Tor4Pay

PopoChubbs

Casually Filthy
Messages
1,822
Location
Middle Earth
Hi there guys, I've got a potentially sh*tty issue here.

I work for a school district in I.T., and subsequently I get approached by various individuals asking about "side-jobs". Well, one lady in particular came to me about her personal laptop not giving her access to some of her pictures, even though they're all being opened under the same program. There are entire folders that, when opened, say that "Windows Photo Viewer can't display this image because it doesn't recognize the file type, or you don't have the most up-to-date version". Despite that, some of her folders/pictures are totally accessible. Anyway, as I went to search for why this might be, I went to her only browser (Internet Explorer -- first red flag =p), and her browser had been hijacked by something called Tor4Pay. I eventually got Firefox installed, and went to research it some, and it came up in conjunction with Cryptowall ransomware, which she says others who have looked into this issue have told her she may have. I, however, could find no signs pointing to any of that, as the inaccessible pictures were not coming up with any encryption boxes or warnings. I was also able to find "removal" processes for T4P (it seems to be a browser hijacker), but I'm curious as to whether or not this goes beyond that. Are the two even related, or is lady in some serious doo-doo?

Do any of you know anything about T4P or Ransomware? I've read about it briefly on here and I know ransomware is a huge POS, but I can't find the thread again. Also, do you have any reliable links to ADWcleaner and it's co-pilots?
 
Can't say I've encountered it, but from the bit of googling I've done, it sounds like it's basically the gateway over Tor to accept payment of CryptoWall 2.0.

Check this link for more info: What is tor4pay.com?
Has a link in the article to try and remove CryptoWall.

As for AdwCleaner (and other tools), BleepingComputer is my go-to resource for them, since I know they're a legit source.
AdwCleaner Download
 
BleepingComputer is exactly what I was looking for, but could not for the life of me remember. Thanks Carnage! I'm hoping she's not mired in this cryptowall business. I've read that in some cases, even the a-hole hackers don't know how to break their own encryption. It's a terrible thing to be targeting people's personal memories for profit.
 
BleepingComputer is exactly what I was looking for, but could not for the life of me remember. Thanks Carnage! I'm hoping she's not mired in this cryptowall business. I've read that in some cases, even the a-hole hackers don't know how to break their own encryption. It's a terrible thing to be targeting people's personal memories for profit.

From everything that I've read, if you pay, they've been good about giving out the encryption key. Had even heard that they were providing support for people who were infected and needed help with the key not working :lol:.

Hopefully she has Shadow Copies of the files or backups somewhere if it's the actual CryptoWall variant, and not a poorly-done version that has the key hard coded in it lol.
 
Back
Top Bottom