Tuesday, 24 January 2017

Adventures in BitCoin Land

If you need a bitcoin consultant/middle man to help you with a bitcoin transaction. I am now your man! I found that purchasing and transferring bitcoins is neither simple, nor quick if you haven't done it before and don't have the necessary accounts. As you will read below, it took a week of trial and error and patience to get setup and authorized to buy and sell bitcoins.

I recently had a customer who fell victim to a Crytolocker virus infection, which encryted all of their files and made them unusable. They were running active virus protection at the time, but it wasn't enough to stop the infection from happening. They didn't have a recent backup of their data, so they decided to try paying the ransom to get their files back.

The ransom note on the screen told them that they needed to contact the hackers at an email address to arrange for payment. Including information about the encryption key in the email, so the correct decryption key could be sent back, once payment was made.

The resulting payment notice email came in. It demanded 1 bitcoin (valued at about $845.00 CDN) be sent to the accompanying wallet address. Once payment was received, the email promised to send along a decrypting program that would unlock all the files once again.

Since the customer had decided to pay the ransom, it became my job to help obtain a bitcoin and make the payment. Here's where the fun really starts!

The bitcoin network has been active since about 2008. Bitcoins themselves are a digital currency which is valued like a stock on the stock market. The value of 1 bitcoin is always changing, and has gone from a value of $1 USD in April 2011 to today's market value of about $650 USD per bitcoin traded.

The private nature of bitcoin transactions is attractive to the darker side of the internet. Hackers and Crypto kidnappers can receive bitcoins without fear of being directly exposed. They send you a digital address (or wallet), and you send bitcoin to that address without knowing anything about the owner. The receiver of the bitcoin can then change it back into "real" money if desired using a bitcoin exchange. Members of a bitcoin exchange generally have to provide ID and be authenticated, but the source of their bitcoins is never questioned.

So, never having dealt with bitcoin before, I started looking into how to go about getting a bitcoin and making the payment.

Unlike other currencies, bitcoins can't be bought at the bank. There are a few physical locations that offer bitcoin trading in person, but most businesses are online only.

To purchase a bitcoin, you have to join a trading site of some kind. It was initially my intention to pay for the bitcoin with a credit card, but I soon found out that, due to the high occurrence of fraud and charge backs on credit cards used for bitcoin purchases, a new user had to make a number of small purchases over several weeks to authenticate the card and authorize it for larger purchases. This meant I couldn't use a credit card for the purchase, as I needed 1 bitcoin, and the site would only let me buy about .2 of a bitcoin!

So, back to the drawing board. I next found a trading site based in Canada that offered payments in familiar ways like e-trasfers for up to $2000 CDN. Perfect!

After signing up and completing the basic authentication, I found that I STILL couldn't buy what I needed, as in order to use e-transfers, you had to complete a level 2 authentication, which involved uploading documentation and ID to prove who you where.

I diligently gathered the required documents and uploaded them to the site to complete the authorization. Three days later I received a call to confirm my identity, and I was finally authorized to buy bitcoins! The total time elapsed to get to this point was 5 days!

I arranged for the e-transfer to send money into my account at the exchange. The site claimed it could take up to 24 hours to complete, but it was done by the next morning.

Finally, I was ready to buy my 1 bitcoin! I carefully created my order on the site for 1.04 BTC (I figured a little extra couldn't hurt), and filled in the required information. Satisfied, I clicked on the submit button.

Immediately, the money I had in the account went from $880.00 down to $2.76, but instead of seeing 1.04 BTC in my bitcoin account, I only had about .0456 bitcoin? Scrolling further down the screen, I found that the rest of my purchase was still pending, as there where currently no sellers to buy from?!? So the waiting began again.

The next day, I had my total purchase in my BTC account and I was finally ready to send my hard earned bitcoin to the hackers. I logged into my wallet to setup the receiving address for the transfer, and then sent the bitcoin from the exchange. Within a few seconds, the transfer was complete and I had my 1 bitcoin in my wallet, ready to send.

So, I clicked on Send and filled in the information, including the hackers wallet address. I was surprised to find that when I entered the amount of 1 bitcoin in the amount box, it changed to about .999990452 bitcoin instead of 1. I had forgotten to account for the transaction fee! Since I only had 1 bitcoin in the wallet, the system automatically stripped the fee out of the transaction. The hackers wanted 1 bitcoin, and at this point I wasn't going to send them .9999990452 bitcoin instead. So back I went to the exchange and sent .01 bitcoin over to my wallet to pay for the transaction fee. I was very happy that I had purchased a bit extra!

