Micro File
Results 1 to 5 of 5

Thread: Micro File

  1. #1
    Registered User Zonie's Avatar
    Join Date
    Apr 2001
    Location
    Phoenix, Arizona
    Posts
    1,461

    Micro File

    I have ran into something new I have not seen before. One of my clients became infected with a ransom ware. The difference with this one is the data files all have the correct extensions, ( IE .pdf, .doc and tec.) yet when you open them of course there is nothing but hieroglyphics. The files are classified as macro files. My question is, does anyone have an idea as to what ransom program this is? I am familiar with the cryptowall 2.0 & 3.0 but not sure what this is. Looking to find out if it is possible to recover the data. TYIA
    It's not the computers that keep having problems, it's the users!!

  2. #2
    Registered User
    Join Date
    Sep 2002
    Location
    Sent from somwhere in time and space
    Posts
    268
    Unfortunately, pay the ransom, as much as it hurts, the $500.00 plus that they ask for is minimalistic to the hours you will put in to fixing the problem. And most likely wont be able to fully recover. If your client is worried about a credit card getting hacked, go to the grocery store and buy one or those onetime cards for the amount of what that the cryptowall ransom is saying will make thing right. I speak from experience hear, I have flipped both ways, and biting the bullet and educating the crew that introduced the virus to start is the better of two paths. I wish I could provide a better solution, but have seen this hit way to many unsuspecting companies.
    No matter where you go........there you are.

  3. #3
    Registered User Zonie's Avatar
    Join Date
    Apr 2001
    Location
    Phoenix, Arizona
    Posts
    1,461
    Thank you for the input. I was able to just find out what version this ransomware was. It is actually called the Tesla/Crypto. There are 3 different versions. 1st version (Tesla/Crypto 1.0) came out around Christmas time. The second came out after Christmas. Both of these versions were found to have a way to recover the files. So on Jan 16th, a new version (Tesla/Crypto 3.0) was released into the wild with a new algorithm which to date has not been able to be decrypted. I have been advising all my clients to make sure they do backups every day using multiple drives. This way if they are hit, (in most cases the backup drive is always hit as well), they are only going to lose 1 days worth of data.
    It's not the computers that keep having problems, it's the users!!

  4. #4
    Registered User xpuser357's Avatar
    Join Date
    Apr 2004
    Location
    Poplar Bluff, Mo.
    Posts
    1,328
    The secretary at our work has some kinda BUG, Named all her documents to mpg files. pops ups with what look like paragraphs of Chinese and little windows of acts to follow, When Paragraphs appear launches it to internet. QUESTION!! would a person with exceptional abilities to edit the Registry be able to eliminate Bug entirely?
    Last thing I remember, running for the door,
    I had to find the passage back to the place
    I was before.

  5. #5
    Registered User
    Join Date
    Sep 2002
    Location
    Sent from somwhere in time and space
    Posts
    268
    The bug can be removed with most AV programs, the problem is that it will encrypt all the files in an algorithm that the AV cant deal with. The AV will only get rid of the host, not the trail it left behind. Like a tornado rolling through the plains. From the pop up, it should point you to the site for decryption, remember, it will also infect all mapped drives, and also the backups of those drives if not caught in time.
    No matter where you go........there you are.

Similar Threads

  1. micro atx boards
    By Ardavan in forum BIOS/Motherboard Drivers
    Replies: 11
    Last Post: May 11th, 2006, 12:02 AM
  2. Sad micro$oft story
    By HipHoper in forum Tech Lounge & Tales
    Replies: 13
    Last Post: October 5th, 2003, 04:43 AM
  3. MIcro ATX in ATX case?
    By delmer_1 in forum Tech-To-Tech
    Replies: 4
    Last Post: January 21st, 2003, 01:08 PM
  4. Micro-Star
    By FORDS500 in forum BIOS/Motherboard Drivers
    Replies: 10
    Last Post: June 21st, 2001, 10:37 AM
  5. [RESOLVED] EDO micro?
    By terry lobeck in forum Video Adapter/Monitor Drivers
    Replies: 0
    Last Post: February 28th, 2000, 11:24 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •