Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 860
  • Last Modified:

Crypto Locker Advice

Hi all,

A machine has been infected by the crypto locker virus.

Now I have read up on an dunderstand how this virus works.

Unfortunately there are quite a few files on this machine required, and no backup on the shadow volume.

Now my question is has anyone made the payment and does it work? (I have read reports it does).

I have installed malware bytes which is now detecting and blocking an outgoing port (1803 if it helps).

If we are to pay the 300 USD dollars, will i need to disable malwarebytes whilst we do this?

Also i have read that the servers contaiing the eys have been taken out? is this the case so will it be impossible to recover?

Thanks in advance.

Matt.
0
flynny
Asked:
flynny
3 Solutions
 
aadihCommented:
Read the following article, "CryptoLocker: A particularly pernicious virusplease":

http://windowssecrets.com/top-story/cryptolocker-a-particularly-pernicious-virus/ >

Excerpt:

"Some users have paid the ransom and, surprisingly, were given the keys to their data. (Not completely surprising; returning encrypted files to their owners might encourage others to pay the ransom.) This is, obviously, a risky option. But if it’s the only way you might get your data restored, use a prepaid debit card — not your personal credit card. You don’t want to add the insult of identity theft to the injury of data loss."

[Note: Italics added]
0
 
mebaby333It AdminCommented:
The difficult part is that in your position do you feel you have a choice? Most people will say out of the principal of the matter don't pay yet if your position deems it necessary then you do what you need to do.

I have read articles that express that the server that receives the payment is down and has been since September and also articles that state it will decrypt . Yet somehow the dangers or risk of injustice is not lessened whether you pay it or not.

reference to additional articles....

http://community.spiceworks.com/topic/381787-crypto-locker-making-the-rounds-beware
0
 
Giovanni HewardCommented:
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
Giovanni HewardCommented:
See my comments here as to why it's unlikely a decryption tool will be made available in your lifetime:

http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/Q_28269083.html#a39578512
0
 
eddie-fCommented:
I Have found this to be the best information on the Cryptolocker virus.

Cryptolocker Ransomware Information Guide and FAQ


or you can read the 90+ pages from the forum here


Hope this helps.
Edd
0
 
flynnyAuthor Commented:
Many thanks for all ther advice guys.

In the end we just removed and luckily most of the files had been backed up.

thanks again.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now