The best method IMO to get help would be going to a specialized professional in computer and IT (There are plenty of shops for fixing programs and corrupted PC's), although it might not be easy but their might be a way to extract the needed information out of it.
Paying is a wrong thing to do IMO, since it would encourage these people to do that again and again.
Topic: Wanna Cry new ? please help (cryptolocker Petya) (Read 1829 times)
Hello, guys !
Please help with in fighting the virus.
At the wife at work the server and other computers picked up a virus similar to WannaCry
(All except the wife's computer, to which I installed Comodo)
The server is a laptop without antivirus and firewall.
All important information is stored on the server.
Bitcoin address and email:
1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX
[email protected]
Please help with in fighting the virus.
At the wife at work the server and other computers picked up a virus similar to WannaCry
(All except the wife's computer, to which I installed Comodo)
The server is a laptop without antivirus and firewall.
All important information is stored on the server.
Bitcoin address and email:
1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX
[email protected]
Private Decryption Key For Original Petya Ransomware Released
The creator of the Petya ransomware, Janus has released the master decryption key. This key can decrypt all the files that have been encrypted by all three versions of Petya, red, green, and yellow. This key is unusable against the modified version of Petya, Notpetya that targeted computers of critical infrastructure and corporations in Ukraine as well as 64 other countries.
http://thehackernews.com/2017/07/petya-ransomware-decryption-key.html?m=1
https://twitter.com/JanusSecretary/status/882663988429021184
It seems that in the future corporations will have to keep their computers offline. There is a system protection of sensitive sites. The user is forbidden to access the Internet and run removable media.
That would be a disaster for those who work in the offices, hopefully it won't run to that. What corporations really lack are good system administrators who's awareness about newest viruses is always up to date.
This gotta stop! this is because of the high price of bitcoin that is why people are doing such crime and I think the victims are all bitcoin users, and I think they are choosing targets with IP that have bitcoins transaction I guess, well I think this guys are a real genius in hacking things but I am not encouraging them to really sunk into such criminal act, and instead of using their skills for good they are using it in a bad ways!
Well, mate, if you are not joking I think you are wrong. Most of the people who's computers were infected had no idea about Bitcoin. They are federal employees, or government workers if you want, and those people are clueless in most cases. That's why it was explained to them how to use Bitcoin in the section "How Do I pay?".
Petya was a terrible ransomware as wannacry, it both exploit smb v1 vulnerabilities at windows system. However fix for this kind of malware was around for more than 3 months.
And there are some procedure to battle this malware.
And if it a server system. Primary to have a better anti malware.
And dont forget to put your first defense firewall. Which filter session or packet before reavh your network.
All infected device should be isolated to network to stop spreading of the infections.
And there are some procedure to battle this malware.
And if it a server system. Primary to have a better anti malware.
And dont forget to put your first defense firewall. Which filter session or packet before reavh your network.
All infected device should be isolated to network to stop spreading of the infections.
It seems that in the future corporations will have to keep their computers offline. There is a system protection of sensitive sites. The user is forbidden to access the Internet and run removable media.
That would be a disaster for those who work in the offices, hopefully it won't run to that. What corporations really lack are good system administrators who's awareness about newest viruses is always up to date.
This gotta stop! this is because of the high price of bitcoin that is why people are doing such crime and I think the victims are all bitcoin users, and I think they are choosing targets with IP that have bitcoins transaction I guess, well I think this guys are a real genius in hacking things but I am not encouraging them to really sunk into such criminal act, and instead of using their skills for good they are using it in a bad ways!
It seems that in the future corporations will have to keep their computers offline. There is a system protection of sensitive sites. The user is forbidden to access the Internet and run removable media.
That would be a disaster for those who work in the offices, hopefully it won't run to that. What corporations really lack are good system administrators who's awareness about newest viruses is always up to date.
It seems that in the future corporations will have to keep their computers offline. There is a system protection of sensitive sites. The user is forbidden to access the Internet and run removable media.
If you type the words "kill switch for wannacry ransomware" into google, you will find the repair command. It is now public knowledge, hope this helps!
Good luck.
Good luck.
They had already reported there is no kill switch for this one.
This is a new strain and is a more sophisticated variant of the first version of the virus.
As more time passes a new and more powerful version of this virus will be created by more than just hackers. More than likely organized crime units and possibly the mafia in other countries will start using this when they realize they could somehow make billions with this and topple governments with sort of software if engineered properly.
If you type the words "kill switch for wannacry ransomware" into google, you will find the repair command. It is now public knowledge, hope this helps!
