Gigabyte Hit with RansomEXX attack and could be big problems for the Motherboard manufacturer

Blame the Broker

Bleeping Computer

It seems bleeping computer is the one who is first reporting but as you can see if you go to the Gigabyte homepage. You’ll find that there homepage has been changed a little with the about us graphic being changed to this little blame the broker gif.   It is a reference to the BlackMatter that was recently been reborn from REvil and Darkmatter.  So this is definitely a sign that they have been hacked and attacked.  According to Bleleping Computers the attack was done by the RansomEXX gang but I have my own thoughts on this that it was also part of the BlackMatter group who also helped out in this hack.

Gigabyte Support

According to all sources I could find, the esupport website is currently down.  There have been reports that RansomEXX will release 112gb of data to the public that involves customers and business relationships such as Intel, AMD, and even American Megatrends.  I’ve not seen to much other than that right.   I can only imagine that all this data is NDA.   Gigabyte even confirmed this in the Chinese media outlet to have been attacked by hackers.

Customer Data

I don’t know what data the hackers actually have or what they intend to do about it.   I’ve not even heard what type of data the hackers have.   We just know that they have some serious data that is about the relationships between Gigabyte and other manufacturers that is startling to say the least and we don’t even know everything that is behind this attack.  We just know that it will be interesting to see what will happen in the coming weeks.  I’ve still seen people on twitter and other places complaining they can’t get to the esuppport websites on twitter.  Hopefully someone will talk about this in the coming weeks.  I know I want to find out what actually happened.

How to wipe your hard drive securely before selling or recycling your computer

Photo by: pastedo on Pixabay

Wiping the Hard drive

Sometimes it’s a good idea to wipe the hard drive beyond recovery to prevent someone else from getting that information about the previous owner.     It is always a good idea to erase the information before you sell or recycle or even donate your computer.   You can destroy the data on the hard drive with little or no effort but it does takes an app to do it.   Depending on your situation, if you have an OEM system, than you will probably want to reinstall Windows into the system that you are going to wipe securely and erase the data on the hard drive.  It’s best before you do this to create a USB or DVD of the operating system you are going to wipe.   If this is Windows 10, you can download the the media creation tool for Windows 10 and make a bootable USB for Windows 10 for after the wiping of the hard drive.  If this is an older system like Windows 7, I would suggest before wiping checking to see if you have the DVD for it or you could buy a Windows 7 from amazon using my Affiliate Link, which I’ll get a small amount of money when you do that.  If this is another system all together, Like Linux, or even Mac OS you’ll have to get a copy of the operating system that you are going to wipe and reinstall it to be helpful to the next person to use the system.

DBAN : Darik’s Boot and Nuke

Darik's boot and nuke

This is one of the utilities that I use to remove and erase all the information securely to prevent anyone from getting the information that is on the hard drive.    It’s open sourced and can be downloaded freely.   They do have an enterprise version that is for those who are running a business and requires a license to do use in a business environment.  This is however the first one that I use when I have a Hard drive that I need to erase, destroy,  or wipe the entire Hard drive.  This can even be used on SSD and NVME’s.

MHDD

This one is similar to DBAN but has some interesting features that work well with what I might need to do.  I often times will us MHDD after I use DBAN just to be safe and make sure nothing is left on the hard drive, or the Solid State drives to prevent anyone from getting any information from the hard drive.  This probably sounds like over kill but I figure it sometimes is needed to prevent the people from accessing the data.  It was developed by Dmitry Postrigan and I have used this program from time.  You’ll need to download the ISO and create a bootable USB or CD/DVD to use this program and I suggest something like Yumi Pen Drive creator to make a USB Bootable Disk for MHDD.

Formatting the HDD, SSD, or NVME

Format commends

This is the last option I would suggest because this option is only going to do it once and you’ll need to format the disk several times with different commands to provide enough assurances that the data is destroy or wiped.  This option is good for those disk drives that didn’t have any really important information on them and had either games or files that probably didn’t have anything on that would be too personal  for anyone to find.   I usually use this as a last resort when I know the system wasn’t used to keep personal data and maybe the HDD was being exclusively used for games on it.  The format command on a HDD or SSD could be useful because it’s already on the media creation tool and can be accessed by hitting Shift+F10.

