Ransomware Recovery (for discussion)

SenseiSteve

HD Moderator
Staff member
While effective backup and disaster recovery plans work to minimize ransomware attacks, we're asking for discussion - what about solutions after the fact, once you've already been attacked? What's the best course of action at that point? Cross your fingers and hope there's a decryption script out there?
 
I think this is one of the biggest risks to any web hosting provider and even website owner.

If no backups are available its hard to know what to do in that situation, I suppose it would depend on the ransom.
 
In some cases, Ransomware virus can be removed however, you will need to contact security professionals who can help you to decrypt those files infected with a Ransomware virus. There are some security firms in the market who have developed their own decryption tool for that specific virus but first you've to find out the family name of that Ransomware.

We once use this website to identify the ransomware family name and then able to decrypt the file/s, try this and let me know the result. :)
 
In some cases, Ransomware virus can be removed however, you will need to contact security professionals who can help you to decrypt those files infected with a Ransomware virus. There are some security firms in the market who have developed their own decryption tool for that specific virus but first you've to find out the family name of that Ransomware.

We once use this website to identify the ransomware family name and then able to decrypt the file/s, try this and let me know the result. :)
Thanks for the heads up. This should help those who do get attacked. We had a case in St. Louis where the Public Library was attacked and shut down. I don't believe any ransom was paid though.
 
Recently in the UK the NHS was brought to a standstill due to Ransonware. This got in through old Windows XP systems as UK Gov. stopped paying microsoft for security patches
 
Thanks for the heads up. This should help those who do get attacked. We had a case in St. Louis where the Public Library was attacked and shut down. I don't believe any ransom was paid though.

Glad that they didn't fall to "long term" victims. Because paying it is worst then losing the data. Because they will "recommend" you to other hackers and such and we all know how that ends right?

Just show's them who's boss and restore from the latest backup that haven't fallen victim to it.

Failing that you can always try to pay for a white hat person as mentioned on this thread. :)
 
Top