[Wanted] 0.5 BTC Please help urgently - Ransomware

[_RDF]

Not to derail this thread any further but have you guys figured out how they got in?

Looks like it could have been crappy firewall setup with a the mix of users logging on to the VPN with their personal computers due to working from home conditions.

 

[Pansyfaust]

you cannot pay and clear from any other bank since its a public registered account.

Did not know that, ta. regardless, 24 hours to clear is the norm now for non-standard bank (I think even standard bank to standard bank is not instant lol)

 

[WideAwak3]

Did not know that, ta. regardless, 24 hours to clear is the norm now for non-standard bank (I think even standard bank to standard bank is not instant lol)

some payments take up to 28 hours for standard bank to capitec or nedbank. Even if you turn instant payment on with std bank you wait quite while. no where near as good as capitec, and dare i say FNB.

FNB also lost the plot somewhere along the line.

 

[Pansyfaust]

some payments take up to 28 hours for standard bank to capitec or nedbank. Even if you turn instant payment on with std bank you wait quite while. no where near as good as capitec, and dare i say FNB.

FNB also lost the plot somewhere along the line.

Yeah, my wife did an instant payment with STD bank once, and never again. Took nearly 4 hours.

 

[WideAwak3]

Yeah, my wife did an instant payment with STD bank once, and never again. Took nearly 4 hours.

and R45.

So how does Capitec do it for R8?

SMH

 

[EnderZ]

Binance exchange is very fast with immediate payments.

Their rate is still a bit higher than Luno due to the low amount of volume.

 

[ReactJS | TheDarkLord]

https://www.reddit.com/r/techsupport/comments/33evdi

 

[thePridge]

the problem is that even if you pay them, they might not release your files.

This.

Luno will take more than 24 hours since they do not have an FNB account anymore. Only God knows why they went with Standard Crap

Only God and the people that read the news/announcements FNB is no longer going to support crypto related company bank accounts.

FNB shuts down South African cryptocurrency-linked bank accounts

Major South African cryptocurrency exchanges – including Luno, VALR, and ICE3X – have been notified by FNB that their bank accounts will be closed.

mybroadband.co.za

@_RDF have you got NO backups that are still viable? Or were the backups held on the same machines that were compromised?

 

[fatty]

No shadow copies sitting on the server ??

Only company worth doing instant eft is capitec


Sent from my iPhone using Tapatalk

 

[Colonel Sanders]

im sure you can buy immeditaely on the Luno app?

Place an order on the Luno Exchange, it will take a couple minutes to full and there's your BTC

 

[_RDF]

This.


Only God and the people that read the news/announcements FNB is no longer going to support crypto related company bank accounts.

FNB shuts down South African cryptocurrency-linked bank accounts

Major South African cryptocurrency exchanges – including Luno, VALR, and ICE3X – have been notified by FNB that their bank accounts will be closed.

mybroadband.co.za

@_RDF have you got NO backups that are still viable? Or were the backups held on the same machines that were compromised?

The backup server was compromised unfortunately. And we don't have remote backups, like a bunch of stupids.

 

[_RDF]

No shadow copies sitting on the server ??

Only company worth doing instant eft is capitec


Sent from my iPhone using Tapatalk

We checked for Shadow copies, and nothing, I think the Ransomware deleted it or it was just never setup on the server.

 

[JanvN]

@_RDF I can assist - sent you a PM

 

[raskad87]

Just a thought, If the files were saved on a physical HDD and deleted isn't there a program or service to recover deleted data? My pc crashed once and everything was deleted and we used one of those undelete recover apps to get 90% of our data as 14 and 17 year olds (my brother and I) .

 

[lumpsterza]

Iv done a data recovery to recover information before it was encrypted by ransomware, have you tried that? I think a RAID array may be a bit more complex but still possible.

it's not 100% but I think paying over BC isn't either...

 

[Sailuss]

Luno is immediate, I have always used this method but then again not that kind of money.

Sorry to hear about this bud, I have never actually seen these ransom messages. I know this may not be the most ideal time but you mind posting what this ransom looks like?

just by downloading random stuff of sites that are not trust worthy you might download a software and install it then all your files and i mean all Jpeg, Mp3, Mp4 exe files Docs, Pdf
everything becomes locked when you try to open it a message pops up and say you have to pay if you want an encryption key to open all your files

 

[Sailuss]

The Ransomware Survival Kit Gives You Access To:

• Infographic: Ransomware Survival: Top 10 Ways to Protect Your Organization
• E-Book: Cyber Resilience Planning for Email
• E-Book: 2018 Threat Spotlight: Ransomware
• Webinar: How a Cyber Resilient State Can Provide a Ransomware

 

[Dibzzz]

I have recovered many ransomware servers before. There is almost always a way to recover without paying.
Just a note, they will probably try it again so once recovered start fresh and check that your remote desktop configs are setup securely

Did you run remote desktop?

 

[_RDF]

I have recovered many ransomware servers before. There is almost always a way to recover without paying.
Just a note, they will probably try it again so once recovered start fresh and check that your remote desktop configs are setup securely

Did you run remote desktop?

Yeah we did, got a expert opinion that because commercial software was used for the encryption there is probably no chance of decrypting.

 

[_RDF]

Thank you so much to everyone that assisted, we finally came right. Carb is truly a special place with plenty of awesome people!

A special thanks to the following:
@DeviantCyber
@Pansyfaust
@JanvN
@Spookpis