Jump to content

Repeated Ransomware attacks


Recommended Posts

Hi,  I have one job and i say they get Done by a Ransomware at least 3 times a year LOL 


I put Malwarebytes Home Premium on their Server last time, just trying to show them it would be worth getting the Business version 

for the rest of the computers, very small only 5 computers.

But they got another Ransomware infection today, again With Malwarebytes Home Premium paid and installed :(


What am i missing, what is the most common ways to get infected 

only this place keeps getting them LOL


The other 60 odd costumers i  have are fine, all i have to do for them is replace PSU's  LOL


any thoughts would be greatly appreciated 


And I am sorry if i posted in the wrong sub Forum :)






Link to post
Share on other sites

14 minutes ago, best4less said:

What am i missing


14 minutes ago, best4less said:

I put Malwarebytes Home Premium on their Server last time

what is the most common ways to get infected 


The home version is not supported on servers. Did you have the paid version on all 5 computers?

Email is the most common. Opening attachments.

Edited by Porthos
Link to post
Share on other sites

  • Root Admin

Hello @best4less

Please see the following information with tools and methods to better protect a business customer.

Malwarebytes Incident Response Technology

Forensic Timeliner
Gathers event and log details quickly from more than 20 Windows log repositories and displays them in a chronological timeline view, enabling security teams to uncover what/when/how an endpoint was compromised, and where else the attack may have spread.

Malwarebytes Endpoint Protection & Response

Malwarebytes Product Comparison Guide

Product Details


You can also contact Sales to discuss in more detail if you'd like


Thank you



Link to post
Share on other sites

Thanks Guys 

I only put MB on the Server,

I was trying to encourage them to get the whole network computers done 

but as many small Businesses they don't like spending coins.  


Thanks for all the links.

I need to do some homework and get these guys to buy a Business plan as this has become beyond a joke.

They all log into the Server just to access 1 program via Remote Desktop.

I just don't understand how it is the Server keeps getting smashed unless they are opening emails on the server.  mmmmm

But their individual desktops are not affected.


Thanks again for the advice




Link to post
Share on other sites

Wow that's great news that you caught some of them 

Any links to news articles, that is something i would love to read


I am sure you have already but I would like to thank you for your fight against these people

Must be such a great feeling when you know you got one them, Thank You for all your efforts :) 





Link to post
Share on other sites

I finally figured out how they were getting through 


they had a security camera tech do some work and he opened up a port on the router/modem

and after reading the logs i could see the constant dos attacks and port scans

they were relentless attacks coming from multiple IP address  


Just wanted to say thanks again for you help 

you guys have a great home here :)




Link to post
Share on other sites

Thank you for the details.  I'll be sure to pass this info on to the Malwarebytes Research team for analysis.  If you have any additional details to add please feel free as they would be much appreciated.  I'd like to aid the Research team in better targeting these kinds of attacks/threats in the future and possibly help them to develop improved preventative countermeasures.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.