Then all you will need to do it type:

format <drive>: /fs:NTFS /p:1 (For zeros)
or
format <drive>: /fs:NTFS /p:2 (For one's)

This will write zero’s  or one’s to every sector on the HDD or SDD and will securely erase the data.   I have found to go from zero’s to one’s or doing one’s than doing zeros.   Be warned thought doing this will take a very long time.  It could be hours between passes.

This option is good when you have a system that you can use to install and format HDD and still do other things on the system or if you can pull the HDD and SSD out and temporarily install it on the working system.  While it does it things you can do other things on the system.   Be warned this might take some of your system resources while you are formatting the HDD in question.  The System might be a bit slower to respond.   Also it will take a VERY long time to do multiple passes on a HDD.  So don’t be surprised if it takes several minutes to go from 0 to 1% or several hours to even get to 100% depending on the size of the drive you are formatting.

Do you have any good tools that work better?  Why not leave a comment and tell me what you use to securely wipe hard drives and SSD’s.  Why not share your experiences and hear how you do it.  If this has helped you with something, why not consider checking out my affiliate links below and say thank you for this great resource.

Some advice for new computer technicians

Computer network technician training offered in Vancouver

We can’t do this alone!

This is the most important idea that you should understand. Most computer technicians think that they have to do it alone when it comes to problem solving an issue.  It is because  no one can ever know how to fix every possible problems that may arise.   Those are the times we should ask question and ask for help from other technicians.   This will help you even more than you might imagine because some other technician might know how to solve the issue or problem that you are having.    We might never really understand what someone else might know.   This also includes customers, because what one customer might not know another one might.

Research is everything

Sometimes even other technicians might not know what is causing the problem.  So use everything at your fingertips.   Don’t underestimate the power of word search in Google, Bing, and Yahoo.  It isn’t like one search engine is better than another.  Each search engine has some information that some others might not have.  Don’t just use one but should always use all of them.   Sometimes one search engine will not have the answers, so I will always go and check out two or more search engines for a possible fix for the issues.

You will have angry customers!

No one tells you this but no matter how nice or good you are, you’ll have those angry customers. You should be prepared to deal with them. I say this with some experience, no matter what you’ll do for a customer there will always be those who know nothing about computers and then get mad at you for some reason or another. You’ll need to learn to be patient with an angry customer. Learn to come up with ways to alleviate the stress or anger from the customer. My go to phrase when a customer is angry or stressed is “Here’s what I can do for you . . . “.   If you tell the customer that you can do something for the customer even if it is something small, it helps with making the customer feel like they are being heard.   Also learn to active listen to the customer and make sure you hear what they say by repeating back to them the problems they are having.   Also sometimes the customer is going to just need to vent and be angry.  Technicians should learn to just be there for the customers.

Computers will break!

This is the next thing you will learn being a technician, that no matter how careful you are going to be with a computer, You’ll break a system just by doing something you’ve done a billion times.   If it can be broken, it will be broken.  Murphy just likes to make people’s life harder, and we will always have those days.   I can say with certainty that no one will ever be perfect at solving problems or fixing the issues.   I’ve seen motherboards break or CMOS fail at the most unusual times.  So you should be prepared to always apologize to the customers or say your sorry and make it right, even if it’s not your fault.   Sometimes customers will want to feel like they are important to you and that helps keeps the customers coming back.

No technical jargon

No matter how much you know or think you know, keep the technical jargon to a minimum with customers.   Most of them aren’t even going to know what you are talking about if you don’t relate the problem to the customer.  I can remember several times when I heard someone tell a customers about a command or hardware and the customers eyes just glaze over because they just don’t understand.   Only tell the customer what they need to know, if it’s a customer error, teach the customer and try to prevent them from creating the problem again.

I’ve been in the computer world a long time and I am sure the old and new a like will agree that these are some valuable tips for those who might be interested in being a technician.  Nothing I’ve said here will stop angry customers but it might help.   What’s some things you’ve learned to help with customers not getting angry or make the customer happy?  I’d love to here what helped you with customers and I am sure others will too.

Security News for this Month and How that affects you!

tpm chip on imac.png

Hackers get around TPM

According to Arstechnica, a hacker was able to get around TPM in under 30 minutes.  It seems impressive for someone to be able get around something that Microsoft thinks helps secure your operating system.  I’ve been doing some major research into how secure is the TPM and secure boot.

