To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

ransomeware virus

Options
mfb1
mfb1 W/ Alumni Posts: 3 Security Scout

Hello,

 

My server has been infected with ramsomeware virus.  The person whi did this is  asking huge amount to encrypty the file. Any suggestions would be of great help

Comments

  • Ben
    Ben W/ Alumni Posts: 664 Cybercrime Crusader
    Options

    Hello mfb1,

     

    Here is the page on ransomwares.

    It contains instructions and further technical details.

  • etomcat
    etomcat W/ Alumni Posts: 1,172 Firewall Master
    Options

    Hello,

     

    What are the exact file names of the encrypted files? (It could be similar to "Something.GDB!___filehelpers3181@gmail.com__.crypt" for example.)

     

    Do you have a file pair where there are two identical files, one readable and one encrypted? (For example a photo, which is preserved on memory card, but its copy stored on the hard disk got encrypted. Or a database file that has a readable backup.)

     

    [Rationale: a lot of current malware and manual encrypting attacks done via remote access vulnerabilites still use an older Gomasom framework with known faulty crypto. In that case, there is a utility which can recover the key in a few hours, via brute force comparison of an encrypted / readable pair of otherwise identical files. It saved two customers here in the past week.]

     

    Best regards: Tamas Feher, 2F 2000 Kft., Hungary.

This discussion has been closed.