Jump to content

Recommended Posts

Had a client hit with this via a brute force attack.  Anybody else seen this before and have you had any luck getting files back ?  Not sure who this individual is, but they failed to put the instructions on the system they attacked.  Have no idea what they want for the key, but quite frankly, not sure I would even try if I knew.

Share this post


Link to post
Share on other sites

Welcome to our business forums TCCS!

Sorry to hear about this situation always tough once the files have already been encrypted. Malwarebytes does not currently offer any decryption tools or services.

Backups and disaster recovery are one of the strongest defences against ransomware we offer 72-hour rollback with our Endpoint Protection and Response. As well as our Behavioral Monitoring real-time protection that can stop encryption behaviour of course.

But I can point you to these third-party tools that may help identify a decryptor if available:

https://id-ransomware.malwarehunterteam.com/

https://www.nomoreransom.org/crypto-sheriff.php

https://www.nomoreransom.org/en/decryption-tools.html


Usually, the files are not able to be recovered but I wanted to provide what we can.

Best of luck with this and let us know if you have any questions.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.