Viewing 4 reply threads
  • Author
    • #8602

      Hey guys,

      This could go in a few different places so I am posting it here. Has anyone run into Cryptolocker? If you have, what have you found to be the source? Is there a way to decrypt the information with out paying the ransom? So far i have been able to restore from backup for one customer the other wasn’t so lucky and ended up reformatting the PC. Im looking for any information on this if any one has reverse engineered it or done forensics on it.

    • #53566

      At this time there is no fast way to recover from the files being encrypted. You could either pay or wipe, re-image, restore from known good backup. I’ve heard some people paying and getting roughly a 3 day turnaround on the decryption. But like all ransom situations, you risk not getting anything for paying and only having to pay more. This type of attack reiterates a number of security measures that should be in place. Patching systems, not running as a privileged user, backing up your data regularly, and smart internet/email usage. You can read up on Kreb’s recent articles on the matter he does have some preventative measures listed but nothing to help if you have already been hit with it.

    • #53567

      As far as recovering without paying the ransom, you have two options:

      1) Backups. This doesn’t do you any good after the fact if you’re not taking regular and complete backups, though.

      2) Volume Shadow Copies. I’ve heard rumblings that newer versions of Crypt0locker are accounting for VSS now, though.

      Good luck!

    • #53568

      Minor adware like yoursites123 can bring ransomware on your PC, info:

      A good and big article about cryptolocker can be found

    • #53569

      Beware that hackers have just renewed Cryptolocker and have started spreading it as Cryptowall! I was infected with this threat several weeks ago, so I must warn users that now it is capable of affecting data, which is saved on external hard drives and Dropbox. So, your files may be doomed even if you have backups saved on your external drive.. However, I can’t agree that yoursites123 or similar browser hijacker can bring ransomware to the system. People are tricked into installing such threats as “important” attachments.

      I have also managed to find this post about yoursites123. You can check it for getting more knowledge about this thing…

Viewing 4 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?