Old School 360 Posted September 30, 2015 Looks like our company got hit by a hacker. We have everything on one main drive- and they have got in there and seized it up. We can't download anything from that drive. Production reports, financials, everything. Of course, nothing is backed up- even though IT lied to the owner and said its backed up. Apparently, we received a message, that unless we pay, they will delete all our data. IT has been in panic mode all day. They finally came clean with the management this afternoon, and it's looking like we are going to pay. Any of you experience anything like this? It's like a bad movie or something. Share this post Link to post Share on other sites
tanatastic 2,061 Posted September 30, 2015 Sometimes id be looking at shady animal porn or something far out like that and get some BS ransomware. A fake FBI screen would pop up saying I had to pay or be in violation. I always fixed it with a system restore. Dont even know if theres anyone on the end of it holding hostage or if they just take your payment info and steal more, not sure. Share this post Link to post Share on other sites
TimmySmith 2,782 Posted September 30, 2015 My company got hit by ransom ware. I know several very high level computer guys. Their answer. You are screwed. We didn't pay and lost a fair amount of data. Share this post Link to post Share on other sites
Magnificent Bastard 190 Posted September 30, 2015 Same guys that got Gocolts? Share this post Link to post Share on other sites
Patriotsfatboy1 1,432 Posted September 30, 2015 Depends on the variant. Early variants of Cryptolocker have a key that you can get for free online. New ones - you are screwed. Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 My company got hit by ransom ware. I know several very high level computer guys. Their answer. You are screwed. We didn't pay and lost a fair amount of data. Really? Any idea how much money they asked for? I overheard the head of finance walking away from IT saying "just let me know how much it is." My first thought was a scam, but they confirmed we can't download any data. It's going to be bad either way. IT guys are in trouble. Our antivirus failed. And we have to pay. How much time did they give you before they wiped out your data? Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 Depends on the variant. Early variants of Cryptolocker have a key that you can get for free online. New ones - you are screwed. Interesting. Share this post Link to post Share on other sites
Djgb13 2,338 Posted September 30, 2015 Never dealt with anything like that but it sounds like a worst case scenario. Couldn't even begin to tell you anything to do with software. Probably end up having to pay. Share this post Link to post Share on other sites
Patriotsfatboy1 1,432 Posted September 30, 2015 Find out the variant, but if you pay, you likely will not get your data back. Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 Find out the variant, but if you pay, you likely will not get your data back. We will be super focked. Our owner is gonna be super pissed. Share this post Link to post Share on other sites
IGotWorms 3,400 Posted September 30, 2015 Bring in the lawyers! Share this post Link to post Share on other sites
titans&bucs&bearsohmy! 2,745 Posted September 30, 2015 Any company that doesn't keep multiple backups, and at least one on a hard copy, offsite, of their data deserves it. How focking stupid. I mean it is 2015 for focks sake. Didn't we all learn this lesson with our college term paper? 1 Share this post Link to post Share on other sites
Drizzay 648 Posted September 30, 2015 Can't you just ask the other local McDonald's for their financials and pass them off as yours? Share this post Link to post Share on other sites
Cloaca du jour 2,080 Posted September 30, 2015 Wow, in this day and age??? They deserve it Share this post Link to post Share on other sites
Baker Boy 1,500 Posted September 30, 2015 Any company that doesn't keep multiple backups, and at least one on a hard copy, offsite, of their data deserves it. How focking stupid. I mean it is 2015 for focks sake. Didn't we all learn this lesson with our college term paper? Correct, but Morons like this keep Consultants like me in business. Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 Any company that doesn't keep multiple backups, and at least one on a hard copy, offsite, of their data deserves it. How focking stupid. I mean it is 2015 for focks sake. Didn't we all learn this lesson with our college term paper? No sh't. And the head of IT lied to the owner last year, when he told him everything is backed up. Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 Can't you just ask the other local McDonald's for their financials and pass them off as yours? The fryolator won't burn the fries properly unless we pay the ransom. Share this post Link to post Share on other sites
TimmySmith 2,782 Posted September 30, 2015 Really? Any idea how much money they asked for? I overheard the head of finance walking away from IT saying "just let me know how much it is." My first thought was a scam, but they confirmed we can't download any data. It's going to be bad either way. IT guys are in trouble. Our antivirus failed. And we have to pay. How much time did they give you before they wiped out your data? Started at $500, but we had no idea what was going on. By the time we did a bit of research on it, it increased to $750. I think the time frame was 72 hours. The interesting thing is my workstation was running an older version of windows than the rest and was untouched, so I had backups of my own work, which saved our butts. The data is not wiped out, the files are just locked so you can see them, but you can't open them. Share this post Link to post Share on other sites
titans&bucs&bearsohmy! 2,745 Posted September 30, 2015 Started at $500, but we had no idea what was going on. By the time we did a bit of research on it, it increased to $750. I think the time frame was 72 hours. The interesting thing is my workstation was running an older version of windows than the rest and was untouched, so I had backups of my own work, which saved our butts. The data is not wiped out, the files are just locked so you can see them, but you can't open them. Christ. $750? Sounds like you got hacked by a 12 year old. Your it department should be fired to a man. Share this post Link to post Share on other sites
