Received this as an email..

You may have seen the news lately about a US gas pipeline company
getting hacked with a ransomware demand, and the Russian group behind
this owning up to the deed. (They pocketed $4.4m)
Lucky for you, researchers found a novel way to avoid getting infected
by ransomware which I'll share with you below. It might not work with
all ransomware, but it's a free and easy setting to change so why
wouldn't you. So it turns out that Russian authorities turn a blind eye
to Russian crooks doing this ransomware trade as long as they don't
target Russian people. The way these hackers avoid infecting their own
country folk is to check if there's a Russian keyboard installed on the
target computer.

So, below are some instructions on how to install the Russian keyboard
on your PC. it doesn't mean you have to use it or will see it, but it
will exist on your PC in the background - doing nothing. Full article
courtesy of
https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/

Instructions
In Windows 10, hit the Windows key and X at the same time, then select
Settings, and then select Time and Language. Select Language, and then
scroll down and you should see an option to install another language.
Click + Add a Language. Search for Russian and click Install, and the
Russian language should be installed after a few minutes. Then you can
go back to whatever you were doing.

If for some reason you need to toggle between languages, Windows key +
Spacebar is your friend.

Please share this free and easy trick with your friends and family.

--
"A mans got to know his limitations"
- clint Eastwood as Dirty Harry

Yosemite Sam <felix@invalid.com> wrote:
> Received this as an email..
>
> You may have seen the news lately about a US gas pipeline company
> getting hacked with a ransomware demand, and the Russian group behind
> this owning up to the deed. (They pocketed $4.4m)
> Lucky for you, researchers found a novel way to avoid getting infected
> by ransomware which I'll share with you below. It might not work with
> all ransomware, but it's a free and easy setting to change so why
> wouldn't you. So it turns out that Russian authorities turn a blind eye
> to Russian crooks doing this ransomware trade as long as they don't
> target Russian people. The way these hackers avoid infecting their own
> country folk is to check if there's a Russian keyboard installed on the
> target computer.

Sounds like a load of rubbish, and they could just as easily be
checking the actual language settings on the computer rather than
the keyboards that are attached. That's if they went further than
just not attacking computers connected via Russian ISPs.

--
__ __
#_ < |\| |< _#

On 29/05/2021 1:01 pm, Computer Nerd Kev wrote:
> Yosemite Sam <felix@invalid.com> wrote:
>> Received this as an email..
>>
>> You may have seen the news lately about a US gas pipeline company
>> getting hacked with a ransomware demand, and the Russian group behind
>> this owning up to the deed. (They pocketed $4.4m)
>> Lucky for you, researchers found a novel way to avoid getting infected
>> by ransomware which I'll share with you below. It might not work with
>> all ransomware, but it's a free and easy setting to change so why
>> wouldn't you. So it turns out that Russian authorities turn a blind eye
>> to Russian crooks doing this ransomware trade as long as they don't
>> target Russian people. The way these hackers avoid infecting their own
>> country folk is to check if there's a Russian keyboard installed on the
>> target computer.
> Sounds like a load of rubbish, and they could just as easily be
> checking the actual language settings on the computer rather than
> the keyboards that are attached. That's if they went further than
> just not attacking computers connected via Russian ISPs.
>

it was an email from Firetrust ie. Mailwasher, so I thought maybe it's
legit. but yeah, sounds a bit far fetched.

--
"A mans got to know his limitations"
- clint Eastwood as Dirty Harry

On Sat, 29 May 2021 03:01:28 +0000, Computer Nerd Kev scribed:

> Yosemite Sam <felix@invalid.com> wrote:
>> Received this as an email..
>>
>> You may have seen the news lately about a US gas pipeline company
>> getting hacked with a ransomware demand, and the Russian group behind
>> this owning up to the deed. (They pocketed $4.4m)
>> Lucky for you, researchers found a novel way to avoid getting infected
>> by ransomware which I'll share with you below. It might not work with
>> all ransomware, but it's a free and easy setting to change so why
>> wouldn't you. So it turns out that Russian authorities turn a blind eye
>> to Russian crooks doing this ransomware trade as long as they don't
>> target Russian people. The way these hackers avoid infecting their own
>> country folk is to check if there's a Russian keyboard installed on the
>> target computer.
>
> Sounds like a load of rubbish, and they could just as easily be checking
> the actual language settings on the computer rather than the keyboards
> that are attached. That's if they went further than just not attacking
> computers connected via Russian ISPs.