Getting around the TPM in this manner is akin to ignoring Fort Knox and focusing on the not-so-armored car coming out of it.  — Arstechnica

Fort Knox is way better than a TPM, it just means that people don’t realize the vulnerabilities of the the TPM.   It is still relatively new and people just haven’t had the chance to thoroughly test the trusted platform module.

BlackMatter is Reborn

With Revil and DarkSide getting shut down, we now see that BlackMatter could really be just a simple name change from Darkside.

And sure enough, a recent detailed forensic analysis of the cryptographic algorithms being employed by an apparent newcomer named “BlackMatter” suggests that BlackMatter is actually DarkSide 2.0. — Steve Gibson

It seems that they have left the affiliate model and now are looking for the IAB(initial Access Brokers) to be able to infect computers and networks that might bring them some great revenue from ransomware.  Ransomware is getting more and more common and I can guess that they will start to use something like this to infect companies computers.   I doubt they will infect targets that are going to be bring them to much attention.

Print Nightmare is a feature not a bug!

I keep saying this but the Print nightmare that is being talked about last month will probably never truly be fix because Microsoft created this issue in the early days so people could easily print to any system.   Microsoft has been trying to fix some of the issues but I doubt they will ever fix them all.  The idea that it is a zero day, is something that Microsoft didn’t expect but most researchers would have said it was probably possible for several years at the least.  I am sure this will be used with a number of other things such as the Boothole exploit.  Although this has already be patched by most Linux distro, there are some that just won’t update due to not being able to or wanting to.  So there are going always have people who will not see a need to update their systems.  .

The First 6 months

Most researchers have said this but in the past 6 months there has already been more attacks than last year.   Although most of malware and ransomware writers were all just like everyone else watching what is going on in the world and covid19.  They probably weren’t very busy last year and now they need to fix that by showing us how much more they can do.   I am sure it will even be better the next 6 months but I am also hopeful the Russians government will keep putting pressure on the virus writers to keep their acts clean and leave companies alone.  I doubt it but I can only hope.

What’s your thoughts on all that has happened this year?  Do you think it will slow down or get even faster?  Do you think we will see more computers getting compromised even with TPM and Secure boot enabled?  Let me hear your thoughts.

How my blog experiment helped me and why!

Photo by: Kevin King(Chandana Perera) on Pixabay

“Failure is always an option” —  Adam Savage

Blogging is always a part of experimenting with what people will read and do.  I really don’t say that lightly because no one can ever truly know what will happen when you blog about a topic or come up with blog titles for your blog.  You could have the most boring blog but have the most readers because it has so many people who think like you.   I find that to be mostly true, the blogging niche is something that has always fascinated me when it comes to readers.   Who your readers are can be some of the best supporters of your blog or the worst depending on the niche.

The niche of things

What’s a niche, you might be asking?  A niche is according the the Cambridge dictionary is “an area or position that is exactly suitable for a small group of the same type:“.  What does that mean might be different to some but mostly it is a group of people who think or has the same kind of thoughts about a subject or idea.   For instance, I like security or even talking about Windows so I have people who like to read about that or maybe you are a technician who might need to know how to problem solve a situation.  Each of these people has a niche in a particular area and maybe even like to read what I have to say from time to time.  Understanding the niche is something that comes with experience and time.   It can’t really be seen but it can be used to grown your blogging experience.

Blogging helps me!

I can say since I started this experiment, it seems to have grown my readers base.    I also have found the blogging alone has helped me to research and understand what is required to do an essay.  While I am in school the teachers seems to want to make the students write essays as much as possible.   It has been a great help to me to have been blogging for so long that I understand how essays are being used to get students to research their area of expertise.  I think that it gives students a chance to make sure they are going in the right direction and that they will want to do the jobs when they are done with the education.  It’s been a great education experience for me since I haven’t been to college for 20+ years.   It has definitely changed over the years and I am sure that even now it will change in the future.

Water flows in many Directions

I can’t say that it isn’t something that not everyone will understand.   Blogging is like water, it will flow through people or around people who have little interest in the topic at hand.  I’ve learned a lot about my readers and who my readers are just by doing this little experiment.  I know what people like to read or even why they might like to read the posts I do.  I intend to keep this up in the future to help draw more people to my blog.   I am hopeful that it helps me to create even more  connections with my readers. I hope this blog has done you some good.  I am sure this will be an interesting year for everyone due to what happened last year.

What would you like me to talk about?  Maybe you have something you want me to talk about or maybe you have a question.  Why leave a comment or send me a message on twitter at @laforge129.