back to article Unbreakable Locky ransomware is on the march again

Cisco is warning of possible return of a massive ransomware spam campaign after researchers noticed traces of traffic from the hitherto dormant Necurs botnet. The attacks are tiny: Cisco's security team has so far found fewer than a thousand Necurs spam messages. Those numbers pale in comparison to attacks when Necurs' …

  1. Oz

    "One of the attacks delivers Locky through a twice-zipped attachment in emails with no subject or body text."

    And yet it's guaranteed that someone will open the zips, despite all the warnings given

    1. js6898


      I blame Microsoft for making the default Windows setting to hide file extensions for known file types this means for example that invoice.exe shows up as invoice I really can't understand why the setting is that way yes you can change it but the default should be to show all file extensions

      1. Halfmad

        Re: viduses

        Hey look I'm all for blaming Microsoft but we all have the tech built into Windows to help mitigate this sort of threat, just hardly anyone seems to use applocker as they're too lazy to set it up. We can also disable macro's entirely or make them run only from trusted locations etc.

        But convenience, such as running any .exe you want trumps security or even if you bother setting up applocker etc a senior manager loses his mind at not being in complete control and running local admin rights on his PC and you're back to square one.

        1. Anonymous Coward
          Anonymous Coward

          Re: viduses

          I saw an interview on tv with some woman who'd been the victim of some such ransomware and who'd lost 10years worth of family photos. She bemoaned her fate and both she and the interviewer said how people should be aware of such scams - "Don't let it happen to you!!"

          But hold on a moment, did she lose her data because of the scam or because of the lack of backups? No mention was made that she'd probably have been ok if only she'd taken a backup. She'd have been just as screwed if the HD crashed or the PC was stolen.

          Most users just expect their PC to work and haven't the first idea how to protect it, either by regular backups or not clicking on links embedded in emails or attachments.

          So while we as "IT Professionals" know what's required, not everyone does.

          1. Boothy

            Re: viduses

            Basic computer usage, such Internet safety (both malware and pervs etc), as well as why backups are important etc, aught to be a mandatory part of school IT lessons.

            At least then the kids could pass that on to their parents back home as well.

          2. Tannin

            morons and synpathy

            If she's lost 10 years worth of photos, it follows that she has gone 9 years plus without a backup.

            That's somewhere out there in the unexplored territory where you go beyond stupid, turn right, and keep going until the wheels fall off. Nine years!

            Of course, as all of us here have no doubt seen for ourselves, Beyond Stupid is commonplace, and some remarkably intelligent people do it. Even people who are generally pretty careful about things can surprise you with a complete failure to backup.

            So is this unique to computers, perhaps because people don't understand them or are subconsciously hostile to them?

            Not really. It seems to apply to other seldom-needed but vital tasks too, especially ones that are a little unpleasant, or boring, or cost a small amount of money for no tangible immediate return, or not very easy to understand.

            People go for decades without bothering to make a will; somehow manage to avoid the dentist until they have really serious pain, don't quite get around to paying the house insurance .... probably every profession can cite the dumb things people do (or more to the point don't do) which wind up hurting them badly.

            But I still reckon that complete ffailure to backup is more common and more difficult to excuse than any of them.

            I've spent my working life being polite and sympathetic to people who've just discovered that not having backups is a very bad idea. Sometimes I've been able to get their data back, sometimes not. Rule Clint applies. ("Do I feel lucky?") Win or lose though, I've always, always been sensitive to their feelings and handled them more-or-less the way an undertaker handles a bereaved family member. Underneath all that, of course, there is what I really think. Yes, yes, I do understand how easy it is to not backup, I really do. And I know, I really do know, the horrible sick feeling you get when you realise that you've really screwed something important up through your own carelessness. But you know what I really think, don't you. It's the same thing we techies all think when we see this happen: well what did you expect, you fu*king moron?

            1. Anonymous Coward

              Re: morons and synpathy

              We need a new type of windows "nagware"...

              A prompt that comes up once a month asking them to perform a backup. If after 12months they still haven't performed a backup, then the pc will be locked until they run one or click on the "Yes, I understand I am a complete and total fuckwit." button.

              1. Anonymous Coward
                Anonymous Coward

                Re: morons and synpathy

                re: Windows nagware

                Surely that sort of nagware should be present in every consumer OS then?

        2. Anonymous Coward
          Anonymous Coward

          Re: viduses

          Applocker requires a server os, enterprise, or academic licensing.

          So thats most users out then, except in the rapidly shrinking Microsoft lockin land

          1. Sandtitz Silver badge

            Re: viduses

            "Applocker requires a server os, enterprise, or academic licensing."


            With a regular Windows Pro the Software Restriction Policy can stop running executables, scripts etc from users' folders. If the end user has admin rights then this is of course easily circumvented.

            And with Windows Home edition you can use the Parental Controls.

            1. Charles 9

              Re: viduses

              "And with Windows Home edition you can use the Parental Controls."

              Which is of course useless since 9 times out of 10 the kids are better able to use the computers than the parents and quickly learn the procedure needed to unlock the controls.

              1. Sandtitz Silver badge

                Re: viduses @Charles 9

                "the procedure needed to unlock the controls."

                The procedure needed to unlock is to know the Parental Control password. If the kid has admin rights, well... there's really no way to contain the kid/user.

                Disabling any kind of chance for external boot should mitigate greatly for offline attacks but won't help if the user can remove the HDD - and Windows Home versions do not support Bitlocker.

          2. Anonymous Coward
            Anonymous Coward

            Re: viduses

            "rapidly shrinking Microsoft lockin land"

            What land is that then? Microsoft are still growing market share in server and cloud and are stable on desktop...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like