam Kujawa, the director of malware intelligence at Malwarebytes, which discovered the original version of WannaCry. “I’ve never seen anything before like this. This is nuts.”
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.

User avatar
Pyrrho
Posts: 25863
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6
Has thanked: 2711 times
Been thanked: 2766 times

Re: Osiris Ransomware

Post by Pyrrho » Sat May 13, 2017 4:11 am

At work we all got alerts from IT and even from our clients. Warnings not to open emails with attachments. Emails which contained in-line images which the system converted to attachments. :cowbell:
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.

User avatar
Doctor X
Posts: 67472
Joined: Fri Jun 04, 2004 8:09 pm
Title: Collective Messiah
Location: Your Mom
Has thanked: 3374 times
Been thanked: 2140 times

Re: Osiris Ransomware

Post by Doctor X » Sat May 13, 2017 4:55 am

Aside from the "But Mac t3h Aw3s0me!" there is a rare ransomware for Mac. To my knowledge, you have to actually give it permission to run.

Be that as it may, with external HDs being cheap these days, it pays to have multiple back-ups. Does not help corporate situations as much, I know.

--J.D.
Mob of the Mean: Free beanie, cattle-prod and Charley Fan Club!
"Doctor X is just treating you the way he treats everyone--as subhuman crap too dumb to breathe in after you breathe out."--Don
DocX: FTW.--sparks
"Doctor X wins again."--Pyrrho
"Never sorry to make a racist Fucktard cry."--His Humble MagNIfIcence
"It was the criticisms of Doc X, actually, that let me see more clearly how far the hypocrisy had gone."--clarsct
"I'd leave it up to Doctor X who has been a benevolent tyrant so far."--Grammatron
"Indeed you are a river to your people.
Shit. That's going to end up in your sig."--Pyrrho
"Try a twelve step program and accept Doctor X as your High Power."--asthmatic camel
"just like Doc X said." --gnome

WS CHAMPIONS X3!!! NBA CHAMPIONS!! Stanley Cup! SB CHAMPIONS X5!!!!!
AL East Champs!!

User avatar
Pyrrho
Posts: 25863
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6
Has thanked: 2711 times
Been thanked: 2766 times

Re: Osiris Ransomware

Post by Pyrrho » Sat May 13, 2017 5:11 am

We have local backup and off-site backup on the servers. Hopefully they've been pushing OS updates as they should be. Our IT guy is quite vigilant. Our typical laptop users, however...not so much.
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.

User avatar
Pyrrho
Posts: 25863
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6
Has thanked: 2711 times
Been thanked: 2766 times

Re: Osiris Ransomware

Post by Pyrrho » Sat May 13, 2017 5:14 am

Grammatron wrote:https://www.theguardian.com/society/201 ... ber-attack
Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients.

The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS England has declared a major incident. NHS Digital said it was aware of the problem and would release more details soon.
Last December, it emerged that 90% of NHS computers still run on Windows XP, two and a half years after Microsoft stopped supporting the operating system.
Only part of the problem, though.
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.

User avatar
Doctor X
Posts: 67472
Joined: Fri Jun 04, 2004 8:09 pm
Title: Collective Messiah
Location: Your Mom
Has thanked: 3374 times
Been thanked: 2140 times

Re: Osiris Ransomware

Post by Doctor X » Mon May 15, 2017 12:28 pm

Analysis: Dave Lee, BBC North America technology reporter

There are going to be some tough questions on Monday for those institutions which didn't do enough to keep their networks secure, as well as the organisations that were best placed to stop it happening in the first place - the NSA and Microsoft.

The NSA keeps a chest of cyber-weapons to itself so it can hit targets, but Microsoft has long argued that this is dangerous. If there is a flaw in Windows, the company said, surely the safest thing to do is to let its team know straight away so it can be fixed.

But then Microsoft also needs to consider what obligation it has to update all users - not just the ones who pay extra for security on older systems.

Updating your computer if you're an individual is a piece of cake, but for a network the size of Britain's National Health Service? Tough - time-consuming, expensive and complex.

For a company like Microsoft to say it won't keep those systems safe unless they shell out more money, then that in itself, I think, is something of a ransom.

Bugger'd by Colonists
--J.D.
Mob of the Mean: Free beanie, cattle-prod and Charley Fan Club!
"Doctor X is just treating you the way he treats everyone--as subhuman crap too dumb to breathe in after you breathe out."--Don
DocX: FTW.--sparks
"Doctor X wins again."--Pyrrho
"Never sorry to make a racist Fucktard cry."--His Humble MagNIfIcence
"It was the criticisms of Doc X, actually, that let me see more clearly how far the hypocrisy had gone."--clarsct
"I'd leave it up to Doctor X who has been a benevolent tyrant so far."--Grammatron
"Indeed you are a river to your people.
Shit. That's going to end up in your sig."--Pyrrho
"Try a twelve step program and accept Doctor X as your High Power."--asthmatic camel
"just like Doc X said." --gnome

WS CHAMPIONS X3!!! NBA CHAMPIONS!! Stanley Cup! SB CHAMPIONS X5!!!!!
AL East Champs!!

User avatar
Grammatron
Posts: 33453
Joined: Tue Jun 08, 2004 1:21 am
Location: Los Angeles, CA
Been thanked: 1713 times

Re: Osiris Ransomware

Post by Grammatron » Mon May 15, 2017 6:49 pm

Updating your computer if you're an individual is a piece of cake, but for a network the size of Britain's National Health Service? Tough - time-consuming, expensive and complex.
I take issue with that statement.

User avatar
Doctor X
Posts: 67472
Joined: Fri Jun 04, 2004 8:09 pm
Title: Collective Messiah
Location: Your Mom
Has thanked: 3374 times
Been thanked: 2140 times

Re: Osiris Ransomware

Post by Doctor X » Mon May 15, 2017 8:30 pm

You have never used the National Health. Image

--J.D.
Mob of the Mean: Free beanie, cattle-prod and Charley Fan Club!
"Doctor X is just treating you the way he treats everyone--as subhuman crap too dumb to breathe in after you breathe out."--Don
DocX: FTW.--sparks
"Doctor X wins again."--Pyrrho
"Never sorry to make a racist Fucktard cry."--His Humble MagNIfIcence
"It was the criticisms of Doc X, actually, that let me see more clearly how far the hypocrisy had gone."--clarsct
"I'd leave it up to Doctor X who has been a benevolent tyrant so far."--Grammatron
"Indeed you are a river to your people.
Shit. That's going to end up in your sig."--Pyrrho
"Try a twelve step program and accept Doctor X as your High Power."--asthmatic camel
"just like Doc X said." --gnome

WS CHAMPIONS X3!!! NBA CHAMPIONS!! Stanley Cup! SB CHAMPIONS X5!!!!!
AL East Champs!!

User avatar
Grammatron
Posts: 33453
Joined: Tue Jun 08, 2004 1:21 am
Location: Los Angeles, CA
Been thanked: 1713 times

Re: Osiris Ransomware

Post by Grammatron » Mon May 15, 2017 10:05 pm

Doctor X wrote:You have never used the National Health. Image

--J.D.
Certainly not! I have all my teeth.

However, my issue was with an other part "...if you're an individual is a piece of cake." That assumes too much.

User avatar
Pyrrho
Posts: 25863
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6
Has thanked: 2711 times
Been thanked: 2766 times

Re: Osiris Ransomware

Post by Pyrrho » Mon May 15, 2017 10:40 pm

Agreed. Articles provide helpful links to the Microsoft catalog of updates. Which one should the "individual" use? Good luck figuring that out!
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.