TimmySmith 2,782 Posted September 30, 2015 Christ. $750? Sounds like you got hacked by a 12 year old. Your it department should be fired to a man. If you do a bit of research on cryptlocker or bitlocker you'll find out they have nailed Towns. Same program but the rate is higher. And they paid. We are a small company with no real IT dept, our anti-virus missed it. Someone made a bad click on a bad site. At that point your computers are toast and must be re-formatted. Windows 7/8 was screwed, my old XP was fine. Share this post Link to post Share on other sites
Patriotsfatboy1 1,432 Posted September 30, 2015 If you do a bit of research on cryptlocker or bitlocker you'll find out they have nailed Towns. Same program but the rate is higher. And they paid. We are a small company with no real IT dept, our anti-virus missed it. Someone made a bad click on a bad site. At that point your computers are toast and must be re-formatted. Windows 7/8 was screwed, my old XP was fine. Bitlocker is different. That is Microsoft's drive encryption software that is part of the OS. Cryptolocker is the ransomware. Anti-virus software will not detect or protect you in almost all cases. People should note that you can get the ransomware from visiting infected websites. The crooks will buy ads on legitimate sites with the money they get in ransom so that they can spread it even further. It is quite a little scheme. There is some free software (https://www.foolishit.com/cryptoprevent-malware-prevention/) that will help you from being infected yourself. I suggest people do this on their own machines at home. My wife got hit about a year ago. Share this post Link to post Share on other sites
vuduchile 1,941 Posted September 30, 2015 To whom is the money paid and how? Does your boss have to wire 750 bucks to a Swiss bank account or leave a duffel bag full of nickels in a locker at The Port Authority? Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 To whom is the money paid and how? Does your boss have to wire 750 bucks to a Swiss bank account or leave a duffel bag full of nickels in a locker at The Port Authority? $500 seems like a pittance. It's $500 per file, or per instance. So far, they know of over 150 instances in our system. Share this post Link to post Share on other sites
TimmySmith 2,782 Posted September 30, 2015 To whom is the money paid and how? Does your boss have to wire 750 bucks to a Swiss bank account or leave a duffel bag full of nickels in a locker at The Port Authority? Bitcoin. Share this post Link to post Share on other sites
Patriotsfatboy1 1,432 Posted September 30, 2015 Again - I would make sure which variant is the culprit because you might be able to get things for free. http://www.bbc.com/news/technology-28661463 If you have no other choice, then you pay and hope that you get your stuff back. Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 Again - I would make sure which variant is the culprit because you might be able to get things for free. http://www.bbc.com/news/technology-28661463 If you have no other choice, then you pay and hope that you get your stuff back. IT said its the newer variant. "We're focked" Share this post Link to post Share on other sites
Jeff Garcia 8 Posted September 30, 2015 Really? Any idea how much money they asked for? I overheard the head of finance walking away from IT saying "just let me know how much it is." My first thought was a scam, but they confirmed we can't download any data. It's going to be bad either way. IT guys are in trouble. Our antivirus failed. And we have to pay. How much time did they give you before they wiped out your data? Let me guess, you have Norton? Share this post Link to post Share on other sites
Jeff Garcia 8 Posted September 30, 2015 Correct, but Morons like this keep Consultants like me in business. Share this post Link to post Share on other sites
Patriotsfatboy1 1,432 Posted September 30, 2015 IT said its the newer variant. "We're focked" Yup. You are focked. You will end up paying them. Hope that you actually get the right keys. Share this post Link to post Share on other sites
dain11279 931 Posted September 30, 2015 Bring in the lawyers! Do ya know any? Share this post Link to post Share on other sites
patweisers44 709 Posted September 30, 2015 To whom is the money paid and how? Does your boss have to wire 750 bucks to a Swiss bank account or leave a duffel bag full of nickels in a locker at The Port Authority? $750 postal money order, payable to Latin Pimp Share this post Link to post Share on other sites
tanatastic 2,061 Posted September 30, 2015 Just turn off all the computers and turn them on again. Solves 99% of IT problems. Share this post Link to post Share on other sites
IGotWorms 3,400 Posted September 30, 2015 Do ya know any? Not any good ones Share this post Link to post Share on other sites
Patriotsfatboy1 1,432 Posted September 30, 2015 Not any real ones No sh!t. Share this post Link to post Share on other sites
Old School 360 Posted September 30, 2015 Bitlocker is different. That is Microsoft's drive encryption software that is part of the OS. Cryptolocker is the ransomware. Anti-virus software will not detect or protect you in almost all cases. People should note that you can get the ransomware from visiting infected websites. The crooks will buy ads on legitimate sites with the money they get in ransom so that they can spread it even further. It is quite a little scheme. There is some free software (https://www.foolishit.com/cryptoprevent-malware-prevention/) that will help you from being infected yourself. I suggest people do this on their own machines at home. My wife got hit about a year ago. IT said thanks for the rink. Share this post Link to post Share on other sites
tanatastic 2,061 Posted September 30, 2015 Safe mode, system restore, done. Heck its prob the IT company running the scam. Share this post Link to post Share on other sites
Old School 360 Posted October 2, 2015 So, our IT department has an idea. They are now making a back up of our files. The files are encrypted and we can't unlock them and we're not paying the ransom. This doesn't look good. The deadline should be tonight or sometime over the weekend. We're screwed. 1 Share this post Link to post Share on other sites
MichaelFPO 0 Posted November 9, 2015 Please help me! My doc files was encrypted and i have help_your_files.txt file in each folder all as described herein http://nabzsoftware.com/types-of-threats/help_your_files please help me get rid of it!.. Share this post Link to post Share on other sites
mobb_deep 919 Posted November 9, 2015 Pour milk on your computer. Share this post Link to post Share on other sites
Mungwater 588 Posted November 9, 2015 You guys shouldn't have banned ed Share this post Link to post Share on other sites