Welcome To Signs101.com: Largest Forum for Signmaking Professionals

Signs101.com: Largest Forum for Signmaking Professionals is the LARGEST online community & discussion forum for professional sign-makers and graphic designers.

 


  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone else been extorted?

Discussion in 'Computer Hardware' started by BIG EASY DOES IT, Jun 3, 2015.

  1. BIG EASY DOES IT

    BIG EASY DOES IT Very Active Member

    2,248
    119
    63
    Mar 14, 2011
    CA
    So anyone ever had this issue and what did you do?

    We came in the other day to literally everything on the server being encrypted. With new files added into everything with instructions on getting your file back. Government does nothing except report and tell you if you really want your stuff you might want to talk to them. We were able to find a image of the server from march 2014 but I just made 40 different sign layouts, last week, for a customer who wants his signs by next week. The owner doesn't want to contact the group who stole the files. I am at a loss. So much work just gone.
     
    Tags:
  2. J Hill Designs

    J Hill Designs Major Contributor

    15,549
    16
    0
    Sep 24, 2004
    huh?
     
  3. skyhigh

    skyhigh Major Contributor

    4,863
    10
    38
    Jun 16, 2005
    PA
    I second the "HUH"???

    Well there ya go (scratching head). I guess thats all you need to know.

    You get paid by the hour, right??



    Is this a spoof?
     
  4. TXFB.INS

    TXFB.INS Very Active Member

    1,205
    30
    48
    Jan 5, 2012
    Lone Star State
    :help
     
  5. Solventinkjet

    Solventinkjet DIY Printer Fixing Guide

    3,832
    686
    113
    Aug 2, 2011
    Denver, CO
    This is a pretty common ransomware scam. You should be able to start the computer in safe mode to run an anti virus and malware scrubber. I suggest Malwarebytes. Then go through your installed programs and look for something out of the ordinary that you didn't install and uninstall it. If they actually encrypted your files to the point where you can't get to them, that would be the most sophisticated ransomware scam I have seen. Most of the time they are just using tricks to make it seem like you can't get to them and once you uninstall whatever is causing the issue, everything goes back to normal.
     
  6. BIG EASY DOES IT

    BIG EASY DOES IT Very Active Member

    2,248
    119
    63
    Mar 14, 2011
    CA
    Precisely. Every file on our server is encrypted. There is a file in every folder on the server that has directions to retrieve your files. Which is basically send them money and you can get your stuff unencrypted. I am wondering if anyone has had this issue and found a way around the encryption. All the files are physically still there the have just been encrypted. And I mean everything. .pdf .eps. word .txt .dxf(plans files)
     
  7. jfiscus

    jfiscus Map Wraster

    3,099
    206
    63
    Apr 2, 2009
    Cincinnati, OH
    We got that virus here, but our tech/backup company saved our butts. If you don't have a current company you're working with, try giving them a call for help.
    Glenn Warner @ ACSDR.com 859-816-2666

    By the way, there is NO chance that they're going to un-encrypt the files once they have your money.
     
  8. BIG EASY DOES IT

    BIG EASY DOES IT Very Active Member

    2,248
    119
    63
    Mar 14, 2011
    CA
    This is what we were thinking. But nothing on any computer has been affected. Anything saved to a desktop is usable and everything connected is clean. It attacked the server only which is what has us stumped
     
  9. BIG EASY DOES IT

    BIG EASY DOES IT Very Active Member

    2,248
    119
    63
    Mar 14, 2011
    CA
    Unfortunately we have a guy. Who is a friend of the owner'.
     
  10. CanuckSigns

    CanuckSigns Very Active Member

    3,186
    314
    83
    Nov 11, 2008
    Ontario
    It sounds like your server was "hacked" for lack of a better term.

    Since it is all very important files, I would contact a computer service tech that specializes in virus removal and let them figure it out, there is a chance that when you try to fix it yourself you could mess something up an be in a world of pain.

    Please tell me you have an offsite real time backup just in case?
     
  11. BIG EASY DOES IT

    BIG EASY DOES IT Very Active Member

    2,248
    119
    63
    Mar 14, 2011
    CA
    I would have but apparently no we don't have any backup. On site or off site.
     
  12. player

    player Major Contributor

    4,720
    140
    63
    Apr 24, 2006
    Toronto
    How much are they asking?

    Maybe get them to unencrypt half the files as a show of good faith.

    If they unencrypted the files you need, then you can use your backup and
    recover the files.
     
  13. dypinc

    dypinc Very Active Member

    1,540
    92
    48
    Mar 9, 2011
    Here
    Sometimes you just have to learn hard leasons.
     
  14. Gino

    Gino Premium Subscriber

    32,500
    2,074
    113
    Jun 7, 2006
    PA
    Excuse me, but I'm slow on this kinda stuff.

    You mean they came in, took possession of your files, are holding them hostage, demanding payment and you have no way of tracking them down...... or if not you, some kinda higher geek service can't get to them ??

    We have our stuff backed up a few different ways, but to this day, knock on wood..... have never been hacked. Had a few viruses, but they were all easily fixed.

    Have more problems with air lines cracking or wear & tear on equipment. Guess we're not big enough to go after, thank goodness.


    Hope you get it all sorted out and can shoot those ba$tards when ya find them. Eh..... you're Canadian, you'll hafta use a chainsaw. :rolleyes:
     
  15. Snydo

    Snydo Active Member

    519
    20
    18
    May 1, 2008
    Mid Michigan
    You should be doing some kind of back-up at least monthly....or go cloud based...carbonite.com is a good one, many others as well. We do an external HD back-up monthly and our NAS is mirrored off-site daily(cloud essentially), peace of mind is worth every penny.
     
  16. jfiscus

    jfiscus Map Wraster

    3,099
    206
    63
    Apr 2, 2009
    Cincinnati, OH
    It is more of a virus that hacks the whole network. They send you a VERY realistic looking email or you click on a link somewhere that looks legit and that's all it takes.
    It encrypts EVERYTHING on your network, even most backups. Step 1 is to shut everything down to stop the spread further. Any competent tech should have heard of this virus and know the best way to handle it to mitigate the damage/losses. You may be looking at an insurance claim (your insurance DOES cover this right?) to cover the tech fees. It aint cheap or easy from what I recall, it happened here over a year ago.
     
  17. J Hill Designs

    J Hill Designs Major Contributor

    15,549
    16
    0
    Sep 24, 2004
    pretty sure hes in california
     
  18. Gino

    Gino Premium Subscriber

    32,500
    2,074
    113
    Jun 7, 2006
    PA

    :Oops: so he is. My bad. I take it back, forget the chainsaw scene...... go shoot his a$$. :Big Laugh
     
  19. dypinc

    dypinc Very Active Member

    1,540
    92
    48
    Mar 9, 2011
    Here
    That one of the HUGH risks using microsoft products. And then not backing it up, that's even dumber yet. We have a few RIPs that have to run on windows, but if I caught anyone using them for something else all hell would break loose.
     
  20. Techman

    Techman Major Contributor

    8,520
    8
    38
    Jun 24, 2003
    michigan
    the ransom ware dudes are letting out the keys so you can get your info back. Seems they had a change of heart and are reversing their greed, Doogle it and you should see what to do.
     
  21. P Wagner

    P Wagner Very Active Member

    1,848
    58
    48
    Aug 16, 2006
    San Diego
  22. Techman

    Techman Major Contributor

    8,520
    8
    38
    Jun 24, 2003
    michigan
    No not only that one..
     
Loading...

Share This Page

 


Loading...