Sincronos.net Forums

Sincronos.net Forums

Nothing is permanent, everything is constant.
 
It is currently Tue May 21, 2019 6:23 am

All times are UTC - 6 hours [ DST ]





Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post subject: RSA-2048 and AES-128 ransomware
PostPosted: Fri Sep 09, 2016 6:49 pm 
Offline
Site Admin
User avatar

Joined: Sat Jan 16, 2010 12:17 am
Posts: 3339
Location: NoDak, U.S.A.
So yesterday, my Mom's laptop got taken down with this. Or something very similar to it.

So that sucks.

_________________
Image
Image Image
Snow banner by Synkopated; Family banner by The Phiend


Last edited by CWS on Mon Sep 12, 2016 11:28 am, edited 1 time in total.
Not sure if it's actually CryptoWall specifically, just something using RSA-2048 and AES-128 encryption.


Top
 Profile  
Reply with quote  
 Post subject: Re: RSA-2048 and AES-128 ransomware
PostPosted: Fri Sep 09, 2016 11:18 pm 
Offline
Contributing Staff
User avatar

Joined: Fri Feb 05, 2010 8:12 am
Posts: 910
Christ. I don't know what you can really do to decrypt the files at this point, aside from paying, but to prevent this in future, I can happily recommend the combination of Bitdefender Premium and Malwarebytes Anti-Malware. They're the only programs I really trust except for maybe Kaspersky, since some other AV programs are essentially bloatware/malware themselves at this point. You can get a combined license for everyone in your household with a device, which is what I've done, and has turned out to be pretty cheap per license. The only issue I had, which is more an annoyance, is routing games and programs you want to run through their firewalls/exclusions.

_________________
[Reveal] Spoiler: Gravity
Image


Top
 Profile  
Reply with quote  
 Post subject: Re: RSA-2048 and AES-128 ransomware
PostPosted: Mon Sep 12, 2016 11:34 am 
Offline
Site Admin
User avatar

Joined: Sat Jan 16, 2010 12:17 am
Posts: 3339
Location: NoDak, U.S.A.
Loki Kola wrote:
Christ. I don't know what you can really do to decrypt the files at this point, aside from paying, but to prevent this in future, I can happily recommend the combination of Bitdefender Premium and Malwarebytes Anti-Malware. They're the only programs I really trust except for maybe Kaspersky, since some other AV programs are essentially bloatware/malware themselves at this point. You can get a combined license for everyone in your household with a device, which is what I've done, and has turned out to be pretty cheap per license. The only issue I had, which is more an annoyance, is routing games and programs you want to run through their firewalls/exclusions.
Thanks for the input. I've been using the free version of MalwareBytes, and also their free Anti-Exploit shield program, for some time and have yet to experience any problems myself. But this does make me a bit nervous and leads me to wonder if there are any additional security measures I should be taking myself, or suggesting to her. If anyone has any further advice on that front, I'd welcome it.

And unfortunately it does look like her data is probably unrecoverable. Fortunately she had an older hard drive which was only replaced a few months ago that she could go back to, so she didn't lose EVERYTHING.

_________________
Image
Image Image
Snow banner by Synkopated; Family banner by The Phiend


Top
 Profile  
Reply with quote  
 Post subject: Re: RSA-2048 and AES-128 ransomware
PostPosted: Wed Sep 14, 2016 1:18 am 
Offline
Contributing Staff
User avatar

Joined: Fri Feb 05, 2010 8:12 am
Posts: 910
I'd use Bitdefender or another reputable Antivirus program, too. MalwareBytes is antimalware specifically, and while it can catch viruses, that's not what its specific purpose is. Since BitDefender let me know just now, I thought I'd let you know they've got an extra 4 months three when you get their 3-license pack. I'm not sure whether or not that's just for existing customers like me, but thought it worth looking into.

As for your mother's laptop, you're going to want to boot it into safe mode and clean it out with whatever software you install to kill the virtual buttcrabs it's caught. That's not my area of expertise, because I haven't had to do that yet, but the PCMR subreddit should have a guide to it somewhere.

EDIT: if not an outright clean install.

_________________
[Reveal] Spoiler: Gravity
Image


Top
 Profile  
Reply with quote  
 Post subject: Re: RSA-2048 and AES-128 ransomware
PostPosted: Wed Sep 14, 2016 4:41 am 
Offline
Site Admin
User avatar

Joined: Sat Jan 16, 2010 12:17 am
Posts: 3339
Location: NoDak, U.S.A.
Loki Kola wrote:
I'd use Bitdefender or another reputable Antivirus program, too. MalwareBytes is antimalware specifically, and while it can catch viruses, that's not what its specific purpose is. Since BitDefender let me know just now, I thought I'd let you know they've got an extra 4 months three when you get their 3-license pack. I'm not sure whether or not that's just for existing customers like me, but thought it worth looking into.
I've been using Avast for years, and have been perfectly happy with it. But thanks for the heads-up.
Loki Kola wrote:
As for your mother's laptop, you're going to want to boot it into safe mode and clean it out with whatever software you install to kill the virtual buttcrabs it's caught. That's not my area of expertise, because I haven't had to do that yet, but the PCMR subreddit should have a guide to it somewhere.

EDIT: if not an outright clean install.
Yeah...think I'll let my dad worry about that. :P

_________________
Image
Image Image
Snow banner by Synkopated; Family banner by The Phiend


Top
 Profile  
Reply with quote  
 Post subject: Re: RSA-2048 and AES-128 ransomware
PostPosted: Mon Feb 20, 2017 12:32 pm 
Offline

Joined: Mon Feb 20, 2017 12:22 pm
Posts: 1
Hello! As I know it is a chance to recover files after RSA-2048 and AES-128 ransomware attack using shadow copies service. You can try to use one of this tools, they are free:
- ShadowExplorer - http://www.shadowexplorer.com/downloads.html
- Recuva - https://www.piriform.com/recuva
- Manual guide - http://manual-removal.com/rsa2048-aes128/
- Farbar - https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Template made by DEVPPL