Good luck.
Good luck.
This is not wannacry OP's talking about. It's called Petya, or rather “NotPetya” as some researchers call it. This virus is more powerful then wannacry was.
I found this peace of information that might be of help:
Quote
... according to a tweet from HackerFantastic, when the system goes in for a reboot on its own, the user should power off the computer rather than switch it on. This is because during the reboot the files are being encrypted, and if the computer is switched off during this period, the files remain safe, though still inaccessible.
Source:
http://indianexpress.com/article/technology/tech-news-technology/petya-ransomware-cyber-attack-not-wannacry-same-lock-and-demand-tactic-4726781/
If you type the words "kill switch for wannacry ransomware" into google, you will find the repair command. It is now public knowledge, hope this helps!
Good luck.
Good luck.
If this is an attack like ransomeware, you may be advised to report the case to the police. Before the virus was scattered with a wide computer network.
Especially for PC / Laptop that is still clean, immediately update your operating system and update antivirus.
Especially for PC / Laptop that is still clean, immediately update your operating system and update antivirus.
This virus can't be uncripted, no way to do that, even if someone pay them
How do you know? Can you provide an evidence for your claim?
I found this info on how to protect your computer from the encryption:
Quote
For this particular malware outbreak, another line of defence has been discovered: “Petya” checks for a read-only file, C:\Windows\perfc.dat, and if it finds it, it won’t run the encryption side of the software.
Source: https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-how
I created perfc.dat in the C:\Windows\ just in case, but I'd like to see the comments from people who know better than me in this regard.
Just reformat your laptop and install Operating System to erase that malware on your laptop, these is why some computer technician advice put your files on drive D for encase of trouble you just can reformat your drive C and your laptop is good as new again like nothing happen because your files is safe in drive D. Just ignore that ransomeware payment, and be sure to install antivirus and antimalware after finish installing OS.
Oh no this is terrible. I hope this doesn't cause problems for bitcoin. It's on mainstream news here in the uk. But I think mostly Ukraine and Russia affected.
Doesn't anybody else think doing business with anyone from Ukraine is a red flag?
I wouldn't want to do any online transaction with them in receiving anything online like links, files or even pics from them.
There is a potential of getting this virus as it has not been contained yet with over 13,000 pc infected reported just yesterday.
This virus can't be uncripted, no way to do that, even if someone pay them
The heck, I feel sorry about it man. But because your laptop doesn't have any protection such as antivirus and firewall, you were being penetrated easily by that ransom ware. Hate this people who doesn't want to work hard and just hostaging files of innocent people that are working very well. I have read somewhere about bypassing this but it's for wanna cry and I forgot that tutorial already, it should be found in google.
I am sorry to heard that there is still viruses like that. I am not sure if i can help. I would recommend for you to reinstall and delete all files from your personal computer, but problem is that you have information on it. Maybe you could contact some people from your government, because maybe you are not alone with that problem, and maybe they could help you solve it.
Time constraints do not seem to exist.
Yes, it's business, but it's so small a company that they do not have a IT specialist.
Rare copies are rarely made.
I told them for a long time to buy a normal server and install a firewall.
Here it is the price of carelessness. Work completely stopped, all in shock
Yes, it's business, but it's so small a company that they do not have a IT specialist.
Rare copies are rarely made.
I told them for a long time to buy a normal server and install a firewall.
Here it is the price of carelessness. Work completely stopped, all in shock
This is risky considering there is useful data in there, I seen allot about wanncry malware before and if the system isn't constrained with time or risk of deleting the data intentionally I would send this to a specialist (which is still cheaper than the ransom and more trustworthy, since the malware might not work and release the data even after paying).
This server should've been kept offline if you are storing allot of important data on it, since the risk of any of these or a malware is high.
Fixing this isn't something that can be done through guiding online, I suggest visiting a specialized Hardware store and asking about what can be done, and if the data can be extracted from the server or something like that.
Fixing this isn't something that can be done through guiding online, I suggest visiting a specialized Hardware store and asking about what can be done, and if the data can be extracted from the server or something like that.
It seems pretty immature they cannot make unique address for each infection right? It would be much easier that way, then no communication would be necessary.
In my eyes this means that they don't really intend to recover the data if somebody is paying the ransom.
But I see a lot of desperate people thinking "let's pay and hopefully... ". Hopefully what? There are free programs that can protect the computers.
If I would make such ransomware I would not even bother to make an encryption that can be decrypted. One direction "encryption" is cheaper.
Jump to: