A client of ours recently got infected with ransomware early this week. A search from google yields nothing much except for a blog post in Spain. There was no way we could decrypt the infected files without paying a hefty ransom. The operating system of the server was also infected causing it being unable to boot up. Important files were encrypted.
We could only savage as much data as we could. We did all the necessary by changing all the password of the servers, remap shared folders, delete remnants of the encrypted files. It was tough and time consuming. Image backup of the server were intact, and we manage to restore the Domain controller.
Still, we have alot of work to do. Taking the chance here to urge everyone to back up files with due diligence and you will not be hold ransom. Till next post, bye.
