FSX
@Klaus
thank you, but afaik this does not work with Cerber - hopefully sooner or later a decryption tool for Cerber will pop up.
@Klaus
thank you, but afaik this does not work with Cerber - hopefully sooner or later a decryption tool for Cerber will pop up.
Sadly I have seen this through work many times and the only way to recover from this type of attack is to have a working offsite backup that is not associated through a drive or online sync such as one drive etc. Its a harsh thing to come across but to be effected I cant imagine how it would be.
Dino I feel for you and was so looking forward to your Eurofighter, if you can find a way to continue that will be awesome and im sure the FS community will get behind you fully!
"Let me just open this file from an unknown and untrusted source, what could go wrong?"Originally Posted by roger-wilco-66
Sorry Dino to hear of your loss.
I firmly believe in complete system clones to backup drives not permanently linked to computor
Have 3 drives, cycle them every month, so I have copy of last month, 2 months ago and 3 months ago.
never so far been unable to recover from anything seriously going wrong. (touch wood) and never needed to go back past 1 month if I did have to restore and I had to restore a few times in couple years.
Yes computers crash, operating systems fail, drives fail. I have learned the hard way long long time ago.
proper backup is not negotiable for me and if my backup strategy fail me, then yes it will also be my last of flightsim. there is just NO WAY I am ever reinstalling fsx and all add-ons and struggling months to get FSX running as it is now.
...well, it is a question of point of view - if you are getting a virus/malware you are, in a perspective, ALWAYS responsible... sure I did not made a backup on a physically separate location (my backup was on another HD which was in turn encrypted). Sure, you don't get this type of problem if you were not connected to the internet, and if you are it is safe to assume that you are not getting into this kind of problems if you only navigate on wikipedia, nasa.gov or esa.int.... and so long and so forth. So, it is - in that perspective - my reponsibility. Reality is that, while I have no problem in confessing that I sometime navigate in the darker areas of the net, I am not a completely dumb user - I keep my computer protected and I believe(d) I can tell a true system message from fake prompt.
Even taking my fair share of responsibility into this mess, it is also well clear that these guys are just lame criminals - and they are responsible in the first place.
Paying the ransom is indeed tempting, as I lost 5-6 years of work - along with configuration files, shortcuts etc. which were paramount for me. But - at least at the moment - my decision is:
- NOT to pay the ransom... as much as I think that my files are worth much more than 1.25 Bitcoins, I am giving money to criminals. They may be lame cybercriminals, or even terrorist or provide fundings for actions much more violent and serious than just stealing money.
- Will start a fresh new Windows installation (...and enter in the SSD era).
- Will try to complete and release the F-35 update (compiled files are OK, and the new avionics code is in place)
- Will evaluate what to do. I am so upset and disappointed that, frankly, just thinking of starting a new design without my legacy "digital resources" is way too much
- then...and patiently wait for someone to create a Decrypt tool for Cerber while I enjoy the summer.
Thank you all for your support.
I do off-site backups, but the backup is only as good as the files being backed up. If you unknowing backup infected files (which is easy to do), you may end up loosing your work in any case. Only had that happen once in the last thirty years or so, but it did happen. The infected files were going after the OS and taking the whole network down with it. After a week reformatting the RAID, reinstalling the OS, restoring the backups, etc. the decision was made to abandon all data files, including all offsite backups. Lots of unhappy employees and clients....but by the next week we were up and running again without any virus / OS issues.
Still, better to have an off-site backup than not.
Tommy
Windows 7 Professional 64 bit, 16 Gigs Ram
Cooler Master HAF 932 Tower
ASUS P7P55D Deluxe
Intel Core i7-860 Lynnfield Quad-Core 2.8 GHz LGA 1156
ZOTAC GeForce GTX 1050 Ti 4GB 128-Bit GDDR5
SCEPTRE 27"
WD Black 1 TB
ASUS Xonar DS 7.1
CORSAIR K95 RGB Platnum XT, PBT double-shot keycaps, Cherry MX Blue
Logitech M510
Hi Dino,
First of all, you've no responsability at all. All the speeches that transform a victim in a culprit are unacceptable, as they increase the violence made by the criminals. You can regret things, but the sole responsible are the people who attacks you.
