best4less Posted March 29, 2019 ID:1305796 Share Posted March 29, 2019 Hi, I have one job and i say they get Done by a Ransomware at least 3 times a year LOL I put Malwarebytes Home Premium on their Server last time, just trying to show them it would be worth getting the Business version for the rest of the computers, very small only 5 computers. But they got another Ransomware infection today, again With Malwarebytes Home Premium paid and installed What am i missing, what is the most common ways to get infected only this place keeps getting them LOL The other 60 odd costumers i have are fine, all i have to do for them is replace PSU's LOL any thoughts would be greatly appreciated And I am sorry if i posted in the wrong sub Forum Cheers B4L Link to post Share on other sites More sharing options...
Porthos Posted March 29, 2019 ID:1305798 Share Posted March 29, 2019 (edited) 14 minutes ago, best4less said: What am i missing 14 minutes ago, best4less said: I put Malwarebytes Home Premium on their Server last time what is the most common ways to get infected The home version is not supported on servers. Did you have the paid version on all 5 computers? Email is the most common. Opening attachments. Edited March 29, 2019 by Porthos Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 29, 2019 Root Admin ID:1305809 Share Posted March 29, 2019 Hello @best4less Please see the following information with tools and methods to better protect a business customer. Malwarebytes Incident Response Technologyhttps://www.malwarebytes.com/business/incidentresponse/ Forensic Timeliner Gathers event and log details quickly from more than 20 Windows log repositories and displays them in a chronological timeline view, enabling security teams to uncover what/when/how an endpoint was compromised, and where else the attack may have spread. Malwarebytes Endpoint Protection & Responsehttps://www.malwarebytes.com/business/endpointprotectionandresponse/ Malwarebytes Product Comparison Guidehttps://resources.malwarebytes.com/files/2018/11/Malwarebytes-Business-Product-Comparison-Guide-v7.pdf Product Details https://www.malwarebytes.com/business/products/ You can also contact Sales to discuss in more detail if you'd like https://www.malwarebytes.com/business/contact-us/ Thank you Ron Link to post Share on other sites More sharing options...
best4less Posted March 29, 2019 Author ID:1305815 Share Posted March 29, 2019 Thanks Guys I only put MB on the Server, I was trying to encourage them to get the whole network computers done but as many small Businesses they don't like spending coins. Thanks for all the links. I need to do some homework and get these guys to buy a Business plan as this has become beyond a joke. They all log into the Server just to access 1 program via Remote Desktop. I just don't understand how it is the Server keeps getting smashed unless they are opening emails on the server. mmmmm But their individual desktops are not affected. Thanks again for the advice Cheers B4L Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 29, 2019 Root Admin ID:1305816 Share Posted March 29, 2019 So did you fully restore the Server from backup or remove the threat and leave the server running? Link to post Share on other sites More sharing options...
best4less Posted March 29, 2019 Author ID:1305817 Share Posted March 29, 2019 I have trained them well to do full backups EVERYDAY lol so format and reinstall quick job only 40 minutes for me but i guess they lose 2 or 3 hours of the day because of it Have they ever caught and prosecuted any of these ***@%^&*** Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 30, 2019 Root Admin ID:1305930 Share Posted March 30, 2019 Yes, we have helped to take down a few. Link to post Share on other sites More sharing options...
best4less Posted March 30, 2019 Author ID:1305960 Share Posted March 30, 2019 Wow that's great news that you caught some of them Any links to news articles, that is something i would love to read I am sure you have already but I would like to thank you for your fight against these people Must be such a great feeling when you know you got one them, Thank You for all your efforts Cheers B4L Link to post Share on other sites More sharing options...
best4less Posted April 7, 2019 Author ID:1306974 Share Posted April 7, 2019 I finally figured out how they were getting through they had a security camera tech do some work and he opened up a port on the router/modem and after reading the logs i could see the constant dos attacks and port scans they were relentless attacks coming from multiple IP address Just wanted to say thanks again for you help you guys have a great home here Cheers B4L Link to post Share on other sites More sharing options...
exile360 Posted April 7, 2019 ID:1306980 Share Posted April 7, 2019 Thank you for the details. I'll be sure to pass this info on to the Malwarebytes Research team for analysis. If you have any additional details to add please feel free as they would be much appreciated. I'd like to aid the Research team in better targeting these kinds of attacks/threats in the future and possibly help them to develop improved preventative countermeasures. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now