Russian hackers infiltrated my system yesterday. They got me. Fuckers.
Waking up to that kind of a loss yesterday, I had very little to say. From what I can tell, its the newest version of Ransomware and nothings recoverable. I don’t even know how I got it. But if you haven’t yet, go backup your files, invest a few bucks into securing your machine. I deserve this for being a moron and for thinking I am smart enough to prevent something like this from happening.
On the day I bought shares of $CARA this morning at $7.40 and am long /CL again here for a bounce. I love $BIDU here, tempted to take $BITA, $VIPS, $DK, $STMP, $CIEN.
As for the market, I don’t want to talk about this fucking range anymore to be honest. A rally cometh soon.
More later,
OA
If you enjoy the content at iBankCoin, please follow us on Twitter
wait…. u were actually hacked? & not just like “Twitter accoubt hacked”?
Picked up a virus somehow. Probably from my comments section here.
My bad
OA
That is sad to hear. Do you know any software that can prevent it?
I’ve been infiltrated by 1 taiwanese and 1 russian ip
what do you suggest for full-grade protection ( to the machine that hold account numbers , trading , and a bunch of other personals )
I’ve changed passwords allthrough since but do not feel safe at all
Ransomware doesn’t steal data it just makes it impossible to access files without paying for a key. Cost is usually a few hundred bucks. I had it once on an old laptop and never paid. Now I backup everything into cloud.
is there a sofwatre prevention other then backup of data ?
Not if someone gets into your system with administrative rights
PC magazine has a good reputation as trustworthy and credible. Here is their article on this.
The Best Antivirus Protection of 2016
http://www.pcmag.com/article2/0,2817,2372364,00.asp
ESET NOD32 antivirus is effective. Free download for the program on the ESET site. I’ve heard there are username/password combos for trial activation floating around out there on the social medias, but haven’t looked myself (paid user).
Great move in $grub. I want to test this space below, but I’ve been punished every time lately.
The ABSOLUTE number one thing to change that most people make the mistake of doing is to use an administrator enabled account for your everyday log-in. If you click on something nefarious, it will run and you are hosed.
As far as antivirus, run 2 signature based services. Myself, I run Microsoft defender (free with windows) and MalwareBytes (inexpensive and unobtrusive). For the average person, this will catch most things.
For passwords, do not use the same password for every site you register with. Unskilled hacker thiefs will try to use your compromised user name and password on other sites, namely financial ones, so you need to be careful. For things that handle money, you want to use 2-factor login wherever possible the inconvenience protects you.
I’m mad @ number of password and changing them from time to time , cant see a safe way to store them beside paper . usually sites ask for combined characters/numbers too so
Nothing wrong with paper, just don’t leave it out.
Or use a base password like JeffisAwesome and then add 3-4 characters to the end that you can remember. Due to computing capabilities, passwords should be 16+ characters long. I know, it sucks
that’s what i do , but after changing numbers and orders 10 times for 2-3 recurrent pass , and being around far from passw sometime i got some pain in the ass for not being able to access something that i needed
How do you make sure you are not signing on with administrator rights Kamel ?
easy way to know is if you try to install new software or an update (try to install an update to Flash player for an easy test). If you can do it without entering in a password or being prompted to use an Admin account, then you are using your system in administrative mode.
You can also go into settings and look at the accounts tab/folder. it will tell you if it is a user account or an admin account.
These apply to Window based PCs. Not sure about Macs because I have never used them.
Thanks.
My worst nightmare. Watched episode 2 of the new Black Mirror and I have my webcam camera covered now too.
1. Norton for about $100/year (Windows defender doesn’t do shit)
2. Malwarebytes free version – scan weekly
3. Don’t open ANY social media sites (especially TWTR) while your live charts are running
4. Never visit news aggregator sites and don’t open e-mail from people you don’t know
5. No porn, no video, no streaming anything
Personally, I run 2 computers. Main one is trading only. Secondary is everything else.
Re-install Windows any time there is a doubt.
Back-up is an option, but how do you know that your back-up files are not compromised already. Cloud is NOT a back-up – it’s even bigger security risk – you just give your files to god knows who… I print and write down on paper everything that’s important
JM2c
in fact I store pretty nothing of sensible in the cloud , the biggest private-data-steal business at present , for the main companies that run the social world nowdayas ( read MS GOOG FB TW and any mail / service company that offer you storage )
in other words : I’m 100% sure they want you to cloud youself into them , to gain from you ; when they do it , they 100% sure do not save anything in doing it .
That is not where the risk lies – essentially cloud has moved individual servers into a mainframe-esque environment that is redundant and connected globally.
The main conern is not someone stealing your data, but what happens if you are unable to retrieve your data ala the attacks that were going on this past Friday against the DNS architecture.
My point is: there is no safety or security on internet.
Never was, never will be.