Second, thanks for all the things you bring to us. That means that we're also victims, and a whole community is touched by the events. I hope we could find something to help you, if you need it. That's a responsability, called solidarity.
Third : take a break and a breath. That's violence, as I already said. Maybe you'll find a solution. Or maybe this will be an opportunity to a fresh start on new projects. And there are hundreds of your planes that are flying on computers for the greatest joy of childs like us.
That's crystal clear to everybody here. I wonder if there's a way to prosecute them ...
Also everyone here can tell the difference between them and a great guy that has gifted tons of fun stuff to the flightsimming community during the years; for free. While those criminals are asking money what for ???? I guess you know Mafia ...
My guess is that, anyhow, you'll be up and running again in a few weeks, no matter what.
Best wishes,
Corrado
If 25 of us donated $20 each to a Dino Recovery Fund, the $500 could be used to pay the ransom for Dino and he would not have succumbed to these criminals since 25 very appreciative users of his freeware FS aircraft did it for him.
This might be considered risky due to there being no guarantee of success when dealing with criminals, but personally I'm more than happy to risk $20 for my past, present and future enjoyment from flying Dino's FS aircraft.
Edit: Since Dino is strongly opposed to this suggestion, I respectfully withdraw it.
Last edited by mikewmac; May 4th, 2016 at 11:24.
Mike M.
Thank you all for your offers and you appreciation - but paying the ransom is not an option. Period.
And then, it is not the question of the money per se - 500 USD is a lot for many, but I could afford to pay them - it is just the fact that I do not want any money, coming directly or indirectly from my work, to go into criminal hands. It is just wrong.
The last thing you want to do is pay any kind of ransom. It only encourages these people to keep designing ransomware if they think it will pay off somehow.
Thankfully we are starting to break down and fix some of these types of viruses. Hoping Dino can wait out a cure for the Cerber variant.
For one, I am encouraged that Malwarebytes has a beta in progress.
https://blog.malwarebytes.org/malwar...nsomware-beta/
Been following this ransomware stuff for a while now. It spooked me enough that I cloned my main drive to a 2nd drive recently and keep it unplugged so I can hot swap and reboot in just minutes if anything ever happens to my main drive.
Dino, are you really going to allow these criminals to destroy a hobby and craft you've honed and enjoyed for so many years? Not to mention the admiration and following from so many who have benefited from your work?
To me that's a far higher price than paying any ransom, for which I fully appreciate your views.
I hope you find the resolve to rise from this and not allow the experience to take something so valuable from you.
Dino, we are with you, whatever you decide to do!
Don't let those bastards overwhelm on your and our passion!!!
I can't argue with your logic and wishes, so I have withdrawn my suggestion above.
Mike M.
Reading this made me review my AV situation. W10 has Defender and will not sit comfortably with any other AV programs, in fact it switches off if any other AV is installed. A quick check of various sites gives an impression that Defender is just about "adequate" but not stellar for protection. I was always impressed in the past with W7 and the MS Security Essentials package, never having been infected in years. Anyway I have opted to go a combo 3rd party payware with AVG which seems to get amongst the highest reviews at the moment and Malwarebytes They can sit together quite the thing. First scan revealed 6 malwares residing on the PC that Defender had missed. Obviously the situation is fluid as one AV overtakes the other on a daily review basis. Generally it is a case of close eyes and hope for the best.
Really sorry to hear this. Sadly its becoming a common problem. But when you look at the bright side, this also means that many people and companies are working on a solution.
Be patient Dino, I'm convinced a solution will be found soon.
