Jump to content

Menu
Giving You and Your Child a Road Map to the Best Possible Education
The Well-Trained Mind Community

computer hacked -.files held for $ ransom. HELP

sheryl

By sheryl,
in The Chat Board

 Share

Recommended Posts

sheryl

sheryl

Posted
Posted

I'm using my smartphone. Saturday we were gone all day volunteering. D.h. learned late Saturday or Sunday after church that he could not gain access into many files stored on our hard drive on our computer.

 

A message was sent that our files are held for ransom and we need to pay $500 in "bit coins" to receive a "key" to get files back.

 

We have 72 hours to pay the ransom or files will be ditched.

 

Perverse. They could have already made copies of our files with highly personal information.

 

This is really me, Sheryl, and not a hoax.

 

Should we try the police?

 

Any computer experts out there to help?

 

Will check back for replies.

 

Thanks. Sheryl

Link to comment
Share on other sites
NCMom

NCMom

Posted
Posted

It's a ransomware virus, probably the one called CryptoWall. It's real and while I have heard it is easy to remove, the files are encrypted and that is not easy to deal with.   I would go to a computer repair shop.

 

 

Edited to add: If you have your files backed up then it's going to be much easier to deal with.

hth,
Georgia

Link to comment
Share on other sites
celticmom

celticmom

Posted
Posted

The first thing that I would do if you have not already done so is to unplug any network cables and disable any wireless connections to the affected computer. Then I would power down and unplug the computer. Then I would either seek professional help or research the virus on my own. There are sites online that are to problems like this what these forums are to homeschooling and parenting. One I remember that has been around for a long time is antionline.com.

 

Link to comment
Share on other sites
Mergath

Mergath

Posted
Posted

Yeah, definitely do not pay.  You'll need to figure out which type of ransomware you have, and then google a fix.  You'll probably be able to remove the virus from the computer, but depending on which variant you have, your files may be lost for good.  I read an article on this awhile back, and some of these viruses use military-level encryption, and there's just no way to break that and get your files back.  But like I said, it depends on which specific virus you have.

Link to comment
Share on other sites
AK_Mom4

AK_Mom4

Posted
Posted

And.... if you have ANY other computers in the house, you need to power them down and disconnect them physically from the internet connection or turn off the WIFI until you get this computer cleaned.  I would probably take this one to the computer shop and I generally have no problems removing even really icky viruses myself.

 

This is a nasty one and since you don't know how you got it (yet), you need to also protect the other computers in the house. 

 

And don't pay.  Ever.  You won't get the files back.

Link to comment
Share on other sites
CaffeineDiary

CaffeineDiary

Posted
Posted

Agreed with what you've said here.  Specifically, re-emphasizing:

 

(1) UNPLUG all computers and shut them down.  DO NOT USE THEM until you have resolved this issue.

(2) Resolving the issue will involve finding an expert to try to recover your files.  I hope you have backups.  If you don't have backups, this is going to be much harder.  There are tools you can run yourself to try to recover, BUT if you are not computer savvy you run the risk of making things worse.  Some resources regarding trying to DIY: http://www.pcworld.com/article/2084002/how-to-rescue-your-pc-from-ransomware.html. But I'd start with a professional, if you have data that you care about.

(3) For your next computer?  Get a Mac.

 

Link to comment
Share on other sites
Lanny

Lanny

Posted
Posted

Sheryl: If you have not already done so, it is *imperative* that you disconnect that box from the Internet  immediately. It is no longer your computer. It is the computer of the person(s) who got into your box. You have no idea what they have done with it or to it. 

 

You need to, at the minimum, do a Destructive Erase on the entire hard drive and then reinstall your Operating System (Windows, Linux, etc.) and start over, installing any Applications that you need to use.  It would be safer for you to destroy that hard drive and then install a Brand New hard drive and install your Operating System on the Brand New hard drive, but that costs money.

 

I am sorry this happened to you. The very personal information, in the future, can be encrypted, to protect it in the event the box is stolen or otherwise compromised.

 

DO NOT communicate with whoever wants you to pay them money...  GL

 

ETA: After my reply, I read the other responses. Yes, probably a virus and if the OP is very lucky, she can remove it and regain access to the files. However, there are other ways to get into a box that is facing the Internet...   I believe any box or device that is connected to a network can be attacked, if someone wants to get in badly enough.

Link to comment
Share on other sites
sheryl

sheryl

Posted
  • Author
Posted

Great tips. So appreciate it. D.h. was is in process of transferring everything to another new pc...so I'm thinking there is back up. How recent the last backup was I don't know. Will share all these replies with him.

