Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


RickW

298 posts

Ultimate Geek


#166256 7-Mar-2015 16:58
Send private message

I just tried streaming a tv show from my file server but it wouldn't stream.

I log into the server and all the drives are encrypted. There is a txt file on the desktop named "important to read" that states

"Hello there. Your documents, files, pictures, etc, etc etc is in safe place. If you want to regain access to your local disk, all your files, documents, etc please send 2 BTC (Bitcoin) to this address: [removed] as fast as you can and email me at [removed] If you dont know what bitcoin is, search on google for a local Bitcoin shop and transfer 2 BTC to this address: [removed]

Please note: Do Not hesitate to contact me soon when you see this message for your safety. Do no try to recovery your data files or restore windows because you risk to damage your hard disk and never you can get back your documents. Here are only one way to regain access to your local hard disk drive and this way is to send 2 Bitcoin to this address: [removed]

Waiting for your reply to my email address ( [removed] ) if you wanna get the bitlocker password. Thanks"

Can anyone help. All of my photos are on the hdds and I need to get them back.


[Moderator edit (MF): removed all references to email and Bitcoin addresses]


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4
freitasm
BDFL - Memuneh
79250 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1252829 7-Mar-2015 17:08
Send private message

See if any of this helps: 

 

If you use the second option you might have to follow instructions to cleanup your PCs to make sure it doesn't happen again.

Other than this backup, backup, backup. And not cloud (Google Drive, OneDrive, Dropbox) but real backup (Crashplan).





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup




RickW

298 posts

Ultimate Geek


  #1252836 7-Mar-2015 17:23
Send private message

Im looking at that website, I can't upload any files as I cannot acces any of the hdds. When I click on one of the hdds I get a pop up asking for my bit locker password.

Lias
5589 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #1252838 7-Mar-2015 17:30
Send private message

Most likely, you will have to pay the ransom or write off those files and restore from backups. 

You do have backups right?






I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.




sonyxperiageek
2958 posts

Uber Geek

Trusted

  #1252840 7-Mar-2015 17:32
Send private message

Just wondering, if you have files on a cloud storage e.g OneDrive, if Cryptolocker encrypts those files saved on the PC (that are linked to OneDrive), will they still open on OneDrive?




Sony


RickW

298 posts

Ultimate Geek


  #1252842 7-Mar-2015 17:36
Send private message

I have 2 hdds offsite from a backup I did 6 months ago. my current backup drive for the new photos/home movies was in the system when I was infected and it was encrypted too. I was doing a backup last night and didn't unplug it this morning. :-(

RickW

298 posts

Ultimate Geek


  #1252843 7-Mar-2015 17:37
Send private message

No I don't use any cloud services for backup

RickW

298 posts

Ultimate Geek


  #1252844 7-Mar-2015 17:37
Send private message

If I pay will I get my files back?

 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
Lias
5589 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #1252846 7-Mar-2015 17:41
Send private message

RickW: If I pay will I get my files back?


Almost certainly yes. 




I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.


paulspain
417 posts

Ultimate Geek

Trusted
Lifetime subscriber

  #1252847 7-Mar-2015 17:42
Send private message

There is no guarantee you'll get your files back if you make the payment. But without backups if you can't decrypt the drive on your own you may be stuck for choices if you really value your data.

geocom
594 posts

Ultimate Geek

Subscriber

  #1252851 7-Mar-2015 17:52
Send private message

sonyxperiageek: Just wondering, if you have files on a cloud storage e.g OneDrive, if Cryptolocker encrypts those files saved on the PC (that are linked to OneDrive), will they still open on OneDrive?


Depends. If you let onedrive sync the files to the cloud then those files would become encrypted.

It has to sync everything back to the cloud so there would be every chance that you could stop it depending on how much you have in your one drive and your internet upload speed and how soon you catch it.

I will add that Microsoft may have backups and if you have another computer that is off and isolate it then you will have a safe copy there.




Geoff E


RickW

298 posts

Ultimate Geek


  #1252857 7-Mar-2015 17:55
Send private message

C: dosnt appear too of been touched only the other drives which have been fully encrypted.

michaelmurfy
meow
13240 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1252861 7-Mar-2015 18:14
Send private message

Just out of interest what software is the server running and what ports were exposed to the internet?




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.


DravidDavid
1907 posts

Uber Geek


  #1252871 7-Mar-2015 18:28
Send private message

michaelmurfy: Just out of interest what software is the server running and what ports were exposed to the internet?

Definitely interested in this too.

That ransom letter does not seem to be part of the norm.  It seems quite personal somehow.  The ones I usually see appear quite generic in comparison.  This kind of worries me.

Did you download anything in particular?  Did anyone else connected to your network download anything recently within the last few days to a week or so?

Batman
Mad Scientist
29760 posts

Uber Geek

Trusted
Lifetime subscriber

  #1252874 7-Mar-2015 18:37
Send private message

goodness golly!

PoHq
466 posts

Ultimate Geek


  #1252911 7-Mar-2015 19:36
Send private message

michaelmurfy: Just out of interest what software is the server running and what ports were exposed to the internet?


Plus one on this. Probably not the OP's primary concern right now but I'm keen to know if the default ports were used. Also a run down of what security was in place they managed to get through.

 1 | 2 | 3 | 4
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.