pir8radio 1301 Posted December 3, 2018 Share Posted December 3, 2018 (edited) Edited December 3, 2018 by pir8radio Link to comment Share on other sites More sharing options...
Spaceboy 2557 Posted December 3, 2018 Share Posted December 3, 2018 That is terrible re the photos. I think I would consider trying to pay the ransom to get them unlocked Link to comment Share on other sites More sharing options...
CBers 6882 Posted December 3, 2018 Share Posted December 3, 2018 Doesn't Dropbox use Version History on files? So if a newer version of the same file was uploaded, the previous version is also there. I think you may have to do it on a per file basis, so it will be time consuming. Not sure if Dropbox themselves could just delete the latest version, based on a date supplied to them, and just present the previous version. Just a thought. Link to comment Share on other sites More sharing options...
Chyron 239 Posted December 3, 2018 Share Posted December 3, 2018 Dropbox does keep version histories of files. 1 Link to comment Share on other sites More sharing options...
jscoys 145 Posted December 3, 2018 Share Posted December 3, 2018 +1 For backblaze. One of my drives broke and I was happy with the recovering system... Recovered up to the last bit of data! I sort of know how that feels (not totally), I had a home fire, thought I lost everything... They let me go in and grab my drive array, it was soaking wet, and smoke damaged.. Already I was mentally prepared for the worst... However I did get lucky, i ran the drives and array in an enclosed dehydrator for a week, everything came up and i was able to get all of my data... Started using backblaze after that.. Backblaze is like 50 bucks a month, and though it would backup encrypted ransomware files, it has a running 30 day history, so if your files got encrypted today, you could go back to yesterdays files. Backblaze guys are pretty cool too, I asked them to show me where my data was being stored, i wanted to see the servers. They went and took a few pictures for me, made an animated gif, lol i was geek impressed! anyway the point is they have great customer service, they are inexpensive, reliable (if you read into how their system works, helps protect from bit rot), keeps 30 days of previous backups in case of infection or accidental deletion from the machine, They will mail you hard drives with your data for free as long as you return the drives, the backup app is really stable and fast.. I have been nothing but impressed so far. I highly recommend them. Now for shameless free stuff.... If any of you decide to use backblaze, use this link and you will get 1 month free... Of course so will I https://secure.backblaze.com/r/01zrsq Link to comment Share on other sites More sharing options...
RobWayBro 27 Posted December 3, 2018 Share Posted December 3, 2018 (edited) Backblaze, interesting. $5 per month per computer for unlimited data... not bad. Get a year for $50 (save $10)..thanks will have to check this out.. Edited December 5, 2018 by RobWayBro 1 Link to comment Share on other sites More sharing options...
chef 3763 Posted December 3, 2018 Author Share Posted December 3, 2018 Looks like after a day or so in conversation with Dropbox support, they've been gracious enough to rebuild the dropbox account just prior to the hack. It feels like a weight off my shoulders getting my family pictures and video back. I felt sick thinking it could all be gone forever. I am also looking into Blackblaze as well. It looks like a really good idea. 7 Link to comment Share on other sites More sharing options...
BAlGaInTl 279 Posted December 3, 2018 Share Posted December 3, 2018 Looks like after a day or so in conversation with Dropbox support, they've been gracious enough to rebuild the dropbox account just prior to the hack. It feels like a weight off my shoulders getting my family pictures and video back. I felt sick thinking it could all be gone forever. I am also looking into Blackblaze as well. It looks like a really good idea. That's good news. Did they charge you? Out of curiosity, how much is the ransom? Link to comment Share on other sites More sharing options...
tdiguy 96 Posted December 3, 2018 Share Posted December 3, 2018 Looks like after a day or so in conversation with Dropbox support, they've been gracious enough to rebuild the dropbox account just prior to the hack. It feels like a weight off my shoulders getting my family pictures and video back. I felt sick thinking it could all be gone forever. I am also looking into Blackblaze as well. It looks like a really good idea. thats pretty awesome of them. Link to comment Share on other sites More sharing options...
mastrmind11 717 Posted December 4, 2018 Share Posted December 4, 2018 I use google photos for all my family photos/video. It's free. I also use backblaze for my servers via cli and cron. I don't back up my media because I don't mind going to find it again, nothing I own is that crucial and the old school stuff I still have on DVD if it comes to that. I highly recommend google photos as well as backblaze. But congrats getting your stuff back on dropbox. Link to comment Share on other sites More sharing options...
Jdiesel 1143 Posted December 4, 2018 Share Posted December 4, 2018 If you are an Amazon Prime member you also receive unlimited photo and video storage with Amazon's cloud service. 1 Link to comment Share on other sites More sharing options...
chef 3763 Posted December 4, 2018 Author Share Posted December 4, 2018 That's good news. Did they charge you? Out of curiosity, how much is the ransom? No charge from dropbox. Once I talked to a support person who understood my situation she was very helpful. Much more so then the backwards advice I got on the Dropbox forms. the ransom was 800 dollars in Bitcoin.... Unfortunately. They got none. Link to comment Share on other sites More sharing options...
chef 3763 Posted December 4, 2018 Author Share Posted December 4, 2018 Doesn't Dropbox use Version History on files? So if a newer version of the same file was uploaded, the previous version is also there. I think you may have to do it on a per file basis, so it will be time consuming. Not sure if Dropbox themselves could just delete the latest version, based on a date supplied to them, and just present the previous version. Just a thought. Yes there was version history, but it would seem only to reclaim deleted files, not changed ones. Inorder to retrieve the database you have to speak to the support staff. 1 Link to comment Share on other sites More sharing options...
