An American Editor

March 18, 2016

Articles Worth Reading: Ransomware Strikes Again

Filed under: Articles Worth Reading,Computers and Software — americaneditor @ 5:33 am
Tags: , ,

The Ars Technica article, “Big-Name Sites Hit By Rash of Malicious Ads Spreading Crypto Ransomware,” is worth a few minutes of reading time. We have discussed ransomware previously (see, e.g., “Articles Worth Reading: More on Ransomware,” “Articles Worth Reading: Inside CryptoWall 2,” and “The Business of Editing: Playing It Safe“) and as I reported in an earlier essay, I was struck by ransomware, although I was able to fix the problem without paying a ransom.

This article addresses a problem I would not have expected — ransomware at big name websites. I encourage you to read the article and to develop a strategy for dealing with the growing problem of ransomware.

Big-Name Sites Hit By Rash of Malicious Ads Spreading Crypto Ransomware

We rely on our computers for our livelihood. Protecting ourselves is a worthwhile investment.

Richard Adin, An American Editor

August 7, 2015

Worth Reading: MIT Claims to Have Found a “Language Universal” that Ties All Languages Together

As manipulators of language, editors have an interest in the origins and connectedness of languages. Noam Chomsky has theorized that all languages are interconnected via an “universal connector.” Proving his theory has been challenging, but MIT thinks it has done so based on a study of 37 languages.

Alas, the original article, which appears in the Proceedings of the National Academy of Science U.S.A., is behind a paywall ($10 buys access for 2 days). However, Ars Technica provides a summary and if you click the DOI at the end of the article, you can read the official abstract:

MIT claims to have found a “language universal” that ties all languages together: A language universal would bring evidence to Chomsky’s controversial theories.

Has MIT made the connection? Is there an “universal connector” as Chomsky theorized? What do you think?

Richard Adin, An American Editor

January 10, 2015

Articles Worth Reading: Inside CryptoWall 2

A bit more than a year ago, I wrote about my experience with ransomware in “Business of Editing: URLs, Authors, & Viruses.” A week later, I followed it up with “Articles Worth Reading: More on Ransomware.” And just a few weeks ago, I wrote “The Business of Editing: Playing It Safe” in which I discussed Sandboxie.

Well, here we go again.

If you have been dithering about Sandboxie or similar protection, I encourage you to read “Inside CryptoWall 2.0: Ransomware, Professional Edition” from Ars Technica. As the article notes:

The installation components of CryptoWall 2.0 are cloaked by multiple levels of encryption, with three distinct stages of installation each using a different encryption method to disguise the components installed. And like many modern pieces of malware, CryptoWall 2.0 has a virtual machine check in its code that disables the attack when the malware is installed within a virtual instance—in part to prevent security researchers from isolating and analyzing its behavior.

The VM checker code, in the first stage of CryptoWall’s dropper sequence, checks the system for running processes, searching for VMware and VirtualBox services or the Sandboxie application partitioning library. If the coast is clear, the code does some best practices-based memory handling to release memory used in the initial drop mode, then launches another dropper disguised as a Windows Explorer process.

Note that before it tries to install itself, CryptoWall searches for a running process like Sandboxie. If it finds Sandboxie (or similar software) running, it doesn’t go any further; if it doesn’t find Sandboxie running, it proceeds to the next installation step.

Since I originally bought Sandboxie, the licensing has changed. Now you can buy a lifetime license for up to 3 home computers for $49.95 or for 5 computers for $74.95. For just 1 computer, the lifetime license is $34.95. For pricing information click here. (Again, I have no connection or interest in Sandboxie other than having bought a license for my computers.)

I think the price is cheap for the protection it affords. And contrary to popular belief, your antivirus and malware programs do not protect against ransomware. Although ransomware exploits holes in the operating system, it does not attack the operating system, which is what antivirus and malware programs protect against; ransomware attacks your data files — your Word documents, your text files, your picture files, and the like — by encrypting them, not destroying them.

If you haven’t yet checked out a program like Sandboxie, I encourage you to do so.

Richard Adin, An American Editor

Blog at WordPress.com.

%d bloggers like this: