<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	
	>
<channel>
	<title>
	Comments on: A Guide To Avoiding Ransomware (Part 1)	</title>
	<atom:link href="https://greycoder.com/ransomware/feed/" rel="self" type="application/rss+xml" />
	<link>https://greycoder.com/ransomware/</link>
	<description>Private Apps &#38; Services</description>
	<lastBuildDate>Thu, 26 May 2016 15:18:08 +0000</lastBuildDate>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>
	<item>
		<title>
		By: DropBear		</title>
		<link>https://greycoder.com/ransomware/#comment-251016</link>

		<dc:creator><![CDATA[DropBear]]></dc:creator>
		<pubDate>Thu, 26 May 2016 15:18:08 +0000</pubDate>
		<guid isPermaLink="false">http://greycoder.com/?p=11453#comment-251016</guid>

					<description><![CDATA[Update: Two Attacks for The Price Of One: Weaponized Document Delivers Ransomware and Potential DDoS Attack

&quot;We recently found a ransomware variant that not only holds the victim’s machine and data hostage until a ransom is paid, but also exploits the compromised machine as part of a potential DDOS attack.  This means that while the victim is unable to access their endpoint, that same endpoint is being used to deny service to another victim.  Two attacks for the price of one.”

https://www.invincea.com/2016/05/two-attacks-for-the-price-of-one-weaponized-document-delivers-ransomware-and-potential-ddos-attack/]]></description>
			<content:encoded><![CDATA[<p>Update: Two Attacks for The Price Of One: Weaponized Document Delivers Ransomware and Potential DDoS Attack</p>
<p>&#8220;We recently found a ransomware variant that not only holds the victim’s machine and data hostage until a ransom is paid, but also exploits the compromised machine as part of a potential DDOS attack.  This means that while the victim is unable to access their endpoint, that same endpoint is being used to deny service to another victim.  Two attacks for the price of one.”</p>
<p><a href="https://www.invincea.com/2016/05/two-attacks-for-the-price-of-one-weaponized-document-delivers-ransomware-and-potential-ddos-attack/" rel="nofollow ugc">https://www.invincea.com/2016/05/two-attacks-for-the-price-of-one-weaponized-document-delivers-ransomware-and-potential-ddos-attack/</a></p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: DropBear		</title>
		<link>https://greycoder.com/ransomware/#comment-250951</link>

		<dc:creator><![CDATA[DropBear]]></dc:creator>
		<pubDate>Wed, 25 May 2016 13:40:15 +0000</pubDate>
		<guid isPermaLink="false">http://greycoder.com/?p=11453#comment-250951</guid>

					<description><![CDATA[a new removal tool for removal of ransomware TeslaCryp variants (v3 or v4): 
http://support.eset.com/kb6051/]]></description>
			<content:encoded><![CDATA[<p>a new removal tool for removal of ransomware TeslaCryp variants (v3 or v4):<br />
<a href="http://support.eset.com/kb6051/" rel="nofollow ugc">http://support.eset.com/kb6051/</a></p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: DropBear		</title>
		<link>https://greycoder.com/ransomware/#comment-249674</link>

		<dc:creator><![CDATA[DropBear]]></dc:creator>
		<pubDate>Wed, 11 May 2016 14:06:34 +0000</pubDate>
		<guid isPermaLink="false">http://greycoder.com/?p=11453#comment-249674</guid>

					<description><![CDATA[Here is the latest advisory by the FBI on ransomware: 

https://www.fbi.gov/news/stories/2016/april/incidents-of-ransomware-on-the-rise 

Their advice is not to pay ransoms:

&quot;Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”  

This is definitely an altruistic recommendation but does not solve an individual’s problem if they have lost important information.

The FBI tips are addressing organizations but apply to individuals too.]]></description>
			<content:encoded><![CDATA[<p>Here is the latest advisory by the FBI on ransomware: </p>
<p><a href="https://www.fbi.gov/news/stories/2016/april/incidents-of-ransomware-on-the-rise" rel="nofollow ugc">https://www.fbi.gov/news/stories/2016/april/incidents-of-ransomware-on-the-rise</a> </p>
<p>Their advice is not to pay ransoms:</p>
<p>&#8220;Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”  </p>
<p>This is definitely an altruistic recommendation but does not solve an individual’s problem if they have lost important information.</p>
<p>The FBI tips are addressing organizations but apply to individuals too.</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: DropBear		</title>
		<link>https://greycoder.com/ransomware/#comment-249413</link>

		<dc:creator><![CDATA[DropBear]]></dc:creator>
		<pubDate>Sun, 08 May 2016 19:25:43 +0000</pubDate>
		<guid isPermaLink="false">http://greycoder.com/?p=11453#comment-249413</guid>

					<description><![CDATA[In reply to &lt;a href=&quot;https://greycoder.com/ransomware/#comment-249163&quot;&gt;DropBear&lt;/a&gt;.

