Solved

CryptoDefense Cryptodefense On CLient Machine

Posted on 2014-04-09
5
387 Views
Last Modified: 2014-04-17
Hi;

A client has been infected with Cryptolocker (Cryptodefense) so some of their documents are encrypted.

Is there still a functioning solution other than paying these guys.

Alternately is there a way to unencrypt the files.
0
Comment
Question by:mavcom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 24

Assisted Solution

by:aadih
aadih earned 200 total points
ID: 39988705
No. :-(

[Without a backup image, no way out.]
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 300 total points
ID: 39991281
If you are referring to CryptoLocker, it is not a virus or spyware. It's an encryption a hacker places on all your documents  local and network that encrypts your documents.

There are multiple lines of defense:

1. Installing a good firewall like Cisco, Sonicwall or Barracuda that includes content filtering to inspect packets as they are received and drop suspicious and known file types before they reach your network.

2. There are also some software firewalls that help but we believe a stand alone hardware firewall is best.

3. Installing a web based anti spam service that inspects email before it's received like the content filtering above. We use GFI Mail Essentials Online for this service.

4. Educate your users not to open email that looks irregular and from someone they do not expect. This is just plain common sense feature that some people don't use.

If you get hit with CryptoLocker, there are two solutions:

1. Restore from a backup to restore your registry back so it’s clean and restore your documents in unencrypted format.
2. Pay the ransom and hope they unlock your files.

Comodo AntiVirus says if you are running their anti virus and get hit with CryptoLocker, they "offer customers up to a $5,000 limited warranty against infection."

http://www.comodo.com/news/press_releases/2013/11/comodo-endpoint-security-protects-cryptoLocker-ransomware-virus.html

Hope this helps.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 39997999
Have we provided the information you needed? There is no un-encryption solution.
0
 

Author Closing Comment

by:mavcom
ID: 40007351
Thank you.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40007370
Glad I could provide information. Hope it helps!
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question