cdv2014 0 Posted April 29, 2014 Report Share Posted April 29, 2014 Dear Sir or Madam, If a computer was recently hit by CryptoDefense and there was no RSA key in the users' folders on the PC (even after trying file recovery), but there are some old backups of infected files, is it possible somehow by comparing 1 or more pairs of files to calculate the key used for encryption? Thank you in advance and kind regards Quote Link to post Share on other sites
itman 2 Posted April 30, 2014 Report Share Posted April 30, 2014 Hopefully, one of those old backups is an image backup? Just restore from the image backup and your good to go. BTW - image backup is the easiest and most effective mitigation strategy against this type of malware. Quote Link to post Share on other sites
Elise 276 Posted April 30, 2014 Report Share Posted April 30, 2014 No, unfortunately that isn't possible due to the way encryption takes place. Unless the backup contains uninfected files unfortunately there is no way to recover the files without decryption key. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.