To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

ransomeware virus

mfb1 W/ Alumni Posts: 3 Security Scout



My server has been infected with ramsomeware virus.  The person whi did this is  asking huge amount to encrypty the file. Any suggestions would be of great help


  • Ben
    Ben W/ Alumni Posts: 664 Cybercrime Crusader

    Hello mfb1,


    Here is the page on ransomwares.

    It contains instructions and further technical details.

  • etomcat
    etomcat W/ Alumni Posts: 1,172 Firewall Master



    What are the exact file names of the encrypted files? (It could be similar to "Something.GDB!___filehelpers3181@gmail.com__.crypt" for example.)


    Do you have a file pair where there are two identical files, one readable and one encrypted? (For example a photo, which is preserved on memory card, but its copy stored on the hard disk got encrypted. Or a database file that has a readable backup.)


    [Rationale: a lot of current malware and manual encrypting attacks done via remote access vulnerabilites still use an older Gomasom framework with known faulty crypto. In that case, there is a utility which can recover the key in a few hours, via brute force comparison of an encrypted / readable pair of otherwise identical files. It saved two customers here in the past week.]


    Best regards: Tamas Feher, 2F 2000 Kft., Hungary.

This discussion has been closed.