|
anthonypants posted:his initial reaction was "shucks i'm just glad that worked i had no idea what it would do" and now it's "well in my lab i simulated what putting the site back up would do, and then i sprung into action!!!!!!!" Phone posted:just wait until next time when the next wave of ransomware triggers in the opposite direction
|
# ? May 16, 2017 04:33 |
|
|
# ? May 22, 2024 13:12 |
|
RISCy Business posted:i love pfsense but the prebuilt stuff is pretty expensive, and i don't want to roll my own because i suck at it you don't need a dedicated interface for drac. bind it on to LOM1 and use a tagged vlan
|
# ? May 16, 2017 04:35 |
|
The malware author could of course trigger that themselves at any point, and would likely do so at the time that suits them best. But it's not like the people affected are going to see it that way.
|
# ? May 16, 2017 04:41 |
|
yeah, the guy that stopped a computer worm from encrypting a shitload of documents is definitely a bad guy (?)
|
# ? May 16, 2017 06:03 |
|
Magic Underwear posted:yeah, the guy that stopped a computer worm from encrypting a shitload of documents is definitely a bad guy (?) i agree, we should absolutely reward results above all else and not consider whether someone made a huge gamble on behalf of a lot of other people when he wasnt in a position to even know if there were odds, let alone what they were. shoot first, shoot later, shoot some more, just keep shooting until all the (bad?) guys are dead, right?
|
# ? May 16, 2017 06:10 |
|
teamdest posted:i agree, we should absolutely reward results above all else and not consider whether someone made a huge gamble on behalf of a lot of other people when he wasnt in a position to even know if there were odds, let alone what they were. i find it pretty appalling that you would post here knowing that the presence of your post could be the coded trigger to engage a massive botnet or even a nuclear bomb. how can you justify making such a huge gamble on behalf of a lot of other people?
|
# ? May 16, 2017 06:13 |
|
lol you're a loving idiot and him registering that domain without testing in a DNS environment that first claimed to be SOA for that domain is reckless as hell
|
# ? May 16, 2017 06:38 |
|
what worse thing could have possibly happened if the domain check turned out to do something else? i'm geniunely curious i can't think of anything i guess maybe the ransomware deletes all the files but given how few people paid the bounty that wouldn't have mattered
|
# ? May 16, 2017 07:05 |
|
fisting by many posted:what worse thing could have possibly happened if the domain check turned out to do something else? i'm geniunely curious i can't think of anything deleting the files or just wiping the computers its on
|
# ? May 16, 2017 07:08 |
|
http://www.hollywoodreporter.com/news/disney-chief-bob-iger-says-hackers-claim-have-stolen-a-disney-movie-1003949
|
# ? May 16, 2017 07:16 |
|
hifi posted:deleting the files or just wiping the computers its on thats the way to salvation anyway
|
# ? May 16, 2017 07:17 |
hifi posted:mikrotik. latvia strong ???
|
|
# ? May 16, 2017 07:34 |
|
shadowbrokers are getting more and more amusing by the month https://steemit.com/shadowbrokers/@theshadowbrokers/oh-lordy-comey-wanna-cry-editionquote:Q. What is being difference between ransom and sale?
|
# ? May 16, 2017 07:48 |
|
Kuvo posted:cant wait for these to ship with a 18 month out of date version of lollipop that never gets patched can't wait to buy a used car with a 10-year-old version of android on it
|
# ? May 16, 2017 07:58 |
|
so what is tsb trying to do they're not trying to make money, they would just sell individual exploits. they're not trying to cause chaos, they wait for patches they're not trying to embarrass the usgovt, they'd just post how easy it was to own them for that or at least there'd be more fuckery than a tool dump are they just in it for the meme fame
|
# ? May 16, 2017 08:19 |
|
fisting by many posted:what worse thing could have possibly happened if the domain check turned out to do something else? i'm geniunely curious i can't think of anything You're basically activating an unknown function of the malware so there are a whole bunch of outcomes that are bad. Activating a secondary exploit to allow it to spread further, erasing files, initiating a ddos... I mean the fact is that registering the domain disabling the malware is a really unlikely outcome, made possible only by the incompetence of the author.
