Ransomware: Recovery

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

I’ve started the recovery process. I downloaded Trend Micros ransomware decrypter and so far it’s been useless with  a PDF file, a RTF file and a HTM file. The JPG file I tried also proved to be unrecoverable with the Trend Micro app.  Kaspersky doesn’t seem to have created a decprypter for Crypxxx 3.0 with what I regard as the superior approach of using an unencrypted  copy of the original file.

At this point it looks like  I’ve lost my files.  Which includes a big chunk of the many pictures that I’ve shot over the last eight years.  I don’t know what the final tally will be until I do some recovery on a dead hard drive.  I suspect that I’m better off than most users.  At least I have SOME pictures still left.

I can always create more pictures.  At least the one I’ve taken locally.  My Japan pictures are a loss, except for those I’ve uploaded to Flikr.  I still have the memories.  And I can still create.  So it’s time to move on.  I’ll just plan another trip Japan.

Still there’s a sense invasion about all of this.  One evening I had some 90,000 or so photos of a wide variety of stuff.  The next I have had the equivalent of the artist’s fire where they lose everything.  this wasn’t a fire though. In many ways this was the equivalent of arson.  The difference being that an arsonist leave tracks and usually doesn’t stay in business very long.

As far a I’ve been able to find, and I’ve been doing a lot of digging, the Reveton group has been around for ten years.  Because they’ve been able to remain anonymous they’ve been able to hit people for that time.  When all they were hitting was the computer, that may have been tolerable. Now that actual data is being destroyed the game changes.  How that’s going to play out is going to be interesting.  I suspect that computer security is going to have to be offensive as well as defensive in the future. We will see.

Here’s the Ransomware Week In Review.

http://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-26-2016-cows-wildfire-locker-locky-and-more/

.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s