Lon

server is encrypted - help

Recommended Posts

Hi Lon,

Do you have your ID? DMA Locker 3.0 is only decryptable in some cases.

Also, this ransomware usually comes via RDP, so disable it if not needed or secure it with a strong, non-bruteforcable password.

Regards,

Sarah

Share this post


Link to post
Share on other sites

Hi Lon,

You should have seen it in the red box:

new_dma_lock.png

You see where it says to contact and then DMALOCK and a set of numbers. That is your ID.

Regards,

Sarah

Share this post


Link to post
Share on other sites

Attention! ! !
All of your copies of your system have been permanently deleted and the data on all partitions and workstations have been encrypted!

Stay calm.

You can recover all your data by making a payment of 10 BTC (7000 GBP) in Bitcoin currency in order to receive a decryption key. 

In order to purchase Bitcions you can use https://coincafe.com/signup.php
After buying BTC send the equivalent of 10 BTC (7000 GBP) to our BTC adress:

1DtyvLb1pDzXVoaVnJLAFzBJN6b4gcJSdR

After payment contact us to receive your decryption key. In mail title write your unique ID: DMALOCK 20:77:15:32:14:36:52:62
Our e-mail: [email protected]

ATTENTION!
To ensure you that you can recover your data we are able to decrypt two files of your choice that are not larger than 1MB!

ATTENTION!
Even if your antivirus has removed our program, your data may be still recovered!
 

Share this post


Link to post
Share on other sites

Hi Lon,

I asked if someone had seen this ID, but I believe it's new so there won't be the key released. I'll let you know.

Regards,

Sarah

Share this post


Link to post
Share on other sites

Hi Lon,

Looks like they are using different IDs for every user now. Unfortunately, that means you don't have many options; you can either pay and hope they give you your files back (I personally do not recommend if possible), or cut your losses, backup encrypted files and hope for the criminals to be arrested and the keys to be released.

Whatever you chose to do, please invest in backups. Preferably multiple, separate from the server and check them regularly to make sure they are able to be restored.

Regards,

Sarah

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.