Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

Skip to comments.

Ceber ransomware attack at work
January 2, 2017 | Gypsy286

Posted on 01/02/2017 6:41:30 PM PST by GYPSY286

Has anyone been attacked by Cerber Ransomware? I work at a small non-profit and was attacked last week. Most people who work here are volunteers and since we are a small non-profit, not much money is available to pay the ransom. What to do, what to do....


TOPICS: Chit/Chat
KEYWORDS: cerber; computers; computing; internet; ransomware; windowspinglist
Navigation: use the links below to view more comments.
first 1-2021-4041-59 next last

1 posted on 01/02/2017 6:41:30 PM PST by GYPSY286
[ Post Reply | Private Reply | View Replies]

To: GYPSY286

Hopefully, you guys have a clean image of your hard drives. Macrium Reflect free is what many computer enthusiasts use.


2 posted on 01/02/2017 6:44:06 PM PST by conservativepoet
[ Post Reply | Private Reply | To 1 | View Replies]

To: conservativepoet

I’m no IT expert. We use Carbonite to backup our files but I read that if we attempt to do this, the virus will attack it too. I’ve been off since it happened (Holidays) and I go back tomorrow. Will be interesting to see what happened (did they pay or try to restore).


3 posted on 01/02/2017 6:48:17 PM PST by GYPSY286 (Politicians must USE their heads or Americans will LOSE their heads.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: GYPSY286

Imaging is like taking a “picture image” of the drive including the operating system.

So if there’s malware, virus, driver errors causing a system disruption one can then restore the clean image of the operating system with all its files and data.

If you don’t have clean images then you’ll need to talk to someone who knows more about this Ransomware.


4 posted on 01/02/2017 6:57:34 PM PST by conservativepoet
[ Post Reply | Private Reply | To 3 | View Replies]

To: GYPSY286

Macirum Reflect is free

In the one time I had ransomware on a computer that had nothing on it, I called them, and reinstalled my image over the top of them....laughing all the way.

If you’ve got nothing to lose, re-install windows.


5 posted on 01/02/2017 6:57:40 PM PST by Ouderkirk (To the left, everything must evidence that this or that strand of leftist theory is true)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

Revert to a previous saved image should remove it. You may lose some files.


6 posted on 01/02/2017 6:58:43 PM PST by dhs12345
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

Non profits are a scam to get big salaries and benefits.; It is a total scam . We all know that. Seek profits!!


7 posted on 01/02/2017 6:58:52 PM PST by WENDLE (I urge the appontment of TED CRUZ to the Scalia seat on SCOTUS.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

A lot of info about this problem.

https://www.bleepingcomputer.com/news/security/the-cerber-ransomware-not-only-encrypts-your-data-but-also-speaks-to-you/


8 posted on 01/02/2017 6:59:01 PM PST by Dalberg-Acton
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

Firstly, unlike B-HO, the threat must be accurately identified. I think the ACTUAL word is “Cyber”. However, the way you describe it, the word might well be “Gerber”. If it’s the latter, don’t baby it.


9 posted on 01/02/2017 6:59:09 PM PST by LittleBillyInfidel (This tagline has been formatted to fit the screen. Some content has been edited.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

People who write ransomware, when caught, should have their intestines pulled out through their mouths.


10 posted on 01/02/2017 6:59:53 PM PST by SpaceBar
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286
You have a number of options. You can reformat the hard drives in the computer and re-install the operating system, then the software and finally the data.

As an alternative, you can get new hard drives and save the old ones just in case a fix is available in the future. The process is the same - install OS, install software and restore data.

Carbonite has at least three versions of the backup availabe. They also have the capability to do an image backup which is a complete copy of the entire hard drive but this requires a local external drive connected to the PC

11 posted on 01/02/2017 7:01:47 PM PST by johncatl (...governs least, governs best.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

When I mean image it is something that the operating system does automatically periodically. System recovery.

Presume that you are running Windows.


12 posted on 01/02/2017 7:03:23 PM PST by dhs12345
[ Post Reply | Private Reply | To 1 | View Replies]

To: LittleBillyInfidel
The ACTUAL word is Cerber.
13 posted on 01/02/2017 7:04:29 PM PST by FredZarguna (And what Rough Beast, Its hour come 'round at last slouches toward Fifth Avenue to be born?)
[ Post Reply | Private Reply | To 9 | View Replies]

To: GYPSY286

http://www.enigmasoftware.com/cerberransomware-removal/


14 posted on 01/02/2017 7:13:53 PM PST by E. Pluribus Unum (President Trump is coming, and the rule of law is coming with him.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

https://malwaretips.com/blogs/remove-cerber-virus/


15 posted on 01/02/2017 7:19:00 PM PST by E. Pluribus Unum (President Trump is coming, and the rule of law is coming with him.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

Looks like the only alternatives are to pay the ransom or make do with a backup.

You aren’t decrypting it without the key.


16 posted on 01/02/2017 7:20:29 PM PST by E. Pluribus Unum (President Trump is coming, and the rule of law is coming with him.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286
1.) If you have backed up your data files - set up a clean system from scratch, install your original programs and then restore your data files. I'm guessing this is not an option or you wouldn't be here asking for help...

2.) No backed up data files? Call around to a couple of computer shops and see if they will look at your system(s) on the cheap. They probably won't be able to help you since the ransomware has most likely encrypted your datafiles and they won't be recoverable but at least you will know where you stand. Start over from scratch, re-enter what data you can and make sure you always, always, always have at least 3 levels of data backup.

3.) As a last possibility, negotiate a price you can pay with the bastards that stole your data. If you can take the time (weeks?) keep in touch with them and offer them what you can and they may eventually decide to accept your offer. Big risk in this though, since they can, and probably will, take your money and not give you the code you need to decrypt your data.

As soon as you get this problem behind you go about looking for a little donated assistance from a local computer professional. It is almost impossible to adequately protect your systems these days without professional guidance.
17 posted on 01/02/2017 7:20:38 PM PST by Garth Tater (What's mine is mine.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: E. Pluribus Unum; GYPSY286

Neither of those links do anything but describe the problem, and instruct you on how to remove the Cerber executables. Currently, there is no way to get your files back without paying the ransom or restoring from backups.


18 posted on 01/02/2017 7:30:49 PM PST by FredZarguna (And what Rough Beast, Its hour come 'round at last slouches toward Fifth Avenue to be born?)
[ Post Reply | Private Reply | To 15 | View Replies]

To: GYPSY286

IT manager here for a small regional telephone / internet provider. I had one of my techs fall for this same type of thing, I would not even think of paying it only helps them so they can get more victims and how do you know after you give them the bit coins they will not hit you again. What we did was wipe the techs machine and restore the files he had access to. We did lose any changes that were made between when we backed up the night before and when we got infected. The big take away is make sure you have backups also limit the files any one person has access to.


19 posted on 01/02/2017 7:33:02 PM PST by W0bee
[ Post Reply | Private Reply | To 1 | View Replies]

To: GYPSY286

there are a number of free tools (and some online services) that can decrypt cerber encryption:

https://www.google.com/search?q=+Cerber+Ransomware&ie=utf-8&oe=utf-8#q=Cerber+Ransomware+decryptor


20 posted on 01/02/2017 7:33:23 PM PST by catnipman (Cat Nipman: Vote Republican in 2012 and only be called racist one more time!)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-59 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson