Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

LockCrypt (.lock) Support Topic - ReadMe.TxT


  • Please log in to reply
45 replies to this topic

#16 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,096 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 08 August 2017 - 05:27 AM

If you are referring to the cyber-criminals, they seldom get caught but sometimes law enforcement is able to track them down.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


m

#17 700rotanimret

700rotanimret

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 13 August 2017 - 03:50 AM

Hello. Did you find a solution to this problem ??? My network was damaged by this ransomwares. I contacted these people at d_dukens@aol.com and they asked for 1 bitcoin for decrypting one server. The data I really need, I had to pay. The decoder was sent out in 4 hours, everything was decrypted. It's a shame if you already have a free decoder and I spent money (((

Hey MrChan any chance you are willing to share the decoder, hit real bad with this attack today. would really appreciate if you could share the decoder



#18 MrChan

MrChan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 13 August 2017 - 11:20 AM

The decoder is a utility that I just launched on the desktop on behalf of the administrator, after startup it automatically deleted



#19 700rotanimret

700rotanimret

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 13 August 2017 - 11:22 AM

The decoder is a utility that I just launched on the desktop on behalf of the administrator, after startup it automatically deleted

but how was the utility passed onto you?



#20 MrChan

MrChan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 13 August 2017 - 03:08 PM

Using the service SendSpace, when I tried to re-download the link has already been deleted (



#21 Markhus

Markhus

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 14 August 2017 - 10:25 AM

I am having the same symptoms, however my infected machine is an Azure VM. I can't even get to the desktop. Any ideas?



#22 MrChan

MrChan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 14 August 2017 - 02:01 PM

I really can advise you to apply to these people, let them require money, but they really help. To me my data is more expensive than these bucks.



#23 Markhus

Markhus

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 14 August 2017 - 02:10 PM

I replied to the ransom email, incuding a few small files to prove they have the decryption key. I received a response asking for 0.5 bitcoin and the request to decrypt the sample files was ignored. We will not be supporting their demands.

 

If anyone runs across the key, please keep us posted. Thanks!



#24 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,300 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:42 PM

Posted 14 August 2017 - 02:25 PM

The key is unique per victim. Sharing keys or decrypters will not help anyone else.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#25 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,096 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 14 August 2017 - 02:58 PM

Most security experts will advise against paying the ransom demands of the malware writers because doing so only helps to finance their criminal enterprise and keep them in business. One of the reasons that folks get infected is because someone before them paid the bad guys to decrypt their data. The more people that pay the ransom, the more cyber-criminals are encouraged to keep creating ransomware for financial gain. Further, there is no guarantee that paying the ransom will actually result in the restoration (decryption) of your files.

Some ransomware victims have reported they paid the ransom and were successful in decrypting their data. Some victims have reported paying the ransom only to discover the criminals wanted more money...demanding additional payments with threats the data would be destroyed or exposed. Still others have reported they paid but the cyber-criminals did not provide a decryptor or a key to decrypt the files, while others reported the decryption software and/or key they received did not work or resulted in errors. Most cyber-criminals provide instructions in the ransom note that allow their victims to submit one or two limited size files for free decryption as proof they can decrypt the files. However, decryption in bulk may not always work properly or work at all. In some cases victims may actually be dealing with scam ransomware where the malware writers have no intention or capability of decrypting files after the ransom is paid.

Keep all this in mind if you are considering paying the ransom since there is never a guarantee decryption will be successful or that the decrypter provided by the cyber-criminals will work as they claim...and using a faulty or incorrect decryptor may damage or corrupt the files even further. The criminals may even send you something containing more malware...so why should you trust anything provided by those who infected you in the first place.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#26 MrChan

MrChan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 14 August 2017 - 04:30 PM

I just advised on my name. It was the d_dukens who answered me and sent the decoder. Naturally the choice for each his own))) These guys promptly decrypted my data, and these data are very expensive.



#27 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,096 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 14 August 2017 - 04:54 PM

Bleeping Computer cannot vouch for every member who claims they can decrypt data. We are a large site and have no way of knowing the background, expertise or motives of all posters. We can only advise to be cautious with whomever you are dealing with, what services they are able to provide and what claims they make before sending money to anyone.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#28 MrChan

MrChan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 14 August 2017 - 05:39 PM

This is understandable) you are doing the right thing



#29 bigweasel72

bigweasel72

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 15 August 2017 - 08:51 AM

I would also recommend not paying them, I have spoken to several people who said they just keep asking for more bitcoins.



#30 MrChan

MrChan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 15 August 2017 - 10:22 AM

I was not asked, I paid 3 bitcoins for 3 servers of my network, as it was stipulated






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users