Posted on 01/02/2017 6:41:30 PM PST by GYPSY286
Has anyone been attacked by Cerber Ransomware? I work at a small non-profit and was attacked last week. Most people who work here are volunteers and since we are a small non-profit, not much money is available to pay the ransom. What to do, what to do....
Hopefully, you guys have a clean image of your hard drives. Macrium Reflect free is what many computer enthusiasts use.
I’m no IT expert. We use Carbonite to backup our files but I read that if we attempt to do this, the virus will attack it too. I’ve been off since it happened (Holidays) and I go back tomorrow. Will be interesting to see what happened (did they pay or try to restore).
Imaging is like taking a “picture image” of the drive including the operating system.
So if there’s malware, virus, driver errors causing a system disruption one can then restore the clean image of the operating system with all its files and data.
If you don’t have clean images then you’ll need to talk to someone who knows more about this Ransomware.
Macirum Reflect is free
In the one time I had ransomware on a computer that had nothing on it, I called them, and reinstalled my image over the top of them....laughing all the way.
If you’ve got nothing to lose, re-install windows.
Revert to a previous saved image should remove it. You may lose some files.
Non profits are a scam to get big salaries and benefits.; It is a total scam . We all know that. Seek profits!!
A lot of info about this problem.
Firstly, unlike B-HO, the threat must be accurately identified. I think the ACTUAL word is “Cyber”. However, the way you describe it, the word might well be “Gerber”. If it’s the latter, don’t baby it.
People who write ransomware, when caught, should have their intestines pulled out through their mouths.
As an alternative, you can get new hard drives and save the old ones just in case a fix is available in the future. The process is the same - install OS, install software and restore data.
Carbonite has at least three versions of the backup availabe. They also have the capability to do an image backup which is a complete copy of the entire hard drive but this requires a local external drive connected to the PC
When I mean image it is something that the operating system does automatically periodically. System recovery.
Presume that you are running Windows.
Looks like the only alternatives are to pay the ransom or make do with a backup.
You aren’t decrypting it without the key.
Neither of those links do anything but describe the problem, and instruct you on how to remove the Cerber executables. Currently, there is no way to get your files back without paying the ransom or restoring from backups.
IT manager here for a small regional telephone / internet provider. I had one of my techs fall for this same type of thing, I would not even think of paying it only helps them so they can get more victims and how do you know after you give them the bit coins they will not hit you again. What we did was wipe the techs machine and restore the files he had access to. We did lose any changes that were made between when we backed up the night before and when we got infected. The big take away is make sure you have backups also limit the files any one person has access to.
there are a number of free tools (and some online services) that can decrypt cerber encryption:
https://www.google.com/search?q=+Cerber+Ransomware&ie=utf-8&oe=utf-8#q=Cerber+Ransomware+decryptor
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.