Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

GameOver Zeus and Cryptolocker

  • 03-06-2014 05:29PM
    #1
    Walker34
    Registered Users, Registered Users 2 Posts: 425 ✭✭


    Hi,
    do these viruses only target Windows systems,......have any viruses ever been written which affect Linux OS. I use Linux and have never had any problems with this phenomenon. Am I missing something here.?


Comments

  • #2
    ZENER
    Registered Users, Registered Users 2 Posts: 6,165 ✭✭✭ZENER


    AFAIK it won't affect a Linux installation but there's a situation that I was wondering about. I use mainly Macs for my day to day stuff but I also have a Windows 2008 Server and a couple of virtual machines in VirtualBox on the Mac.

    From what I understand the crypto virus encrypts all attached drives thus making backups - while still attached - useless if you're infected. If these are directly attached drives, e.g. USB - eSATA - SATA - Firewire etc I can see how this could happen. What happens if the drives are mapped shares though ?

    Also what if you have a Virtual Machine running in VirtualBox on a Linux or MacOS machine ? Can the virus encrypt the Hard disk containing your Host OS ? My guess is it can't given the different filesystems ? Does this mean that if your attached drives are not FAT or NTFS then the virus can't attack them ?

    Ken


  • #3
    skimpydoo
    Registered Users, Registered Users 2 Posts: 5,217 ✭✭✭skimpydoo


    If you have a Linux or Mac OS machine running Windows in a virtual server they can be effected.

    The following articles maybe of use.

    http://www.theweek.co.uk/technology/58794/gameover-zeus-and-cryptolocker-how-to-protect-yourself

    http://tecdr.net/less-than-2-weeks-to-computer-doomsday-scenario/

    http://tecdr.net/cryptolocker-removal/


  • #4
    ZENER
    Registered Users, Registered Users 2 Posts: 6,165 ✭✭✭ZENER


    Meant to post back her actually !

    From what I read, unless you have a Mac specific version of the malware (there is apparently one about but I can't find any accurate info on it) then only files that the virtual machine has direct access to can be encrypted. So if you have smb enabled on your Mac shared folders then the files in those folders are accessible to Windows - assuming you've mapped them to a drive letter or have browsed to them - and they can be encrypted.

    VirtualBox also has a feature to share a folder between the 2 platforms so these files are vulnerable apparently.

    Ken


  • #5
    [Deleted User]
    Posts: 1,211 ✭✭✭ [Deleted User]


    And ensure that any network drives exposed have some sort of versioning applied for recovery.


Advertisement