I think that over-reliance of everything upon inter-connectivity and availability is very dangerous and will lead to big fucking mess one day. No need to live in fear or prepare for this inevitability, since nothing lasts forever and never happens as intended, just realize that all things digital are an illusion…
I think I need a pill
😉
The internet was not designed to be secure, it was designed to be an open architecture to allow exchange of information
Malwarebytes Premium is by far the best.
this plus defender is what me and most of the cybersecurity professionals in our office use. What is funny is that we came to discover this after we had been using the solution for a few months without consulting with each other.
That being said, this is still ineffective against ANY new variant out there (zero day exploit). Until a signature is developed, your scanner is ineffective.
I know of one company that has a good non-signature based technology, but it is focused on enterprises and not individual users (Cylance).
Damn hackerz.
Love that CARA chart.
primary vector for ransomware software is phishing emails. before you say I would never click on one of those, our company runs phishing exercises for companies where we generate and send out phishing emails that link to phishing training if clicked. We also gather info on the person who clicked system to see what is running and what could potentially be exploited. Our success rates are >40% EVERY time we run this. We normally send emails out to ~300 users on a network.
This is part of the reason why I believe cyber security stocks are having issues – no matter what cool tools are deployed, the USER is the problem and it only takes ONE person to foil and entire suite of protection tools. Now just because someone opens a phishing email doesn’t necessarily mean the end of the world, but this is where how your network is configured makes a difference and what is actually available to the attacker. However, to a company, if they believe that no matter what they do they are screwed, then why would you invest in cyber-security if there are no guarantees? It turns into a return on investment questions and how do you prove that what you do will save money for a company? At that point, cyber-security becomes nothing but a tax that only comes into play IF something happens.
Nice entry in HMSY right now, I should’ve waited til today
I combed a few earnings plays. Interestingly, volatility is dropping into earnings on these names. Generally speaking elevated from last quarter but quite a bit lower than the previous quarters.
A strange bunch of names. $SWKS is my hunch. That’s the type of name that’s killing it this quarter. $WFM is at the spot that it always bounces (until this time!). $SCTY is probably stupid since they’re being bought, but it’s not trading like it’s being bought so I wonder if there’s movement to be had. Hospitals looked kind of interesting when I was chart surfing so I threw one on there.
Charts:
http://finviz.com/screener.ashx?v=211&f=earningsdate_nextweek,sh_curvol_o750,sh_price_o7&t=wfm,scty,clvs,cyh,sq,swks
AND $FEYE reports (in case you have more money than you know what to do with. That’s a good way to make some go away.)
OA – Any thoughts on $SBNY or $OZRK?
$SBNY best look.
Thanks.
TSLA! Oink!
Weeee!
Sold at open. Actually don’t mind it here, but discipline compels me to stick to the script.
sold only half at open oh well
Very mixed last few days. Booked WFC and will reenter on wkness. BIDU, TSLA, BIIB not doing much and got blown out of TDC. May add to BIDU tomorrow.
Tor browser, block all scripting, problem solved.
This will help for malware propagated from websites, but will not help for malware derived from phishing emails.
This is a best practice, however most people don’t do this because they like to have scripting/flash/Java enabled to keep website functionality.
Stock websites usually use flash or silverlight plug-ins to run charting tools and automatic updates. You can allow specific site only to run these controls, but again, you have to start getting down in the weeds which is something most user can’t or don’t want to do.
I can’t say that I do it myself (I’m on a Mac), but another option is to web surf / email / etc. from within a virtual machine, keeping it isolated from the host machine.
For most things that risk infections, there is little if anything that you need to save or change on the machine itself. Just take a snapshot when you’ve got it set up the way you want it, and if it ever has issues, revert to the snapshot (and then update security & take a new snapshot). You would need to be careful if you do save and share files between the VM and host machine.
Two machines is better since there’s less chance of crossing over as long as you don’t click the same phishing email on both or share potentially infected files between them, but a virtual machine is probably better than nothing.
Moving forward, right? Nothing that can be done to undo or recover?
That is correct. Right now you need a decryption tool to be developed to your situation. Older ransomware has been worked on and there are some tools/keys available to unlock hard drives, but for newer ransomware, those tools have not yet been developed
If you have backups of your files or PC image somewhere other than your PC’s hard drive, and they predate the infection, you could try to recover to that. Otherwise I think not.
At least for me.. no inspiring setups.. meekly looking at TGT, YY, CLVS, PRGO, COH, SNCR..
stopped out of JAZZ and BIDU. BIDU hasn’t been below 200 day for 2 months. Earnings today should be interesting.
These recent IPO’s are getting blown the fuck up.
Bot SPLK.
Make a Ubuntu live USB drivers and log back on your system to recover the file you need. The virus is written for Windows so you should still be able to access your drive.
It should take in total something close to 3h.