Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Crypto Locker Advice

Posted on 2013-10-25
6
Medium Priority
?
856 Views
Last Modified: 2013-11-22
Hi all,

A machine has been infected by the crypto locker virus.

Now I have read up on an dunderstand how this virus works.

Unfortunately there are quite a few files on this machine required, and no backup on the shadow volume.

Now my question is has anyone made the payment and does it work? (I have read reports it does).

I have installed malware bytes which is now detecting and blocking an outgoing port (1803 if it helps).

If we are to pay the 300 USD dollars, will i need to disable malwarebytes whilst we do this?

Also i have read that the servers contaiing the eys have been taken out? is this the case so will it be impossible to recover?

Thanks in advance.

Matt.
0
Comment
Question by:flynny
6 Comments
 
LVL 24

Expert Comment

by:aadih
ID: 39600181
Read the following article, "CryptoLocker: A particularly pernicious virusplease":

http://windowssecrets.com/top-story/cryptolocker-a-particularly-pernicious-virus/ >

Excerpt:

"Some users have paid the ransom and, surprisingly, were given the keys to their data. (Not completely surprising; returning encrypted files to their owners might encourage others to pay the ransom.) This is, obviously, a risky option. But if it’s the only way you might get your data restored, use a prepaid debit card — not your personal credit card. You don’t want to add the insult of identity theft to the injury of data loss."

[Note: Italics added]
0
 
LVL 5

Accepted Solution

by:
mebaby333 earned 668 total points
ID: 39600380
The difficult part is that in your position do you feel you have a choice? Most people will say out of the principal of the matter don't pay yet if your position deems it necessary then you do what you need to do.

I have read articles that express that the server that receives the payment is down and has been since September and also articles that state it will decrypt . Yet somehow the dangers or risk of injustice is not lessened whether you pay it or not.

reference to additional articles....

http://community.spiceworks.com/topic/381787-crypto-locker-making-the-rounds-beware
0
 
LVL 15

Assisted Solution

by:Giovanni Heward
Giovanni Heward earned 668 total points
ID: 39606463
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39606484
See my comments here as to why it's unlikely a decryption tool will be made available in your lifetime:

http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/Q_28269083.html#a39578512
0
 

Assisted Solution

by:eddie-f
eddie-f earned 664 total points
ID: 39607452
I Have found this to be the best information on the Cryptolocker virus.

Cryptolocker Ransomware Information Guide and FAQ


or you can read the 90+ pages from the forum here


Hope this helps.
Edd
0
 

Author Comment

by:flynny
ID: 39608817
Many thanks for all ther advice guys.

In the end we just removed and luckily most of the files had been backed up.

thanks again.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question