Ransomware victim ? Read this!

Translated from the korben article

REvil / Sodinokibi, GranCrab, Egregor, Sekhmet ransomware will not stop as 1/3 of the victims pays the ransom.

The new threat model is that the data is in addition being exfiltrated .

As example with REvil for some victims which data was exfiltrated and paid the ransom, data was published anyway.

The next threat will be DDoS attacks to force the payment.

I have a mailbox always full and constantly desperate people write to me cause they "caught" a ransomware.

Here's my advice :

Take a deep breath

Write down the name of the ransomware and keep it somewhere

Remove the hard drive from your computer and put it in a box

Install a new hard drive

Make offline backups of your computer and install an antivirus

Finally, take a look from time to time at No More Ransom to see if a file decryptor is available for your ransomware

The decryption tools of the No More Ransom page.
For example the decryptor for GrandCrab (1,5 million of victims) is available.

If you follow this advice and you had kept the cursed disk, it's maybe the time to reclaim what you owned.

Auteur : Harlok

2020-11-22 14:44:19

Comments

Add a Comment

Homepage