Dharma ransomware
-
@scottalanmiller I learned of the encryption last night and just now received a copy of the critical incident report to review. They are proceeding with the understanding that the files can't be unencrypted without paying the ransom.
I know that solutions have been to decrypt other ransomware. From my brief research, I haven't seen a solution for this one.
-
@RojoLoco My understanding is that this wasn't an end-user issue. Rather, the prior IT guy left a router protected by a weak password.
-
@Danp said in Dharma ransomware:
@RojoLoco My understanding is that this wasn't an end-user issue. Rather, the prior IT guy left a router protected by a weak password.
Ouch. Then they will need to hire at least 1 competent IT person. Hopefully they won't become a target after being successfully attacked (not paying the ransom helps with this).
-
Found this post from earlier today on bleepingcomputer.com.
It would be wonderful if these can be used to build a decryption tool.
-
@Danp said in Dharma ransomware:
Found this post from earlier today on bleepingcomputer.com.
It would be wonderful if these can be used to build a decryption tool.
yes and no.
yes because someone doesn't have to start over - no because the company not might really step up their IT game.
-
@Dashrender Oh.. they are definitely stepping up their IT game. New MSP is hired already. I'm reviewing their $26K proposal, which includes new security devices, new server, new backup appliance, etc.
Some of their recommendations call for solutions that I don't have experience with, so I'll start another thread to seek input on that.
-
OK so I just updated my lab copy of XO, and it worked without issue. I'm gonna snapshot, and try the update again and see if it breaks.
-
In my best JB voice -- "FFS. WTF does this have to do with the current discussion?!"
<gd&r>
-
@Danp whoops wrong topic.
-
-
@Danp said in Dharma ransomware:
@Dashrender Oh.. they are definitely stepping up their IT game. New MSP is hired already. I'm reviewing their $26K proposal, which includes new security devices, new server, new backup appliance, etc.
Some of their recommendations call for solutions that I don't have experience with, so I'll start another thread to seek input on that.
Now thing is to make sure they don't over spend....
-
@Dashrender Exactly see new thread here.