 

The article said to call local FBI which I did with d.h. approval.

 

This is not nice of some people. I'm still optimistic most people mean well.

Link to comment
Share on other sites
AK_Mom4

AK_Mom4

Posted
Posted

Best Wishes with this, Sheryl.  It's a yucky extorsion scheme.  For the future..... this virus is most likely picked up by clicking on a link in an email.  It's possible to have picked it up another way but much much less likely.

 

This is important - depending on your email setup, when you do your restore, your email server may deliver that email to you again.  You will unhappily re-infect your machine if you click on the link or attachment.  The safest thing for now would be to delete any emails after you finish recovering that were initially recieved BEFORE you recovered that have a link or an attachment.

 

Don't trust your email anti-virus software to catch these - especially if the attachment is a zip or pdf.  The variants come out faster than the AV companies can keep up.

Link to comment
Share on other sites
AK_Mom4

AK_Mom4

Posted
Posted

Sorry... That was confusing.  Once you get restored, you should consider deleting any emails you recieved recently with links or attachments.  Depending on how things are set up, your email server may re-deliver your old emails after you restore your computer.  You don't want to have it happen all over again.

Link to comment
Share on other sites
Jen500

Jen500

Posted
Posted

Sorry... That was confusing.  Once you get restored, you should consider deleting any emails you recieved recently with links or attachments.  Depending on how things are set up, your email server may re-deliver your old emails after you restore your computer.  You don't want to have it happen all over again.

 

Wow-this sounds scary. Do you actually have to click on a link in the email, or does just opening the email infect the computer?

Link to comment
Share on other sites
Lanny

Lanny

Posted
Posted

These are the rules one must follow: NEVER click on a link in an email you receive. NEVER open attachments  you receive in an email, unless you have previously arranged with someone to send you something attached to an email.

 

ETA: I believe you will find that MACs and Androids can be attacked too...

Link to comment
Share on other sites
snowbeltmom

snowbeltmom

Posted
Posted

We had this type of virus on one of our computers last year. I think it was called Cryptolock. We were unable to recover the files. It was a huge pain. OP, sorry you are dealing with this.

 

I have now purchased Carbonite for their computers since the computers never seem to get backed up enough when we do it ourselves.

Link to comment
Share on other sites
Lanny

Lanny

Posted
Posted

Regarding backups of files... I have a free DropBox account and I am very religious about copying my files to it. That wouldn't work for video files or lots of music or photos, but it works fine for what I need. If one needs more space, they can get a paid DropBox account or another paid backup solution. DropBox saved my rear twice. Several years ago, my PC  was destroyed by a nearby lightning strike and the latest files for our web sites were on DropBox, but not on the CD-RW media I had.  And then a few months ago, I came in here one morning, turned this PC on, and the hard drive had died. I put in another hard drive and was up and running and restored my files from DropBox.  Any files that have sensitive information should be encrypted, which is something I need to begin doing...

Link to comment
Share on other sites
kbutton

kbutton

Posted
Posted

Regarding backups of files... I have a free DropBox account and I am very religious about copying my files to it. That wouldn't work for video files or lots of music or photos, but it works fine for what I need. If one needs more space, they can get a paid DropBox account or another paid backup solution. DropBox saved my rear twice. Several years ago, my PC  was destroyed by a nearby lightning strike and the latest files for our web sites were on DropBox, but not on the CD-RW media I had.  And then a few months ago, I came in here one morning, turned this PC on, and the hard drive had died. I put in another hard drive and was up and running and restored my files from DropBox.  Any files that have sensitive information should be encrypted, which is something I need to begin doing...

 

How do you encrypt files on a home computer?

 

Also, does anyone have information on a utility I can run to back up my files to an external hard drive (one that will basically add or remove the files on the external drive just like they appear on my PC) that doesn't compress the files or change their format? I have a small hard drive with this capability, but it's not on the large hard drive that I have to hold my pictures, and backing up pics if I've moved any to sort them is a total pain.

 

We've had enough lightning and bad luck that I am fairly decent about backups, but I would really appreciate some more options to streamline the process.

Link to comment
Share on other sites
sheryl

sheryl

Posted
  • Author
Posted

Mimm-yes. D.h. did/does back up but as soon as you back up it's pretty much expired. I don't think it was done routinely enough.

 

Lanny, any link? Also, how do you en crypt files. I can't stand my auto correct will not let me spell that right.

 

K button, I'm obviously computer challenged so I can't help. LOL!!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...