Please keep me updated of your progress with this. We haven’t run across any ransomware infected PC’s yet at my work and there’s 1800 Windows machines in our environment. We’ve either been very fortunate thus far or something in either Iron Port our group policy is preventing it.
I have reason to believe we are being specifically targeted. The crackers even went so far as to telephone from overseas (Pakistan or India to judge by the accents and telephone quality) another of our locations in another state where the client computer was being used at the time. They had obviously harvested some informaton off of the client, but not the secure SSL information. That was why they telephoned and posed as a Microsoft security contractor to request permission to “repair” the malware with a remote session (LOL). They no doubt needed to use some social engineering to gain access to the accounts secured by the SSL encryption.
There have been a number of other incidents which appear to indicate participation in various political fora such as FR has attracted a variety of attacks over the years.
A denial of service attack against multiple e-mail attacks occurred about ten years ago. The ISP e-mail server for the affected e-mail accounts were being bombarded with more than a thousand e-mail messages per second. They attacked a cellphone by posting a fake classified advertisement selling puppies in an out of state newspaper, and they used my cellphone number as the contact. It’s still a mystery how they got the cellphone number, because it was never entered anywhere on the computer, but they did associate it with the address for the temporary location of the computer. It was amazing how many people called in response to the advertisement and wanted to buy the non-existant puppies.