Dot Ransom file extension?

Home Forums Security General Security Dot Ransom file extension?

This topic contains 4 replies, has 2 voices, and was last updated by  biggles77 1 year, 1 month ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts

  • Ossian
    Moderator
    #167278

    One of my clients has been hit with ransomware which has encrypted files and left them with a .ransom extension
    It seems nastier than most in that it has deleted shadow copies and appears to have done things to the backup drives too

    I haven’t read the info files it has left, and haven’t had any luck locating other instances of the same file extension.

    Has anyone met this one, or know what I should be googling for to find out more?


    biggles77
    Spectator
    #214339

    It says Remove and possibly Restore files. But seems a bit goggledee gook to me. See it you can make sense of it. https://sensorstechforum.com/ransom-…restore-files/

    This seems clearer. https://www.bestsecuritysearch.com/r…emove-restore/

    May be an advert for the software or maybe not. http://www.freefixpcvirus.com/remove-ransom-virus-extension-adware-from-your-computer/

    HTH


    Ossian
    Moderator
    #191852

    Cheers – much appreciated. I’m fighting this (at 200 miles range) while trying to train a group in SCCM and deal with the zillion and one other crises that seem to hit!


    biggles77
    Spectator
    #214340

    So, usual sort of day then. :mrgreen:


    Ossian
    Moderator
    #191854

    The ransomware hit server is OFF until the weekend. I thought I had cleaned it and left it overnight doing additional scans. In the morning the AV had disappeared and there was a suspicious account logged in…..

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.