Endpoint Protection

 View Only

  • 1.  Encrypted (Ransome)

    Posted Jan 26, 2015 10:42 PM

    Hi,

     

    Please help me with below.   

     

    Our Files has been crypted and when we open the file say notepad we receive like below message:

     

    “All your important files were crypted with two strong algoritms - RSA and AES

    All files that have been cryped have name, starting with error_

    We can sell you the program that will restore all your files.

    If you want buy this program, you need send us your Unique Identificator on uyyyuuyq@ruggedinbox.com

    After that we will send you instructions of payment

    Also you can attach one small file (less than 300 Kilobytes) and we will restore it.

     

    If we didnt answer you during 1-2 days, it means that we didnt get your letter. So,

    make your own e-mail account on www.ruggedinbox.com and send your letter again.

     

    Your Unique Identificator: 31016”

     

    Can you please help us on this issue?

     

     



  • 2.  RE: Encrypted (Ransome)
    Best Answer

    Posted Jan 26, 2015 10:45 PM

    This is cryptolocker.

    If you do no have a good working backup, your files are very likely gone. Best to re-image the machine. This malware uses unbreakable encryption.

    See here:

    https://www-secure.symantec.com/connect/blogs/support-perspective-ctb-locker-and-other-forms-crypto-malware

    http://www.symantec.com/security_response/writeup.jsp?docid=2013-091122-3112-99

    For extra protection, make sure you're running the IPS, firewall, and SONAR components as well as download insight.

    Whatever you do, it is advised to NOT pay the ransom as the chances of you getting your files back are still very small.



  • 3.  RE: Encrypted (Ransome)

    Posted Jan 27, 2015 12:18 AM

    Thanks for all your great help.



  • 4.  RE: Encrypted (Ransome)

    Posted Jan 27, 2015 08:30 AM

    Happy to help