Fujitsu
Not logged in » Login
X

Please login

Please log in with your Fujitsu Partner Account.

Login


» Forgot password

Register now

If you do not have a Fujitsu Partner Account, please register for a new account.

» Register now

Recent Discussion:

NickBown | 22.12.2018, 14:18
We have come across this issue as well, and don't seem to have found a way around it (the server is ...
NickBown | 20.12.2018, 18:40
Hi everyoneWe've got an RX2540 M1 which won't boot past the Fujitsu splash screen (which shows the i...
MarkM | 15.10.2018, 11:33
Hi there.I do not believe the Fujitsu policy on this subject has changed.So NO you can not order dri...
Apr 16 2016

‘First Aid’ Against Ransomware

In recent months, so-called ransomware – Trojans that encrypt critical computer files and only decrypt them again after a considerable amount is payed to the criminals who spread the malicious program – has turned into a major threat for home users as well as company networks. Meanwhile, several security experts started to build free tools that help victims recover their data without losing money. The problem is that these tools can be hard to find – at least for the vast majority of users whose knowledge of IT security is limited. But now a new website is supposed to cure that ill.

The trouble with ransomware is at least twofold. On the one hand, the attackers are often successful because they face myriads of unsuspecting and unprepared victims. On the other hand, most of these victims do not have the time and/or skills required to test and eventually break the encryption code that was forced onto their machines, and so they're willing to pay – as was the case with various hospitals in Germany and the U.S. While this may be the best (and sometimes only) approach where lives are at stake, it is also one that will not work in any situation, because some extortionists simply don't intend to deliver the key or keys needed for decryption. In such cases, the victims end up losing their data and their money.

Luckily for all of us, security researchers have been making considerable headway and managed to break several keys that were used to lock up preys' data vaults over the past few months. As a result, they've come up with an assortment of decrypting tools for some particularly nasty pieces of ransomware such as Jigsaw, TeslaCrypt 2 and Petya. Only so far searching for the right software used to be pretty complicated, since the helpful tools are hosted in different locations. That hasn't changed – but in the meantime, security researcher Michael Gillespie, who goes by the name "demonslay335" in online forums like Twitter and Reddit, has set up a new site called ID Ransomware. The idea behind it is to help users determine exactly which malware they're up against and which – if any – help exists. All they need to do is upload the ransom note (usually a text file entitled "Decrypt Instructions" or something similar) and a sample of the encrypted files (for instance ones that end in extensions like .cerber, .locky, .magic or .rdm). ID Ransomware currently detects 55 pieces of ransomware, from AutoLocky to VaultCrypt, and tells users whether there are decrypting tools and where to find them. In other words, the site/service works like a search engine for ransomware and helpful toolkits, but cannot directly decrypt affected files or data. Likewise, ID Ransomware won't let you upload malware samples or suspicious files for analysis – to do this, you still have to turn to services like Malwr and VirusTotal. For more information regarding confidentiality and result accuracy, please see the ID Ransomware website.

 
SHARE

Comments on this article

No comments yet.

Please Login to leave a comment.