Ransomware Attack

Discussion in 'Systems Administration' started by Stampede, May 28, 2017.

  1. Recently we were attacked by a Ransomware Virus that encrypted all of our files. We are running a dedicated server and it seems the virus came from someone else on the machine's network (we hadn't downloaded anything in a very long time). We don't have a backup of the file we need so is there any ideas on how we should go about restoring some data?
     
  2. If you don't have any backups you're basically out of luck :/ (Ransomware typically exploits vulnerabilities rather than waits to have you download something).
     
  3. Two questions.

    1) Is it WannaCry? If so, you probably wanna wait for when their key is found out.
    2) Are you running a windows server?
     
  4. Why are you using windows server for minecraft...
     
  5. Strahan

    Benefactor

    Pay the ransom, restore all the files, then for the love of God start using backups. I can't believe people who don't make backups of their shit.

    It's fashionable to hate on Windows, but it does the job.
     
    • Funny Funny x 1
  6. most of the time when you pay the ransom you don't even get your files unencrypted.
     
  7. Strahan

    Benefactor

    Well that's shitty customer service, lol. Not very smart for the author of the ransomware either, as if word gets out that they don't give the key payments would likely drop off.
     
  8. Do you actually think that anyone that writes malware gives two shits about customer service?
     
  9. Typically they do that so that people don't try and get around paying. If someone found a flaw to make it so that nobody would have to pay anymore then they'd lose it all
     
  10. Strahan

    Benefactor

    It was a joke ;)
     
  11. source?
     
  12. Hes right. I didnt pay it because it's usual that they don't take the time to send you the key.
     
  13. Not very surprising with the recent rise of malware attacks and penetration tools being dumped online, and the targets are mainly old window 2008 servers. Starting fresh is your only option with a new & updated OS, preferably Linux or at least a new version of windows, not 2008, There's no reason to be using outdated servers
     
    • Agree Agree x 1