It is an observation from people in the relevant field and they give
their reasoning(if you go to the claimed source site).

Now that the idea is out in the ether, you can expect the ransom infector
will become a bit more intelligent. OTOh, they might not bother as, like
spam, the current system appears to be giving good returns.

You can always practise safe hex as an alternative, but weakest link
applies.

News 2021 <news21@woa.com.au> wrote:
> On Sat, 29 May 2021 03:01:28 +0000, Computer Nerd Kev scribed:
>
>> Yosemite Sam <felix@invalid.com> wrote:
>>> Received this as an email..
>>>
>>> You may have seen the news lately about a US gas pipeline company
>>> getting hacked with a ransomware demand, and the Russian group behind
>>> this owning up to the deed. (They pocketed $4.4m)
>>> Lucky for you, researchers found a novel way to avoid getting infected
>>> by ransomware which I'll share with you below. It might not work with
>>> all ransomware, but it's a free and easy setting to change so why
>>> wouldn't you. So it turns out that Russian authorities turn a blind eye
>>> to Russian crooks doing this ransomware trade as long as they don't
>>> target Russian people. The way these hackers avoid infecting their own
>>> country folk is to check if there's a Russian keyboard installed on the
>>> target computer.
>>
>> Sounds like a load of rubbish, and they could just as easily be checking
>> the actual language settings on the computer rather than the keyboards
>> that are attached. That's if they went further than just not attacking
>> computers connected via Russian ISPs.
>
> It is an observation from people in the relevant field and they give
> their reasoning(if you go to the claimed source site).

Fair point, it's clearer in the link. I've become allergic to any
URL with "one-weird-trick" in it.

--
__ __
#_ < |\| |< _#

On Sun, 30 May 2021 06:54:51 +0000, Computer Nerd Kev scribed:

> News 2021 <news21@woa.com.au> wrote:
>> On Sat, 29 May 2021 03:01:28 +0000, Computer Nerd Kev scribed:
>>
>>> Yosemite Sam <felix@invalid.com> wrote:
>>>> Received this as an email..
>>>>
>>>> You may have seen the news lately about a US gas pipeline company
>>>> getting hacked with a ransomware demand, and the Russian group behind
>>>> this owning up to the deed. (They pocketed $4.4m)
>>>> Lucky for you, researchers found a novel way to avoid getting
>>>> infected by ransomware which I'll share with you below. It might not
>>>> work with all ransomware, but it's a free and easy setting to change
>>>> so why wouldn't you. So it turns out that Russian authorities turn a
>>>> blind eye to Russian crooks doing this ransomware trade as long as
>>>> they don't target Russian people. The way these hackers avoid
>>>> infecting their own country folk is to check if there's a Russian
>>>> keyboard installed on the target computer.
>>>
>>> Sounds like a load of rubbish, and they could just as easily be
>>> checking the actual language settings on the computer rather than the
>>> keyboards that are attached. That's if they went further than just not
>>> attacking computers connected via Russian ISPs.
>>
>> It is an observation from people in the relevant field and they give
>> their reasoning(if you go to the claimed source site).
>
> Fair point, it's clearer in the link. I've become allergic to any URL
> with "one-weird-trick" in it.

Similar distate, but I follow TechDirt by rss, but you can also listen
to some stuff via soundcloud. So I was familiar with it and had read
their theory on Russian language keyboards. We'll never find out if that
is useful unless some large corporation decides to run a randomised trial
by install extra keyboards.

