ransomeware virus

mfb1
mfb1 Posts: 3
in Business Security

Hello,

 

My server has been infected with ramsomeware virus.  The person whi did this is  asking huge amount to encrypty the file. Any suggestions would be of great help

Like

Comments

  • Ben
    Ben Posts: 2,641 F-Secure Product Expert

    Hello mfb1,

     

    Here is the page on ransomwares.

    It contains instructions and further technical details.

    Like
  • etomcat
    etomcat Posts: 1,319 Superuser

    Hello,

     

    What are the exact file names of the encrypted files? (It could be similar to "[email protected]__.crypt" for example.)

     

    Do you have a file pair where there are two identical files, one readable and one encrypted? (For example a photo, which is preserved on memory card, but its copy stored on the hard disk got encrypted. Or a database file that has a readable backup.)

     

    [Rationale: a lot of current malware and manual encrypting attacks done via remote access vulnerabilites still use an older Gomasom framework with known faulty crypto. In that case, there is a utility which can recover the key in a few hours, via brute force comparison of an encrypted / readable pair of otherwise identical files. It saved two customers here in the past week.]

     

    Best regards: Tamas Feher, 2F 2000 Kft., Hungary.

    Like
This discussion has been closed.

Categories