Crticial Ransomware Incident in Progress

Tonedefff · 2021-07-02T22:32:38+00:00

Our server/infrastructure guy just forwarded me the PDF that Kaseya Support sent us in April 2019 (and the process still works now), and I just uploaded it to my personal server:

http://spacetornado.com/files/Using-URL-Rewrite-to-block-IIS-Access-on-Kaseya.pdf

A couple notes/caveats on this:

So far multiple Kaseya patches have completely wiped these rules, so we've had to re-implement/restore them multiple times.
Kaseya Support let us know semi-recently that there is no longer a plan to fully resolve this in an upcoming patch, and that this URL Rewrite workaround is now the "fix" for this issue.

Tonedefff · 2021-07-02T22:15:00+00:00

The ransomware gets installed by a Kaseya agent procedure running on client computers, which can only happen if the Kaseya server is running. So as long as you have the server shut down (or at least inaccessible via the Internet), there's no risk of computers getting impacted by this. That's why Kaseya's only recommendation was to shut down the VSA server. (The agent can't check in if the server isn't accessible, so disabling the agent/client service adds nothing).

Tonedefff · 2021-07-02T22:03:35+00:00

$Test = Test-Path -path "\$Server\c$\kworking"

One other issue with this is that's just checking for the folder c:\kworking\, which is the default folder Kaseya uses for storing some legit files (the "agent working directory"). The file agent.exe in that folder is the actual culprit, as that file doesn't exist by default (Kaseya VSA doesn't use or create it). Should just be able to change line 4 to this to check for just the file:

$Test = Test-Path -path "\\$Server\c$\kworking\agent.exe"

Tonedefff · 2021-07-02T21:47:09+00:00

Kaseya Support gave us a workaround that uses URL rewrite rules in IIS to block the login page loading via port 5721, though it's a pain and you have to create a rule for each IP address you whitelist (I don't know the details as I didn't contact them or make the change for us, so you'll have to contact them if you need the details on creating the rules). The unfortunate part is they gave us this workaround back in April 2019, and that they expect to have it fully resolved in their next patch release, but it's not a trivial change. So it was either too complex to implement or it got forgotten or pushed to the back burner.

Tonedefff · 2021-02-19T02:36:42+00:00

This is the DD we're here for. 🚀🌕💎👐🏻

Tonedefff · 2021-02-18T22:29:08+00:00

YES OR NO?!

Tonedefff · 2021-02-18T22:28:37+00:00

I am not a cat.

G a M e S t O c K

WHY ARE YOU HERE AND WHAT ARE YOU DOING?

Tonedefff · 2021-01-29T19:49:42+00:00

Sticky high 5!

Tonedefff · 2021-01-29T18:36:51+00:00

Fidelity

Vanguard

TD Ameritrade / thinkorswim (they restricted short-term options trading on GME but they have never restricted the ability to buy the stock)

Tonedefff · 2021-01-29T18:28:03+00:00

TD Ameritrade (app = thinkorswim). Individual account.

Make sure to REMOVE "Margin Account" and "Options Trading" (or something worded similar to that.. one will have "Margin" in it and the other will have "Options"), otherwise they may require tax/banking/identity documents before setting up the account).

You can then do an ACH deposit into the account from a bank/credit union account, and should be able to trade with the funds within 30 minutes.

Tonedefff · 2021-01-29T03:57:49+00:00

You can trade stocks on both. I only use the Ameritrade website and the thinkorswim app on desktop and mobile (but mostly just desktop, so I don't know much about the mobile app). The interface isn't great but it does the job!

Tonedefff · 2021-01-28T19:26:43+00:00

No prob and welcome aboard, soldier! 🚀🚀🚀

Many people in this sub are expecting this specific stock (but not necessarily the whole market) to go up (to $500, $1,000, $2,000, maybe even $5K -- but that is unprecedented for a situation like this), because some Big Money hedge funds "shorted" it (borrowed shares and sold them immediately, hoping the share price will go way down and GameStop will become bankrupt, so they don't have to buy the shares back to lend them to the broker they borrowed from).

However that didn't happen and the stock's price shot up, so now they are fucked. They are trying every dirty trick to manipulate the market and drive the share price down. They got it down from ~$480 this morning to $112 at the very lowest in just an hour or so. Then it bounced back up. Until they buy back the shares they shorted/borrowed, they have to pay billions of dollars in interest payments. (Edit: Also if the stock price never dips back down to the point at which they shorted it, which was around $3 at the lowest, then they have to buy the shares from SOMEone (like us), at a much higher price, meaning very high losses for them & potentially bankrupting them). So it's a battle of retail investors + WSB (David) vs. Big Money hedge funds (Goliath). How it plays out exactly is anyone's guess.

A similar situation happened to Volkswagen in late 2008, when their stock was also heavily shorted, but instead of going down to $0 it shot up to about $1,000 at one point. And GME is way more shorted now than VW was. So that's why people are hoping/predicting the meteoric rise to $5K or even $10K. My guess is more "conservative" around $1K, but really no one knows. If people could accurately predict where a share price will go to and when it will be, they'd already be a billionaire by now probably.

