Thanks for your feedback Dave. In the co. newsletter - one article mentioned a nasty story of a woman who paid the ransom - but, was struggling to do it on time - since I understand they do something if its not paid timely - like increase the ransom price.
I'd be curious to know if anyone here has actually gotten hit by it personally - and if they actually paid the ransom. Again - just curious... -K- -----Original Message----- From: ProfoxTech [mailto:[email protected]] On Behalf Of Dave Crozier Sent: Wednesday, October 07, 2015 9:17 AM To: [email protected] Subject: RE: Another new ransomware Kurt, The Cryptolocker ransomware only infected mapped drives (F:, G:.... etc) and if your shortcuts on the desktop and elsewhere were all based upon URL's then Cryptolocker did NOT spread the infection. I don't know about the new variants as they may well differ but I made a change on all my clients removing mapped drives completely and the two instances since doing this (on different clients) were restricted to local files. Dave -----Original Message----- From: ProFox [mailto:[email protected]] On Behalf Of Kurt Wendt Sent: 07 October 2015 14:12 To: [email protected] Subject: RE: Another new ransomware The co. where I work - they send out these monthly internal newsletters regarding security. The last newsletter centered around the Ransomware scandals. I know some folks here have discussed it in the past. Luckily I have never been personally hit by this type of Ransomware scandal on my home PC's. But, it sure is a good reason for everyone to have backups. The newsletter mentioned backups on an external drive - that is Not connect to your PC (only connect when running the backup). -K- -----Original Message----- From: ProfoxTech [mailto:[email protected]] On Behalf Of Paul Hill Sent: Wednesday, October 07, 2015 3:52 AM To: [email protected] Subject: Another new ransomware Hi All, I found possible new ransomware at a site today. There were many dbf files that had been renamed. For example: HS_0WIN.DBF was renamed to: [email protected] I tried renaming this file back but it was corrupt. Looking in the file it seemed scrambled (probably encrypted?). I found these all over the place. Did not find a ransom note. I'm guessing 'hairullah' wants money to decrypt these. Luckily this site had a backup only a few hours old. -- Paul [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/80838f1ca795b14ea1af48659f35166f242...@drexch02.corp.globetax.com ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
