Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
smithana2016-12-04 20:20:05
Malware
smithana, 2016-12-04 20:20:05

What to do with the Ishtar virus?

Good afternoon,
it so happened that the gullible bosses opened the archive from some letter.
As a result, all files on the computer of the person who opened the letter (windows 7) and on the server (server 2012) became encrypted and are named with the prefix ishtar_*.
At the root is a ReadMe file with instructions for paying with bitcoins.
The search engines just said that this is a very fresh virus. And what about kaspersky, doctor web, etc. in this case they can't help.
Accordingly, the question is:
1. Are there any options for dealing with this muck?
2. The files on the server are quite important, the authorities are thinking of paying money to extortionists. Do you have payment statistics? Do they decrypt or throw more money?
Thanks

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
A
Alexey, 2016-12-04
@RusTech

If the server is with important files, then there should be backups. Paying 50/50.

Report
S
smithana, 2016-12-05
@smithana

Fighting them is very easy.

it is not a struggle with the consequences, but their prevention. The situation was taken into account and we will tighten the screws.
At the moment, we contacted the data decryption company. They promise to decrypt everything remotely.

Report
A
Amigo-A, 2017-01-11
@Amigo-A

smithana
At the moment, there is no tool for free decryption of files encrypted with the Ishtar encryptor. All public information is initially collected in one place. Link . If the possibility of free decryption appears, then a link to the decryptor will appear on the same page. If you have encrypted files, they must be saved in the form in which they are now - without renaming or archiving. Decryption for victims of ransomware is a priori FREE.

Report
S
spellman003, 2017-04-20
@spellman003

Is there any information on how to remove it guaranteed without reinstalling the OS?

Similar questions
T
tralvor2016-05-30 11:48:42
The virus is written to the file again and again, how to solve? 2Reply
S
sarapulov_k2020-09-10 13:19:59
How to restrict outgoing requests from a specific user or IP on Ubuntu 16.04.4? 2Reply
N
Nikita Kitsan2020-09-11 20:26:53
Is it possible to get the code of the Brain virus (the first in the world)? 2Reply
L
Lici2014-05-12 21:09:43
How safe is Mac OS X - viruses and information leakage? 4Reply
G
Gregory2016-06-29 14:55:47
Reinstalling windows has been going on for 10 hours, what should I do? What is the problem? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question