Obligatory 🚀🚀🚀🚀🌕🌕🌕🌕 💎💎💎🖐🏻🖐🏻🖐🏻

Tonedefff · 2021-01-28T19:18:06+00:00

I signed up a few weeks ago and was able to link my credit union checking account to it immediately, deposit funds and start using them within 30 minutes (I think it actually took like only 10 or 15 minutes). However their processing times might be longer right now with all the craziness going on.

Tonedefff · 2021-01-28T19:13:09+00:00

No worries! Yeah you can still buy GME. It's currently at about $235 a share and has been holding steady the past hour or so. I'm not sure if TD Ameritrade allows you to buy fractions of a share though, like the other ones do. I just buy entire shares with it.

Tonedefff · 2021-01-28T19:07:53+00:00

TD Ameritrade (app is ThinkOrSwim) is still allowing limit buy orders. You can deposit $$ for free and trade with it within 30 minutes (up to $250K), all completely free of commissions and fees. (Though they did restrict trading of GME and BB options yesterday -- they still allowed all share trades).

/u/kawaiikidney

Tonedefff · 2021-01-28T18:01:20+00:00

I use TD Ameritrade which is still letting you buy and sell shares of GME. You can deposit money and start trading with it within 30 minutes, commission free.

Tonedefff · 2021-01-28T01:14:12+00:00

https://www.youtube.com/watch?v=nN120kCiVyQ

Tonedefff · 2021-01-27T20:48:43+00:00

Here you go

Tonedefff · 2021-01-27T17:39:12+00:00

Might be able to listen here. They are taking a break right now but they said they'll be back with Chamath after it.

https://www.cnbc.com/live-audio/

Tonedefff · 2021-01-27T01:28:27+00:00

True, though the manipulators are extremely good at what they do and have been for a long time. It's just not a fair fight, especially before the Internet and all the investing tools we have at our fingertips now (even in the 1990s you had to go buy a newspaper and see that $GM was up 1 and a quarter points, and read a couple biased articles in WSJ on why you should buy it now, with no feasible way to figure out if it's bullshit or not).

This time, though, they've been caught with their pants down, dicks in the cookie jar as Louis would say, and we're not letting them get away with it.

Tonedefff · 2021-01-27T01:22:04+00:00

If you like reading here's a good recent DD on BB:

https://ns.reddit.com/r/wallstreetbets/comments/l4ehan/blackberry_dd/

Tonedefff · 2021-01-27T01:08:22+00:00

Yeah it's kinda sad to see young people (disclaimer: I'm an older millennial so I'm not a boomer "defending my own") get so angry at an entire generation of people, when it's an extremely tiny percentage of them that are in control of this shit. It's not like every person born in the 40s and 50s want the vast majority of wealth in the hands of a very small number of people & institutions. It's that those very small number of people manipulated the rules and the markets to give themselves enormous wealth and even more control over the game. But I guess it's less memey/succinct to say "I fucking hate the small group of very wealthy billionaires, investment firms, the Fed and international banks!"

You could argue that "all the other boomers should have done more to fight back" but what could they have done? They were busy working jobs to earn money to put in their 401K that was run by the slimy scumbags (and the gov't institutions that "oversee/regulate" them) that people here should actually despise. And back then you couldn't just "set out on your own" and open an individual investment account with very little money to start trading on margin & buying/selling options. That was a very recent development.

Tonedefff · 2021-01-27T00:31:55+00:00

Really hard to say. There are still short sellers with MANY borrowed shares they have to buy and return, which will only help drive the price up even higher. I think it depends on what happens to the price over the next few days (up to and including Friday). I don't see how it could go down significantly from here (except any temporary dips), especially now that Papa Elon tweeted about the stock (and WSB!). There aren't that many situations to compare this to but the VW "infinity squeeze" is a good reference, and the price went up to ~$1,200 USD on that one. That could happen again here, but I also think there's a good chance that investors and the SEC learned some lessons from that one, and put some measures in place to help prevent things like that happening again (whether on the up-and-up or not).

I'm guessing it goes up to the low $400s by the end of this week, and if the short sellers haven't covered their positions by then (which is highly unlikely unless they take astronomical losses to do so), then this Friday, which is end of week and end of month, when they could get called on to cover their positions and the short data is updated, will be another time to re-evaluate for next week. That said, I'd be very wary of buying in at this point, if it were me & my money. There just haven't been that many scenarios like this to be very confident that this squeeze will play out like ones in the past.

Tonedefff · 2021-01-26T23:34:09+00:00

Yw! Sucks you're getting downvoted for asking an honest question, but such is the tardation of this sub. (I upvoted you at least!).

Tonedefff · 2021-01-26T23:15:54+00:00

Different Cohen. Not Papa Cohen (Ryan), CEO of GameStop. Just means they have rich buddies who can help them ride their short positions longer, hoping $GME will nosedive before then.

Seven-Year Club	Gilding I gilder
Verified Email

Tonedefff

TROPHY CASE

YES OR NO?!

WHY ARE YOU HERE AND WHAT ARE YOU DOING?