PDA

View Full Version : ransomware attack


acorn54
07-28-2017, 05:55 AM
i left my puter on overnight and went to us my handicapping program loading the bris multicap files and malwarebytes quarantined a ransomware item. has anybody had a similiar experience?

Dave Schwartz
07-28-2017, 11:50 AM
One of my users had this.

There is a lot of good information out there on the web about ransomware, but basically know that you have lost everything.

Everything worthwhile is about PROTECTION because there is no SAVING.

Sorry.

https://www.google.com/search?q=what+to+do+ransomware+attack&rlz=1C1NHXL_enUS738US738&oq=what+to+do+ransomeware&aqs=chrome.2.69i57j0l2.9479j0j7&sourceid=chrome&ie=UTF-8

_______
07-28-2017, 12:16 PM
One of my users had this.

There is a lot of good information out there on the web about ransomware, but basically know that you have lost everything.

Everything worthwhile is about PROTECTION because there is no SAVING.

Sorry.

https://www.google.com/search?q=what+to+do+ransomware+attack&rlz=1C1NHXL_enUS738US738&oq=what+to+do+ransomeware&aqs=chrome.2.69i57j0l2.9479j0j7&sourceid=chrome&ie=UTF-8

I think he said his anti-malware had quarentined the item.

Click and delete or just leave it in quarantine and carry on.

Dave Schwartz
07-28-2017, 05:03 PM
Geez... maybe I should actually READ the post, huh?

I will tell you what happened to us.

Our software users ALL shared a single DropBox folder, with read/write privileges.

One of the guys got ransomwared and 2 files popped up in our shared folder.

One was a text file explaining that "You've been encrytped, etc." and where to send the money. The other one was an encrypted file .docx file.

I panicked a little, thinking that I was infected (along with everyone else). And at this point had no clue which user was infected.

Eventually, it turned out that everyone except for that single user was clean, but it was still a little frightening. The end result was that the encrypted files are not infected at all.

For us it caused changes. We:

1. Killed the whole shared folder-thing because it only takes a single user who doesn't manage his own security to infect everyone.

2. Updated our own disaster recovery plan to include more frequent backups off physical site. (We just have too much data to do this in the cloud.)


Friends, you need to take this ransomware stuff seriously.