Get Paid to Participate - up to $1 per post!     Twitter     Facebook
Hosting Discussion
 

forgot password?



FORUM SUPPORTERS:

Reply


Old
  Post #1 (permalink)   12-01-2017, 02:00 PM
HD Community Advisor
 
SenseiSteve's Avatar
 
Join Date: Mar 2009
Location: Saint Louis
Posts: 5,144

Status: SenseiSteve is offline
While effective backup and disaster recovery plans work to minimize ransomware attacks, we're asking for discussion - what about solutions after the fact, once you've already been attacked? What's the best course of action at that point? Cross your fingers and hope there's a decryption script out there?
__________________
Hostirian - Saint Louis Data Center and Dedicated Servers Provider - (800) 615-9349
Colocation, Cloud Servers & Managed WordPress Solutions
Nearly 20 years of IT experience | SSAE-18 Certified, HIPAA Compliant
Insanely Fast PCIe NVMe Servers
 
 
 


Old
  Post #2 (permalink)   12-03-2017, 10:22 AM
HD Master
 
zomex's Avatar
 
Join Date: Jul 2010
Posts: 405

Status: zomex is offline
I think this is one of the biggest risks to any web hosting provider and even website owner.

If no backups are available its hard to know what to do in that situation, I suppose it would depend on the ransom.
__________________
Zomex ~ In business since 2009 and still going strong!
Web hosting templates - Allowing you to > start a web hosting reseller business
█ #1 responsive whmcs templates | whmcs integration | whmcs configuration
 
 
 


Old
  Post #3 (permalink)   12-03-2017, 11:23 PM
HD Master
 
Join Date: Sep 2014
Location: India
Posts: 372
Send a message via Skype™ to 24x7server

Status: 24x7server is offline
In some cases, Ransomware virus can be removed however, you will need to contact security professionals who can help you to decrypt those files infected with a Ransomware virus. There are some security firms in the market who have developed their own decryption tool for that specific virus but first you've to find out the family name of that Ransomware.

We once use this website to identify the ransomware family name and then able to decrypt the file/s, try this and let me know the result.
__________________
www.24x7servermanagement.com
Server Management, Server Security, Server Monitoring.
Network Monitoring Team !! Skype: techs24x7
 
 
 


Old
  Post #4 (permalink)   12-04-2017, 11:39 AM
HD Community Advisor
 
SenseiSteve's Avatar
 
Join Date: Mar 2009
Location: Saint Louis
Posts: 5,144

Status: SenseiSteve is offline
Quote:
Originally Posted by 24x7server View Post
In some cases, Ransomware virus can be removed however, you will need to contact security professionals who can help you to decrypt those files infected with a Ransomware virus. There are some security firms in the market who have developed their own decryption tool for that specific virus but first you've to find out the family name of that Ransomware.

We once use this website to identify the ransomware family name and then able to decrypt the file/s, try this and let me know the result.
Thanks for the heads up. This should help those who do get attacked. We had a case in St. Louis where the Public Library was attacked and shut down. I don't believe any ransom was paid though.
__________________
Hostirian - Saint Louis Data Center and Dedicated Servers Provider - (800) 615-9349
Colocation, Cloud Servers & Managed WordPress Solutions
Nearly 20 years of IT experience | SSAE-18 Certified, HIPAA Compliant
Insanely Fast PCIe NVMe Servers
 
 
 


Old
  Post #5 (permalink)   12-04-2017, 11:45 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,484
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Recently in the UK the NHS was brought to a standstill due to Ransonware. This got in through old Windows XP systems as UK Gov. stopped paying microsoft for security patches
__________________
Terry Robertson - CEO The Easyhost Media Group
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #6 (permalink)   12-04-2017, 11:53 AM
HD Master
 
Join Date: Apr 2015
Posts: 301

Status: Harv45 is offline
Quote:
Originally Posted by SenseiSteve View Post
Thanks for the heads up. This should help those who do get attacked. We had a case in St. Louis where the Public Library was attacked and shut down. I don't believe any ransom was paid though.
Glad that they didn't fall to "long term" victims. Because paying it is worst then losing the data. Because they will "recommend" you to other hackers and such and we all know how that ends right?

Just show's them who's boss and restore from the latest backup that haven't fallen victim to it.

Failing that you can always try to pay for a white hat person as mentioned on this thread.
 
 
 


Old
  Post #7 (permalink)   12-04-2017, 01:23 PM
HD Newbie
 
Join Date: Jun 2016
Posts: 33

Status: AbsoluteHosting is offline
Use backup.
__________________
absolute.hosting
Dedicated VPS/VDS Systems
(www, facebook)
 
 
 
The Following User Says Thank You to AbsoluteHosting For This Useful Post:
Harv45 (12-04-2017)


Old
  Post #8 (permalink)   12-04-2017, 01:34 PM
HD Master
 
Join Date: Apr 2015
Posts: 301

Status: Harv45 is offline
Quote:
Originally Posted by AbsoluteHosting View Post
Use backup.
That's half the battle, it also have to be offsite and "cold" to prevent Ransonware from being able to encrypt said backups. Else they may be able to get haul of your backups. Even if it on a different drive if I am not mistaken.
 
 
 
The Following User Says Thank You to Harv45 For This Useful Post:
AbsoluteHosting (12-07-2017)


Old
  Post #9 (permalink)   12-07-2017, 10:08 AM
HD Newbie
 
Join Date: Jun 2016
Posts: 33

Status: AbsoluteHosting is offline
Yes, I always keep (multiple) onsite and offsite backup of anything of importance.
__________________
absolute.hosting
Dedicated VPS/VDS Systems
(www, facebook)
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: