Jump to content




IAMS - Initiative Against Malicious Scripts


63 replies to this topic

#61 Cloud Ninja

  • Members
  • 361 posts

Posted 15 July 2016 - 07:20 PM

View Postbauen1, on 15 July 2016 - 07:15 PM, said:

View PostCloud Ninja, on 15 July 2016 - 06:57 PM, said:

View PostH4X0RZ, on 15 July 2016 - 06:52 PM, said:

View PostCloud Ninja, on 15 July 2016 - 06:44 PM, said:

View PostKingofGamesYami, on 15 July 2016 - 05:47 PM, said:

That's too complicated CloudNinja. Simply remove all modems from the computer - the virus will error on line 4, allowing you free access.
This is true as well lol.

Also you actually can't disk-unlock it because it disables every setting xD
Yes you can. The code fox posted didnt block disk hijacks.

It does on line 10 but you can (if you set a label) break the computer and put it in a drive and remove the startup
Incorrect, the line says "settings.set("shell.allow_startup", true)"
Which allows startup files.

#62 KingofGamesYami

  • Members
  • 3,002 posts
  • LocationUnited States of America

Posted 15 July 2016 - 07:22 PM

No it does not. He calls set, but never saves it so the setting does not persist through a reboot.

@CloudNinja - actually, that's the normal startup file. The part where he sets all other settings to false (including the one for disk startup) would do it, if he bothered to call settings.save.

Edited by KingofGamesYami, 15 July 2016 - 07:23 PM.


#63 FoxData

  • Members
  • 159 posts

Posted 15 July 2016 - 10:07 PM

Lur made the virus and messed all my stuff up. We traced back the krist address and it landed at lur. Lur even told us all his krist addresses.

Even more details:
Name: Cryptolocker
Type: Krist Demanding ransomware
Made by: Lur
First Victim: FoxData Inc
Spreads: No
Uses: Rednet
Created on: 15/07/2016 at 5PM
Easy to remove: Yes

We've finished our investigation into this, So now just add it to any definitions.

#64 Saldor010

  • Members
  • 467 posts
  • LocationThe United States

Posted 16 July 2016 - 12:06 AM

View PostFoxData, on 15 July 2016 - 10:07 PM, said:

Lur made the virus and messed all my stuff up. We traced back the krist address and it landed at lur. Lur even told us all his krist addresses.

:lol: +1 to Lur for spreading a virus to people on his own server, this just made my day.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users