oden52dof

MY PC GOT HACKED,PLZ HELP

Recommended Posts


*** ALL YOUR WORK AND PERSONAL FILES HAVE BEEN ENCRYPTED ***

To decrypt your files you need to buy the special software. To recover data, follow the instructions!
You can find out the details/ask questions in the chat:
https://fgb45ft3pqamyji7.onion.to (not need Tor)
https://fgb45ft3pqamyji7.onion.cab (not need Tor)
https://fgb45ft3pqamyji7.onion.nu (not need Tor)

You ID: 1251764552

If the resource is not available for a long time, install and use the Tor-browser:
1. Run your Internet-browser
2. Enter or copy the address https://www.torproject.org/download/download-easy.html in the address bar of your browser and press key ENTER
3. On the site will be offered to download the Tor-browser, download and install it. Run.
4. Connect with the button "Connect" (if you use the English version)
5. After connection, the usual Tor-browser window will open
6. Enter or copy the address http://fgb45ft3pqamyji7.onion in the address bar of Tor-browser and press key ENTER
7. Wait for the site to load

If you have any problems installing or using, please visit the video tutorial

 

 

 

HACKED.png
Download Image

HACKED 2.png
Download Image

Share this post


Link to post
Share on other sites

You have the same ransomware that we have here .  It's a CryptON/Nemesis/Cry128 variant (we think).  Emsisoft has released one Cry128 decryptor here which may or may not work on your variant.  If it does not work, you will just have to wait and see if Emsisoft makes another version of the Cry128 decryptor for your variant.

If you have the malware quarantined, you could upload it, which would help the devs make a decryptor.  Using third party upload site or you can upload it here at bleepingcomputer.  We also have a thread at bleepingcomputer about Nemesis ransomware that you can find here .

The most important thing, I would think, is getting the malware virus and affected files away from your system.  Backup encrypted files someplace offline and get your computer a fresh install of windows.  Then change all your passwords and financial info because that could have been compromised during the attack.  Get yourself a good AntiMalware and a backup program like Macrium.  Then just check back to the threads to see if there's been any progress.

You can try to use System Restore, then a data recovery program like EaseUS Data Recovery to get some important files back if you want.  These attacks usually wipe your restore points and your shadow copies though.  We've noticed some .zip files can be renamed to reclaim them.  .iso files also.

Good Luck

Share this post


Link to post
Share on other sites

Hi oden52dof,

We are currently still looking into seeing whether the ransomware is decryptable or not. We will let you know if we find out whether it is or not.

There may be a cryptocoin miner on the system (a program which uses your CPU to mine a cryptocurrency for the criminal, in this case), so if you want to check whether the system is clean then you can use our product; Emsisoft Anti-MalwareIf you like our product and it is of help then please consider buying itthe price is discounted and we protect against ransomware such as this one.

Some other advice is that investing in a good backup procedure is very important and well worth it. I would suggest having two or more backups, at least one disconnected. 

Regards,

Sarah

Share this post


Link to post
Share on other sites

I am having the same issue, my antivirus detects the Malware but unfortunately I have deleted it. Now all my files has been renamed. But the good thing is that I can rename my files to make them use able, but how mane file I am going to rename? to remove this part only (.id_4266790234_fgb45ft3pqamyji7.onion). There are thousands of files I am keeping in my system.

Any suggestions?

Share this post


Link to post
Share on other sites

Hi,

Unfortunately renaming files doesn't help. You can try some file recovery tools, as I know some user have had luck with those.

Regards,

Sarah

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.