Another removal tool:  
Also Microsoft has a generic malware removal tool that is updated frequently: https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx]]></description>
			<content:encoded><![CDATA[<p>In reply to <a href="https://greycoder.com/ransomware/#comment-249163">DropBear</a>.</p>
<p>Another removal tool:<br />
Also Microsoft has a generic malware removal tool that is updated frequently: <a href="https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx" rel="nofollow ugc">https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx</a></p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: DropBear		</title>
		<link>https://greycoder.com/ransomware/#comment-249243</link>

		<dc:creator><![CDATA[DropBear]]></dc:creator>
		<pubDate>Fri, 06 May 2016 17:23:08 +0000</pubDate>
		<guid isPermaLink="false">http://greycoder.com/?p=11453#comment-249243</guid>

					<description><![CDATA[The article link below is a good example of how a ransomware exploit attacked and was able to spread in a security-aware casino.  If the first victim had tried the Google drive trick, it may have been avoided.

https://threatpost.com/diary-of-a-ransomware-victim/117877/]]></description>
			<content:encoded><![CDATA[<p>The article link below is a good example of how a ransomware exploit attacked and was able to spread in a security-aware casino.  If the first victim had tried the Google drive trick, it may have been avoided.</p>
<p><a href="https://threatpost.com/diary-of-a-ransomware-victim/117877/" rel="nofollow ugc">https://threatpost.com/diary-of-a-ransomware-victim/117877/</a></p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: DropBear		</title>
		<link>https://greycoder.com/ransomware/#comment-249163</link>

		<dc:creator><![CDATA[DropBear]]></dc:creator>
		<pubDate>Thu, 05 May 2016 20:13:07 +0000</pubDate>
		<guid isPermaLink="false">http://greycoder.com/?p=11453#comment-249163</guid>

					<description><![CDATA[This is an important issue. I have the following info that I use to help with ransomware and may be of help to others but I would like to hear from others that have good resources:

Updated Ransomware Database by Enigma Software to find a description of a specific ransomware variant (disclaimer: it also promotes a scanning product): https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx 

Free cleanup and sometimes decrypt tools for various types of ransomware:
•	Alpha: http://www.bleepingcomputer.com/news/security/decrypted-alpha-ransomware-accepts-itunes-gift-cards-as-payment/
•	Android. Dogspectus: https://www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware
•	Android.SimpleLocker: https://play.google.com/store/apps/details?id=com.avast.android.malwareremoval
•	CoinVault &#038; Bitcryptor: https://noransom.kaspersky.com
•	Tesla: https://github.com/vrtadmin/TeslaDecrypt/tree/master/Windows
•	General tool: https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx
•	Rakhni: http://support.kaspersky.com/us/viruses/disinfection/10556
•	DecryptorMax or CryptInfinite http://www.bleepingcomputer.com/forums/t/596691/decryptormaxcryptinfinite-crinf-ransomware-support-and-help-topic/
•	Radamant: http://news.softpedia.com/news/radamant-ransomware-decrypted-files-can-be-retrieved-for-free-498070.shtml
•	Torlocker: http://support.kaspersky.com/viruses/disinfection/11718]]></description>
			<content:encoded><![CDATA[<p>This is an important issue. I have the following info that I use to help with ransomware and may be of help to others but I would like to hear from others that have good resources:</p>
<p>Updated Ransomware Database by Enigma Software to find a description of a specific ransomware variant (disclaimer: it also promotes a scanning product): <a href="https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx" rel="nofollow ugc">https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx</a> </p>
<p>Free cleanup and sometimes decrypt tools for various types of ransomware:<br />
•	Alpha: <a href="http://www.bleepingcomputer.com/news/security/decrypted-alpha-ransomware-accepts-itunes-gift-cards-as-payment/" rel="nofollow ugc">http://www.bleepingcomputer.com/news/security/decrypted-alpha-ransomware-accepts-itunes-gift-cards-as-payment/</a><br />
•	Android. Dogspectus: <a href="https://www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware" rel="nofollow ugc">https://www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware</a><br />
•	Android.SimpleLocker: <a href="https://play.google.com/store/apps/details?id=com.avast.android.malwareremoval" rel="nofollow ugc">https://play.google.com/store/apps/details?id=com.avast.android.malwareremoval</a><br />
•	CoinVault &amp; Bitcryptor: <a href="https://noransom.kaspersky.com" rel="nofollow ugc">https://noransom.kaspersky.com</a><br />
•	Tesla: <a href="https://github.com/vrtadmin/TeslaDecrypt/tree/master/Windows" rel="nofollow ugc">https://github.com/vrtadmin/TeslaDecrypt/tree/master/Windows</a><br />
•	General tool: <a href="https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx" rel="nofollow ugc">https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx</a><br />
•	Rakhni: <a href="http://support.kaspersky.com/us/viruses/disinfection/10556" rel="nofollow ugc">http://support.kaspersky.com/us/viruses/disinfection/10556</a><br />
•	DecryptorMax or CryptInfinite <a href="http://www.bleepingcomputer.com/forums/t/596691/decryptormaxcryptinfinite-crinf-ransomware-support-and-help-topic/" rel="nofollow ugc">http://www.bleepingcomputer.com/forums/t/596691/decryptormaxcryptinfinite-crinf-ransomware-support-and-help-topic/</a><br />
•	Radamant: <a href="http://news.softpedia.com/news/radamant-ransomware-decrypted-files-can-be-retrieved-for-free-498070.shtml" rel="nofollow ugc">http://news.softpedia.com/news/radamant-ransomware-decrypted-files-can-be-retrieved-for-free-498070.shtml</a><br />
•	Torlocker: <a href="http://support.kaspersky.com/viruses/disinfection/11718" rel="nofollow ugc">http://support.kaspersky.com/viruses/disinfection/11718</a></p>
]]></content:encoded>
		
			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/?utm_source=w3tc&utm_medium=footer_comment&utm_campaign=free_plugin

Page Caching using Disk: Enhanced 

Served from: greycoder.com @ 2026-07-09 12:10:55 by W3 Total Cache
-->