Solved

CryptoDefense Cryptodefense On CLient Machine

Posted on 2014-04-09
5
386 Views
Last Modified: 2014-04-17
Hi;

A client has been infected with Cryptolocker (Cryptodefense) so some of their documents are encrypted.

Is there still a functioning solution other than paying these guys.

Alternately is there a way to unencrypt the files.
0
Comment
Question by:mavcom
  • 3
5 Comments
 
LVL 24

Assisted Solution

by:aadih
aadih earned 200 total points
ID: 39988705
No. :-(

[Without a backup image, no way out.]
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 300 total points
ID: 39991281
If you are referring to CryptoLocker, it is not a virus or spyware. It's an encryption a hacker places on all your documents  local and network that encrypts your documents.

There are multiple lines of defense:

1. Installing a good firewall like Cisco, Sonicwall or Barracuda that includes content filtering to inspect packets as they are received and drop suspicious and known file types before they reach your network.

2. There are also some software firewalls that help but we believe a stand alone hardware firewall is best.

3. Installing a web based anti spam service that inspects email before it's received like the content filtering above. We use GFI Mail Essentials Online for this service.

4. Educate your users not to open email that looks irregular and from someone they do not expect. This is just plain common sense feature that some people don't use.

If you get hit with CryptoLocker, there are two solutions:

1. Restore from a backup to restore your registry back so it’s clean and restore your documents in unencrypted format.
2. Pay the ransom and hope they unlock your files.

Comodo AntiVirus says if you are running their anti virus and get hit with CryptoLocker, they "offer customers up to a $5,000 limited warranty against infection."

http://www.comodo.com/news/press_releases/2013/11/comodo-endpoint-security-protects-cryptoLocker-ransomware-virus.html

Hope this helps.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 39997999
Have we provided the information you needed? There is no un-encryption solution.
0
 

Author Closing Comment

by:mavcom
ID: 40007351
Thank you.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40007370
Glad I could provide information. Hope it helps!
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
HELP!  Encrypted data on client's laptop 8 86
Is there a removal tool and a decryption tool for Osiris ransomware 6 288
Powershell script reporting 12 46
Data Encryption 3 39
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question