|
# ? May 16, 2017 08:20 |
|
Daman posted:so what is tsb trying to do at the very least they have a very relaxed command structure that seems to allow them to have all the fun in the world, and they don't care who knows it
|
# ? May 16, 2017 08:22 |
|
Daman posted:so what is tsb trying to do i like to imagine that tsb is just the nsa doing a fund raiser
|
# ? May 16, 2017 09:37 |
|
Wiggly Wayne DDS posted:In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. lmao
|
# ? May 16, 2017 10:02 |
|
hifi posted:deleting the files or just wiping the computers its on what's the over/under on days until a new variant of wannacrypt shows up that checks for a different dns record and then does this. a week? two weeks?
|
# ? May 16, 2017 10:50 |
Zamujasa posted:what's the over/under on days until a new variant of wannacrypt shows up that checks for a different dns record and then does this. a week? two weeks? this week per some estimates i've seen
|
|
# ? May 16, 2017 10:53 |
|
i doubt we'll see a variant that does this from the original creators, they've had multiple domains already though: https://docs.google.com/spreadsheets/d/1XNCCiiwpIfW8y0mzTUdLLVzoW6x64hkHJ29hcQW5deQ/pubhtml code:
|
# ? May 16, 2017 11:05 |
|
quote:www.ayylmaotjhsstasdfasdfasdfasdfasdfasdfasdf[.]com no way
|
# ? May 16, 2017 11:24 |
|
Ur Getting Fatter posted:no way
|
# ? May 16, 2017 11:34 |
|
RISCy Business posted:https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168 wcry fact sheet posted:The filetypes it looks for to encrypt are: my hand-ripped .flacs off 70s japanese avant-garde jazz are safe e: that i keep on the mri machine running xp embedded in the local hospital Instant Grat fucked around with this message at 11:58 on May 16, 2017 |
# ? May 16, 2017 11:53 |
|
lmao
|
# ? May 16, 2017 11:58 |
|
Your Linux iso and midi collections however are not
|
# ? May 16, 2017 12:01 |
|
it's ok, i converted all my midis to flac once it became clear good synths are no longer a thing
|
# ? May 16, 2017 12:15 |
|
another victory for free software
|
# ? May 16, 2017 12:29 |
|
kinda weird that they're doing vmdk but not vhd/vhdx
|
# ? May 16, 2017 13:02 |
|
lol nothing important is on hyper-v
|
# ? May 16, 2017 13:21 |
|
angry_keebler posted:i like to imagine that tsb is just the nsa doing a fund raiser A bake sale, but with zero days
|
# ? May 16, 2017 13:43 |
|
Instant Grat posted:my hand-ripped .flacs off 70s japanese avant-garde jazz are safe cryptolocking gave my flac rips a warm sound that you just can't get with regular flac files
|
# ? May 16, 2017 14:09 |
|
someone weaponized eternalblue to mine monero(?) as early as the end of april evidently no one noticed until now
|
# ? May 16, 2017 14:11 |
|
Phone posted:cryptolocking gave my flac rips a warm sound that you just can't get with regular flac files i was about due to overwrite my 192 kHz 24-bit lossless audio files with fresh copies to prevent bitrot and retain the warm, crisp sound of a freshly written file, thanks to wannacry for doing it for me. $300 was a bargain
|
# ? May 16, 2017 14:17 |
|
infernal machines posted:someone weaponized eternalblue to mine monero(?) as early as the end of april
|
# ? May 16, 2017 14:18 |
|
hmm, idea for some niche ransomware. target audiophiles and reencode all their lossless files as 64 kbps mp3s
|
# ? May 16, 2017 14:34 |
fins posted:hmm, idea for some niche ransomware. target audiophiles and reencode all their lossless files as 64 kbps mp3s wannakrrshhry
|
|
# ? May 16, 2017 14:42 |
|
npr this morning had some chucklefuck "bitcoin forensics company" talking about how they've discovered hints that wannacry might be from north korea!!!!!! don't ask why we came to this conclusion just think about scary north korea!!!!
|
# ? May 16, 2017 14:47 |
|
|
# ? May 22, 2024 13:12 |
|
Magic Underwear posted:yeah, the guy that stopped a computer worm from encrypting a shitload of documents is definitely a bad guy (?) You're a loving idiot. Don't post in this thread again.
|
# ? May 16, 2017 14:54 |