Announcement

Collapse
No announcement yet.

CryptoWall attack

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • CryptoWall attack

    dear all .

    in our network there is a cryptowall attack i believe ..when we try to open the files it locked and asking money to open the lock ..please give me solution to get rid off from this issue...

    thanks

  • #2
    That would presumably be CryptoLOCKER?

    a) Pay (but refer to Mr Kipling's views on Danegeld first)
    or
    b) Disconnect from internet, run many AV scans to remove the infection (keep machines isolated while disinfecting to prevent re-infection) then restore from backup
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      We use SonicWALL with their Gateway Anti-Virus and Geo-IP filter as preventative measures. In addition to anti-virus programs, we utilize these two to block the Crypto-Wall and Crypto-Locker viruses from infecting us and by blocking the IP of foreign countries where the command and control servers generally live (we block everything but the US and a handful of "safe" countries), we prevent the virus from establishing a connection to the C&C servers to generate their key without which they can't begin encryption. We then use software like Malwarebytes to remove the infection. It's not perfect, but it helps.

      Comment


      • #4
        Take all your computers off the network. Remove and resolve the infection on each computer using your antivirus and malware recovery tools.
        Restore all your data from backup.

        I'm assuming you have backups.
        You have backups, right?
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment

        Working...
        X