• I want to thank all the members that have upgraded your accounts. I truly appreciate your support of the site monetarily. Supporting the site keeps this site up and running as a lot of work daily goes on behind the scenes. Click to Support Signs101 ...

Anyone else been extorted?

B

BIG EASY DOES IT

New Member
So anyone ever had this issue and what did you do?

We came in the other day to literally everything on the server being encrypted. With new files added into everything with instructions on getting your file back. Government does nothing except report and tell you if you really want your stuff you might want to talk to them. We were able to find a image of the server from march 2014 but I just made 40 different sign layouts, last week, for a customer who wants his signs by next week. The owner doesn't want to contact the group who stole the files. I am at a loss. So much work just gone.
 
skyhigh

skyhigh

New Member
I second the "HUH"???

The owner doesn't want to contact the group who stole the files. I am at a loss.
Click to expand...

Well there ya go (scratching head). I guess thats all you need to know.

You get paid by the hour, right??



Is this a spoof?
 
Solventinkjet

Solventinkjet

DIY Printer Fixing Guide
This is a pretty common ransomware scam. You should be able to start the computer in safe mode to run an anti virus and malware scrubber. I suggest Malwarebytes. Then go through your installed programs and look for something out of the ordinary that you didn't install and uninstall it. If they actually encrypted your files to the point where you can't get to them, that would be the most sophisticated ransomware scam I have seen. Most of the time they are just using tricks to make it seem like you can't get to them and once you uninstall whatever is causing the issue, everything goes back to normal.
 
B

BIG EASY DOES IT

New Member
Pat White said:
As in, you've been hacked? :covereyes:
Click to expand...

Precisely. Every file on our server is encrypted. There is a file in every folder on the server that has directions to retrieve your files. Which is basically send them money and you can get your stuff unencrypted. I am wondering if anyone has had this issue and found a way around the encryption. All the files are physically still there the have just been encrypted. And I mean everything. .pdf .eps. word .txt .dxf(plans files)
 
jfiscus

jfiscus

Rap Master
We got that virus here, but our tech/backup company saved our butts. If you don't have a current company you're working with, try giving them a call for help.
Glenn Warner @ ACSDR.com 859-816-2666

By the way, there is NO chance that they're going to un-encrypt the files once they have your money.
 
B

BIG EASY DOES IT

New Member
VanderJ said:
This is a pretty common ransomware scam. You should be able to start the computer in safe mode to run an anti virus and malware scrubber. I suggest Malwarebytes. Then go through your installed programs and look for something out of the ordinary that you didn't install and uninstall it. If they actually encrypted your files to the point where you can't get to them, that would be the most sophisticated ransomware scam I have seen. Most of the time they are just using tricks to make it seem like you can't get to them and once you uninstall whatever is causing the issue, everything goes back to normal.
Click to expand...

This is what we were thinking. But nothing on any computer has been affected. Anything saved to a desktop is usable and everything connected is clean. It attacked the server only which is what has us stumped
 
B

BIG EASY DOES IT

New Member
jfiscus said:
We got that virus here, but our tech/backup company saved our butts. If you don't have a current company you're working with, try giving them a call for help.
Glenn Warner @ ACSDR.com 859-816-2666

By the way, there is NO chance that they're going to un-encrypt the files once they have your money.
Click to expand...

Unfortunately we have a guy. Who is a friend of the owner'.
 
C

CanuckSigns

Active Member
It sounds like your server was "hacked" for lack of a better term.

Since it is all very important files, I would contact a computer service tech that specializes in virus removal and let them figure it out, there is a chance that when you try to fix it yourself you could mess something up an be in a world of pain.

Please tell me you have an offsite real time backup just in case?
 
B

BIG EASY DOES IT

New Member
watsons signs said:
It sounds like your server was "hacked" for lack of a better term.

Since it is all very important files, I would contact a computer service tech that specializes in virus removal and let them figure it out, there is a chance that when you try to fix it yourself you could mess something up an be in a world of pain.

Please tell me you have an offsite real time backup just in case?
Click to expand...

I would have but apparently no we don't have any backup. On site or off site.
 
P

player

New Member
How much are they asking?

Maybe get them to unencrypt half the files as a show of good faith.

If they unencrypted the files you need, then you can use your backup and
recover the files.
 
Gino

Gino

Premium Subscriber
Excuse me, but I'm slow on this kinda stuff.

You mean they came in, took possession of your files, are holding them hostage, demanding payment and you have no way of tracking them down...... or if not you, some kinda higher geek service can't get to them ??

We have our stuff backed up a few different ways, but to this day, knock on wood..... have never been hacked. Had a few viruses, but they were all easily fixed.

Have more problems with air lines cracking or wear & tear on equipment. Guess we're not big enough to go after, thank goodness.


Hope you get it all sorted out and can shoot those ba$tards when ya find them. Eh..... you're Canadian, you'll hafta use a chainsaw. :rolleyes:
 
S

Snydo

New Member
You should be doing some kind of back-up at least monthly....or go cloud based...carbonite.com is a good one, many others as well. We do an external HD back-up monthly and our NAS is mirrored off-site daily(cloud essentially), peace of mind is worth every penny.
 
jfiscus

jfiscus

Rap Master
It is more of a virus that hacks the whole network. They send you a VERY realistic looking email or you click on a link somewhere that looks legit and that's all it takes.
It encrypts EVERYTHING on your network, even most backups. Step 1 is to shut everything down to stop the spread further. Any competent tech should have heard of this virus and know the best way to handle it to mitigate the damage/losses. You may be looking at an insurance claim (your insurance DOES cover this right?) to cover the tech fees. It aint cheap or easy from what I recall, it happened here over a year ago.
 
dypinc

dypinc

New Member
That one of the HUGH risks using microsoft products. And then not backing it up, that's even dumber yet. We have a few RIPs that have to run on windows, but if I caught anyone using them for something else all hell would break loose.
 
Techman

Techman

New Member
the ransom ware dudes are letting out the keys so you can get your info back. Seems they had a change of heart and are reversing their greed, Doogle it and you should see what to do.
 
You must log in or register to reply here.
Top