FYI...
Ransomware rescue kit released ...
- http://www.zdnet.com...nal-enterprise/
May 21, 2015 - "A ransomware removal and rescue kit has been released to give businesses an alternative to paying a fee to unlock encrypted files... security professional Jada Cyrus has compiled a rescue kit* which is available for free online. Designed to help "streamline the process of responding to ransomware infections," the ransomware response kit comes with instructions and decryption tools for different strains of ransomware. "You should -never- pay the ransom. This will only reinforce this type of attack. According to most security intelligence reports, criminal enterprises are already making large profits from ransomware," Cyrus says..."
* https://bitbucket.or...valkit/overview
"... I have compiled this kit to be used for security professionals and system administrators alike, in order to help streamline the process of responding to ransomware infections. Some of the information in this kit is obsolete due to the rapidly evolving nature of ransomware. I will do my best to keep it up to date with the help of the malware community at large...
Instructions:
You should -never- pay the ransom. This will only reinforce this type of attack. According to most security intelligence reports, criminal enterprises are already making large profits from ransomware.
In case of infection:
- Remove the impacted system from the network
- Attempt to identify which variant of ransomware you are infected with.
- Before removing the threat, create a copy if possible for later analysis, which may be needed for decryption of files.
- If possible, use restore points or backups to return to a safe state after removing the threat.
- If you have identified the variant of ransomware and a decrypter tool is available for it in this kit, you can attempt to utilize it..."
>> https://bitbucket.or...e8f6e?at=master