Happy2Play 8882 Posted December 4, 2018 Share Posted December 4, 2018 (edited) No charge from dropbox. Once I talked to a support person who understood my situation she was very helpful. Much more so then the backwards advice I got on the Dropbox forms. the ransom was 800 dollars in Bitcoin.... Unfortunately. They got none. Hmm over $3,000,000. opps that was 800 bitcoin. Edited December 4, 2018 by Happy2Play 1 Link to comment Share on other sites More sharing options...
pir8radio 1301 Posted December 4, 2018 Share Posted December 4, 2018 Blackblaze, interesting. $5 per month per computer for unlimited data... not bad. Get a year for $50 (save $10)..thanks will have to check this out.. Looks like after a day or so in conversation with Dropbox support, they've been gracious enough to rebuild the dropbox account just prior to the hack. It feels like a weight off my shoulders getting my family pictures and video back. I felt sick thinking it could all be gone forever. I am also looking into Blackblaze as well. It looks like a really good idea. LOL well.. Hook me up use my link! https://secure.backblaze.com/r/01zrsq 1 Link to comment Share on other sites More sharing options...
Guest asrequested Posted December 4, 2018 Share Posted December 4, 2018 LOL well.. Hook me up use my link! https://secure.backblaze.com/r/01zrsq Shameless! lol I was thinking of getting the 2 year sub. I'm not sure how your promo would affect that, but when I finally set it up, I gotcha back, jack! 1 Link to comment Share on other sites More sharing options...
chef 3763 Posted December 4, 2018 Author Share Posted December 4, 2018 (edited) Hmm over $3,000,000. opps that was 800 bitcoin. Yeah, to be honest. I hardly even looked at it, I just saw the window that demanded Bitcoin and thought "No Way!". It could have said 8,000, but by that point I saw the ransom and turned off my computer in case the thing tried to wreck other pcs on the network. Like Wannacry (this was not Wannacry). The encryption seemed to use Adobe. Adobe what, I'm not sure. In every folder it found media content it copied a readme file with ransom demands attached. I've started using logging on my front end server, and I can now see all the WAN IPs that hit the domain. I've also signed up for a reverse lookup API and I'm going to run an app (I'm writing) that searches each IP back to the source and save tables of IP information (off network) so if this happens again I should be able to know where abouts the source of the malware was sent from. Get names, addresses, geolocation etc. I'll tell ya no more games when it comes to Cyber security. Edited December 4, 2018 by chef Link to comment Share on other sites More sharing options...
PrincessClevage 173 Posted December 4, 2018 Share Posted December 4, 2018 Yeah, to be honest. I hardly even looked at it, I just saw the window that demanded Bitcoin and thought "No Way!". It could have said 8,000, but by that point I saw the ransom and turned off my computer in case the thing tried to wreck other pcs on the network. Like Wannacry (this was not Wannacry). The encryption seemed to use Adobe. Adobe what, I'm not sure. In every folder it found media content it copied a readme file with ransom demands attached. I've started using logging on my front end server, and I can now see all the WAN IPs that hit the domain. I've also signed up for a reverse lookup API and I'm going to run an app (I'm writing) that searches each IP back to the source and save tables of IP information (off network) so if this happens again I should be able to know where abouts the source of the malware was sent from. Get names, addresses, geolocation etc. I'll tell ya no more games when it comes to Cyber security. Hope you can share this app Chef:pI bought a i5 NUC from alibabba with two nics, connected one to wan router and one to lan router and enabled internet connection sharing then install PRTG and add sniffing service. I also downloaded and installed SoftEther VPN solution (free from a Japanese uni) and a great product which allows L2tp etc VPN connections for free (just needs a little tweek to stop keep alive call home traffic) 1 Link to comment Share on other sites More sharing options...
chef 3763 Posted December 5, 2018 Author Share Posted December 5, 2018 Quick question about wail2ban Has anyone got it monitoring anything other the. Windows event viewer? Link to comment Share on other sites More sharing options...
Guest asrequested Posted December 7, 2018 Share Posted December 7, 2018 I've just setup Snort on pfsense. We'll see how well it works... 2 Link to comment Share on other sites More sharing options...
ginjaninja 557 Posted December 8, 2018 Share Posted December 8, 2018 some of protections against ransomware i am aware of. up to date browser with no plugins/no java adblocker use filescreen to prevent known ransomware filetypes being created. disable any inbuilt encryption programs so they cant be called. have an admin account that you use specifically for write tasks; generally log on with an non elevated account without write access to media drives. minimise public facing service access permissions in case compromised. Sent from my SM-G955F using Tapatalk 1 Link to comment Share on other sites More sharing options...
Guest asrequested Posted December 22, 2018 Share Posted December 22, 2018 Snort is blocking some stuff. I also setup a firewall rule on pfsense to block attempts that are 3 times a second for 60 mins. That's blocking a bunch, too. I have also left IPS enabled on my USG. That is blocking thousands. So here's what I say to those attackers, come at me, bro! Link to comment Share on other sites More sharing options...
Guest asrequested Posted December 22, 2018 Share Posted December 22, 2018 Just looked at my IPS log. OMG! I'm never turning this thing off! 1 Link to comment Share on other sites More sharing options...
chef 3763 Posted December 22, 2018 Author Share Posted December 22, 2018 Just looked at my IPS log. OMG! I'm never turning this thing off! Yeah, that is crazy. Link to comment Share on other sites More sharing options...
Happy2Play 8882 Posted December 22, 2018 Share Posted December 22, 2018 Obviously it should be blacklisted instead of reset every hour. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now