ransomeware virus

Hello,

 

My server has been infected with ramsomeware virus.  The person whi did this is  asking huge amount to encrypty the file. Any suggestions would be of great help

Comments

  • BenBen Posts: 2,640

    Hello mfb1,

     

    Here is the page on ransomwares.

    It contains instructions and further technical details.

  • etomcatetomcat Posts: 1,318 Superuser

    Hello,

     

    What are the exact file names of the encrypted files? (It could be similar to "[email protected]__.crypt" for example.)

     

    Do you have a file pair where there are two identical files, one readable and one encrypted? (For example a photo, which is preserved on memory card, but its copy stored on the hard disk got encrypted. Or a database file that has a readable backup.)

     

    [Rationale: a lot of current malware and manual encrypting attacks done via remote access vulnerabilites still use an older Gomasom framework with known faulty crypto. In that case, there is a utility which can recover the key in a few hours, via brute force comparison of an encrypted / readable pair of otherwise identical files. It saved two customers here in the past week.]

     

    Best regards: Tamas Feher, 2F 2000 Kft., Hungary.

This discussion has been closed.