I prepared the Send transaction again, and sent the coin on its way. The total elapsed time was 7 days. Ouch!

Within about 12 hours, we received the instructions from Mr. Hacker on how to download the unlock program, which was embedded in a questionable and no doubt, anonymous software download site. My Malware protection lit up with alarms as I went to enter the site, but I pushed on and did get the unlock program downloaded.

After running the program and unlocking the encrypted files, my customer finally had their data back. The total time with decryption was about 10 days! The unlock program did work, but it wasn't quick.

While the process was interesting and very adventurous, I wouldn't recommend exposing yourself to this type of file kidnapping. A good virus scanner and Malware blocker is essential to avoiding getting locked out of your own files. A backup is also critical as it can protect you from ransomware, and also equipment failure on your desktops and servers. Important to note, is that ransomware infections will search all connected drives (even Onedrive and Dropbox if logged in), and attempt to encrypt any files found on those drives, so a backup that does not remain connected to your computer at all times is also recommended.

Being prepared before you become a victim is the key here, so even if you are running virus protection, consider adding Malwarebytes or other live scanners that specifically look for web based threats, and are proven to be able to fend off Crytolocker infections.

Safe browsing everyone!

Phil Crossley
HiRes Solutions












Thursday, 20 November 2014

Do You Hate Windows 8's Default Desktop?

Many people that I do work for tell me that they don't like the way the Windows 8 desktop works.
They would prefer to have things back the way they were in Windows 7.

Even when they have a touch screen interface, they still find the Windows 8 way of doing things inefficient and confusing.

Happily, there is a solution. There are several software programs for Windows 8 that can give you Desktop functionality that is very similar to Windows 7 and allow you to use your Desktop as your primary Windows environment.

My favourite Windows 8 replacement shell was created by StarDock.com and is called Start8.
The program isn't free, but only costs $4.99 USD.
There is a 30 day fully functional free trial, so you can try it out before spending the big bucks :-)

Start8 gives you back your Desktop and pressing the Windows key or Clicking the Start button brings up the familiar Start menu. You can pin programs to the menu and access the Control panel, Shutdown/Log Off options and access the Devices and Printers window, just like you could in Windows 7.

Start8 also supports the search box at the bottom of the Start Menu and brings up live results just like Windows 7 did.

If you do like to access the Windows 8 Metro tiles home screen from time to time, you can easily launch it from from the top of Start8's Start menu.

To check out Start8 and get your Windows sanity back, click the link below.

Get Start8 Now!

Watch a video demo of Start8.


Thanks for reading.

Phil C.
HiRes Solutions

Sunday, 16 November 2014

Latest Malware Threats mean you must have realtime virus protection

Today's Malware and Virus producers are getting bolder and meaner!

The latest of these annoying software monsters includes the CryptoLocker virus.
Once this virus infects your computer, it quietly goes through and encrypts all of your media and document files with a strong encryption key. This includes any files accessible on the network as well!

When the virus has finished encrypting your files, it will pop-up a window that tells you that your files have been encrypted and the only way you can reverse the process is to pay the ransom (typically $200-$500).
This virus will give you about 48 hours to complete the payment. If you don't pay within this time period it will destroy the key that would allow you to retrieve the files.

There is no way to clean your computer after the encryption is completed. This is real heavy duty encryption and the only way to un-encrypt your files is to use the key that the file-nappers are willing to sell you.
The only other way to recover your files is by restoring from a backup. Making backups more important than ever.

If you choose to pay the ransom you are sent a program that goes through and undoes all the encrypting, allowing you to access your files once again.

Needless to say, it is best to avoid the infection in the first place by having an active virus/malware scanner on your computer. Keeping it licensed and up to date.

I like to use a combination of Microsoft security essentials (a free virus scanner) and a paid copy of Malwarebytes Malware scanner. I find that MalwareBytes is very good at blocking website malware and avoiding installing harmless looking utilities that can be hard to remove later on. It tends to react better to annoying marketing ad-ins that may not be viruses, but still drive you crazy when they start popping up ads in your browser without your permission.

If you would like to read more about Ransomware viruses, click the link below to read an excellent article at sophos.com.

Sophos Ransomware article.


Wednesday, 1 January 2014

Welcome!



Hello All

Here you will find tips and information from the computer world.

HiRes Solutions is a Computer support company located in Whitby, Ontario.
We specialize in on-site computer repairs and support, and can provide remote support to customers as well.
This Blog is used to provide some useful information to customers and anyone who is looking for some tips and tricks on using and understanding their computers better.

If you have a specific question, please email me at support@hiressolutions.ca and I will do my best to answer you here.