CryptoWall attack

Home Forums Other Open Source CryptoWall attack

This topic contains 3 replies, has 4 voices, and was last updated by  omrizarko 2 years, 12 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts

  • babu farooq
    Member
    #166056

    dear all .

    in our network there is a cryptowall attack i believe ..when we try to open the files it locked and asking money to open the lock ..please give me solution to get rid off from this issue…

    thanks


    Ossian
    Moderator
    #191083

    That would presumably be CryptoLOCKER?

    a) Pay (but refer to Mr Kipling’s views on Danegeld first)
    or
    b) Disconnect from internet, run many AV scans to remove the infection (keep machines isolated while disinfecting to prevent re-infection) then restore from backup


    omrizarko
    Member
    #391291

    We use SonicWALL with their Gateway Anti-Virus and Geo-IP filter as preventative measures. In addition to anti-virus programs, we utilize these two to block the Crypto-Wall and Crypto-Locker viruses from infecting us and by blocking the IP of foreign countries where the command and control servers generally live (we block everything but the US and a handful of “safe” countries), we prevent the virus from establishing a connection to the C&C servers to generate their key without which they can’t begin encryption. We then use software like Malwarebytes to remove the infection. It’s not perfect, but it helps.


    tehcamel
    Moderator
    #360104

    Take all your computers off the network. Remove and resolve the infection on each computer using your antivirus and malware recovery tools.
    Restore all your data from backup.

    I’m assuming you have backups.
    You have backups, right?

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.