Jump to content

Recommended Posts

Hi,  I have one job and i say they get Done by a Ransomware at least 3 times a year LOL 

 

I put Malwarebytes Home Premium on their Server last time, just trying to show them it would be worth getting the Business version 

for the rest of the computers, very small only 5 computers.

But they got another Ransomware infection today, again With Malwarebytes Home Premium paid and installed :(

 

What am i missing, what is the most common ways to get infected 

only this place keeps getting them LOL

 

The other 60 odd costumers i  have are fine, all i have to do for them is replace PSU's  LOL

 

any thoughts would be greatly appreciated 

 

And I am sorry if i posted in the wrong sub Forum :)

 

Cheers

B4L

 

 

Link to post
Share on other sites
14 minutes ago, best4less said:

What am i missing

image1.gif.6597a8b8bd56543573d3a2d89e1f3d03.gif.93d3be9876a19b632e5f4c9afc9de1b0.gif

14 minutes ago, best4less said:

I put Malwarebytes Home Premium on their Server last time

what is the most common ways to get infected 

 
 

The home version is not supported on servers. Did you have the paid version on all 5 computers?

Email is the most common. Opening attachments.

Edited by Porthos
Link to post
Share on other sites

Hello @best4less

Please see the following information with tools and methods to better protect a business customer.

Malwarebytes Incident Response Technology
https://www.malwarebytes.com/business/incidentresponse/

Forensic Timeliner
Gathers event and log details quickly from more than 20 Windows log repositories and displays them in a chronological timeline view, enabling security teams to uncover what/when/how an endpoint was compromised, and where else the attack may have spread.


Malwarebytes Endpoint Protection & Response
https://www.malwarebytes.com/business/endpointprotectionandresponse/


Malwarebytes Product Comparison Guide
https://resources.malwarebytes.com/files/2018/11/Malwarebytes-Business-Product-Comparison-Guide-v7.pdf

Product Details

https://www.malwarebytes.com/business/products/

You can also contact Sales to discuss in more detail if you'd like

https://www.malwarebytes.com/business/contact-us/

Thank you

Ron

 

Link to post
Share on other sites

Thanks Guys 

I only put MB on the Server,

I was trying to encourage them to get the whole network computers done 

but as many small Businesses they don't like spending coins.  

 

Thanks for all the links.

I need to do some homework and get these guys to buy a Business plan as this has become beyond a joke.

They all log into the Server just to access 1 program via Remote Desktop.

I just don't understand how it is the Server keeps getting smashed unless they are opening emails on the server.  mmmmm

But their individual desktops are not affected.

 

Thanks again for the advice

 

Cheers

B4L

Link to post
Share on other sites

I have trained them well to do full backups EVERYDAY  lol

 

so format and reinstall 

quick job only 40 minutes for me

but i guess they lose 2 or 3 hours of the day because of it

 

Have they ever caught and prosecuted any of these  ***@%^&*** :) 

Link to post
Share on other sites

Wow that's great news that you caught some of them 

Any links to news articles, that is something i would love to read

 

I am sure you have already but I would like to thank you for your fight against these people

Must be such a great feeling when you know you got one them, Thank You for all your efforts :) 

 

Cheers

B4L

 

Link to post
Share on other sites

I finally figured out how they were getting through 

 

they had a security camera tech do some work and he opened up a port on the router/modem

and after reading the logs i could see the constant dos attacks and port scans

they were relentless attacks coming from multiple IP address  

 

Just wanted to say thanks again for you help 

you guys have a great home here :)

 

Cheers

B4L

Link to post
Share on other sites

Thank you for the details.  I'll be sure to pass this info on to the Malwarebytes Research team for analysis.  If you have any additional details to add please feel free as they would be much appreciated.  I'd like to aid the Research team in better targeting these kinds of attacks/threats in the future and possibly help them to develop improved preventative countermeasures.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.