On 2/06/2021 11:34 am, News 2021 wrote:
> On Sun, 30 May 2021 06:54:51 +0000, Computer Nerd Kev scribed:
>
>> News 2021 <news21@woa.com.au> wrote:
>>> On Sat, 29 May 2021 03:01:28 +0000, Computer Nerd Kev scribed:
>>>
>>>> Yosemite Sam <felix@invalid.com> wrote:
>>>>> Received this as an email..
>>>>>
>>>>> You may have seen the news lately about a US gas pipeline company
>>>>> getting hacked with a ransomware demand, and the Russian group behind
>>>>> this owning up to the deed. (They pocketed $4.4m)
>>>>> Lucky for you, researchers found a novel way to avoid getting
>>>>> infected by ransomware which I'll share with you below. It might not
>>>>> work with all ransomware, but it's a free and easy setting to change
>>>>> so why wouldn't you. So it turns out that Russian authorities turn a
>>>>> blind eye to Russian crooks doing this ransomware trade as long as
>>>>> they don't target Russian people. The way these hackers avoid
>>>>> infecting their own country folk is to check if there's a Russian
>>>>> keyboard installed on the target computer.
>>>>
>>>> Sounds like a load of rubbish, and they could just as easily be
>>>> checking the actual language settings on the computer rather than the
>>>> keyboards that are attached. That's if they went further than just not
>>>> attacking computers connected via Russian ISPs.
>>>
>>> It is an observation from people in the relevant field and they give
>>> their reasoning(if you go to the claimed source site).
>>
>> Fair point, it's clearer in the link. I've become allergic to any URL
>> with "one-weird-trick" in it.
>
> Similar distate, but I follow TechDirt by rss, but you can also listen
> to some stuff via soundcloud. So I was familiar with it and had read
> their theory on Russian language keyboards. We'll never find out if that
> is useful unless some large corporation decides to run a randomised trial
> by install extra keyboards.
>
The easiest answer of all is not to click on suspicious links.

On Wed, 2 Jun 2021 22:30:40 +1000, keithr0 <user@account.invalid>
wrote:

>On 2/06/2021 11:34 am, News 2021 wrote:
>> On Sun, 30 May 2021 06:54:51 +0000, Computer Nerd Kev scribed:
>>
>>> News 2021 <news21@woa.com.au> wrote:
>>>> On Sat, 29 May 2021 03:01:28 +0000, Computer Nerd Kev scribed:
>>>>
>>>>> Yosemite Sam <felix@invalid.com> wrote:
>>>>>> Received this as an email..
>>>>>>
>>>>>> You may have seen the news lately about a US gas pipeline company
>>>>>> getting hacked with a ransomware demand, and the Russian group behind
>>>>>> this owning up to the deed. (They pocketed $4.4m)
>>>>>> Lucky for you, researchers found a novel way to avoid getting
>>>>>> infected by ransomware which I'll share with you below. It might not
>>>>>> work with all ransomware, but it's a free and easy setting to change
>>>>>> so why wouldn't you. So it turns out that Russian authorities turn a
>>>>>> blind eye to Russian crooks doing this ransomware trade as long as
>>>>>> they don't target Russian people. The way these hackers avoid
>>>>>> infecting their own country folk is to check if there's a Russian
>>>>>> keyboard installed on the target computer.
>>>>>
>>>>> Sounds like a load of rubbish, and they could just as easily be
>>>>> checking the actual language settings on the computer rather than the
>>>>> keyboards that are attached. That's if they went further than just not
>>>>> attacking computers connected via Russian ISPs.
>>>>
>>>> It is an observation from people in the relevant field and they give
>>>> their reasoning(if you go to the claimed source site).
>>>
>>> Fair point, it's clearer in the link. I've become allergic to any URL
>>> with "one-weird-trick" in it.
>>
>> Similar distate, but I follow TechDirt by rss, but you can also listen
>> to some stuff via soundcloud. So I was familiar with it and had read
>> their theory on Russian language keyboards. We'll never find out if that
>> is useful unless some large corporation decides to run a randomised trial
>> by install extra keyboards.
>>
>The easiest answer of all is not to click on suspicious links.

I know for spam all Cyrillic spam can be blocked
--
Petzl
Good lawyers know the law
Great lawyers know the judge

On Wed, 02 Jun 2021 22:30:40 +1000, keithr0 scribed:

>> Similar distate, but I follow TechDirt by rss, but you can also listen
>> to some stuff via soundcloud. So I was familiar with it and had read
>> their theory on Russian language keyboards. We'll never find out if
>> that is useful unless some large corporation decides to run a
>> randomised trial by install extra keyboards.
>>
> The easiest answer of all is not to click on suspicious links.

In any large corporation, there is always one who will click on it to see
what happens. Sigh.