So How do we stop/prevent that Ransomware?
From: Kennedy Kairaria via skunkworks [mailto:skunkworks@lists.my.co.ke]
Sent: Friday, April 01, 2016 11:45 AM
To: Mark Kipyegon Koskei; Skunkworks Mailing List
Subject: Re: [Skunkworks] PayCript Ransomware
Mark, apparently that seems the case as its a relatively new ransomware.
Regards,
Kennedy Kairaria
Mobile: (254) 724 615232
kenkairaria@gmail.com |
Contact me: 
kennedy.kairaria
On 1 April 2016 at 11:39, Mark Kipyegon Koskei via skunkworks <skunkworks@lists.my.co.ke> wrote:
Have you tried restoring from shadow copy?
Unless a decryption tool exists for that particular strain of
ransomware, then you are SOL.
On 01/04/2016 11:22, skunkworks-request@lists.my.co.ke wrote:
>>
>> On Fri, Apr 1, 2016 at 11:01 AM, Kennedy Kairaria via skunkworks <
>> skunkworks@lists.my.co.ke> wrote:
>>
>>> By the time we noticed they were also affected. Incremental backups.
>>>
>>> Regards,
>>>
>>> *Kennedy Kairaria*
>>>
>>> Mobile: (254) 724 615232
>>> kenkairaria@gmail.com |
>>> [image: LinkedIn] <http://www.linkedin.com/in/kairaria>
>>> http://kennedy-kairaria.g <http://kennedy-kairaria.branded.me/>q
>>> Contact me: [image: Skype] kennedy.kairaria
>>>
>>> On 1 April 2016 at 10:58, Brian Ngure <brian@pixie.co.ke> wrote:
>>>
>>>> Backups?
>>>> On 1 Apr 2016 10:52 am, "Kennedy Kairaria via skunkworks" <
>>>> skunkworks@lists.my.co.ke> wrote:
>>>>
>>>>> Skunk(ette)s,
>>>>>
>>>>> We just got hit with the paycript ransom-ware on some of our file
>>>>> servers we've managed t identify the domain accounts running the script and
>>>>> disabled them. Seems to have stopped spreading across the network to our
>>>>> other file servers(for now...48 hours and counting)
>>>>>
>>>>> Suspected source has also been identified and measures taken. What
>>>>> remains now is finding a way to decrypt the files. The damn fools are
>>>>> asking for 2BTC for them to decrypt and double the amount to charge by the
>>>>> day if not paid.
>>>>>
>>>>> Anyone else who has had to go through the same? What measures did you
>>>>> take to recover?
>>>>>
_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke
