Ransomware advice

danswan

danswan

danswan

Associate
Joined
6 Feb 2004
Posts
1,412
Location
Toon
Hi all.

Despite my usual vigilance I've returned from a weekend away to find all the files on my server have been encrypted by the .Adobe virus (apparently a variant of Dharma??). Still trying to work out how, but I think my 12 year old son might know more than he's telling me...

It's not a massive deal as almost everything which matters is backed up safely, but there are a couple of files which I really can't replace and would like back. From reading around I believe there's currently no way for me to decrypt these files, but I can also see that encryption keys for some other cryptolocker type viruses appeared over time. Do you think it is worth keeping these files in case they may be recoverable in future?

Cheers
 
You stand to lose nothing by keeping the files to try and decrypt at a later date, your only other 2 options are either delete them or pay up, so keeping them sounds good.
 
Guess so, thanks. Any ideas what the chances of that actually happening are, I mean is it usual that eventually a key appears from somewhere? Is there a site which keeps track of such things?

Cheers.
 
There was a case recently where a ransomware author sent a victim the key in pity and a software developer got a hold of it and used the algorithm to create a decryptor so it's worth while holding onto it because you never know what developments might be made.

As long as you regularly back up your data ransomware will need have any impact. Just cost you an hour or so to restore your system.
 
Set your users to have read only access.

Ransonware can be protected against using a few simple steps.
 
You must log in or register to reply here.
Back
Top Bottom