Huub
I'm with Sundog on the donation thing. That is to aid recovery, not to pay the b*st*rds.
Sue
Hi Dino,
Very sorry to hear this; I truely hope you'll find a way to recover ...
And I'll fully understand your principle position on not-paying these criminals.
Best regards, Rob
Dino, I know the pain you are going through at the moment - I suffered the same last year with the 'cryptowall 3' virus. I was running antivirus, firewall and was disconnected from the Web (having been away for the weekend). Started computer, attached external HD (my primary backup) and started backing up my latest files. I then disconnected that and repeated with my other external HD. The virus must have already been on the computer but lying fairly dormant because it infected both of them as well as the main computer drives and waited until it had all files encrypted then told me!
Like you, I refused to pay the ransom. One of the external HDs is sitting untouched until such time as the files can be decrypted. The other has been formatted and is back in use. I could not justify giving money to criminals, it will only encourage them and there is no guarantee that the files will be given back to you. Also, they would know that you can / are willing to pay so may hit you again.
If I'm ever lucky enough to meet the scum that did it, I would like the opportunity to peel their skin off and drop them in a bag of salt!
I get very sore about these people who go out of there way to make break and create mayhem ! destroying record details and information , model builds to the us the general public, I have a few choice words I could use here, I really don't see what the point is to disrupt a brilliant Artist and for what ! ... just shows the and gives the reflection of just how brain dead some people are .. Simply makes me absolutely Furious !
I respectfully agree with Dino's decision not to pay these criminals.
If you give in to their demands you have no guarantee that they will keep their part of the deal, in fact they are just as likely to demand more.
And while 20/20 hindsight is a wonderful gift, we all overlook our housekeeping on the odd occasion, so what is done is done.
Hope you can recover some of your data (or all of it) as an act of revenge on these cyber criminals .................................................. ...........
"Illegitimum non carborundum".
Phanteks Enthoo Evolv X D-RGB Tempered Glass ATX Galaxy Silver
Intel Core i9 10980XE Extreme Edition X
ASUS ROG Rampage VI Extreme Encore MB
Corsair Vengeance LPX 128GB (8x16GB), PC4-30400 (3800MHz) DDR4
Corsair iCUE H100i ELITE CAPELLIX White Liquid CPU Cooler, 240mm Radiator, 2x ML120 RGB PWM Fans
Samsung 4TB SSD, 860 PRO Series, 2.5" SATA III x4
Corsair 1600W Titanium Series AX1600i Power Supply, 80 PLUS Titanium,
ASUS 43inch ROG Swift 4K UHD G-Sync VA Gaming Monitor, 3840x2160, HDR 1000, 1ms, 144Hz,
Very sorry for you, Dino, and I applaud your decision not to pay. Principles’ best test is in distress. I do hope a solution will be found and you will be able to recover your files.<o></o
GUYS, THANK YOU ALL FOR YOUR SUPPORT!
Those who are interested may find some detail on my decisions and status of my current projects on facebook and on my blog -long story short:
- Will not pay the ransom
- HDD with source files was segregated, PC was formatted
- Most running project are canceled (ouch)
...and I will relax a bit and enjoy spring and summer.
http://indiafoxtecho.blogspot.de/2016/05/ransomware-infection-update.html
That one's a b*tch as well........ Think I picked it up through a pop-up somewhere, and before I knew it, it had encrypted over 100 Gb of data, including a lot of my photos. Thankfully I do have an external HDD that is always disconnected when not in use for back-ups, but still...
Had to reinstall several programs and games. My fully paid Panda AV didn't even notice it, had to get Malwarebytes to remove it. That did its job so well that I immediately bought it, and I have this tool from Bitdefender installed as well:
https://labs.bitdefender.com/2016/03...cine-released/
So far, so good.....
Intel i9-13900 Raptor Lake , Be Quiet! Dark rock slim cooler, 32 Gb Corsair DDR5 RAM, MSI Z790 Tomahawk motherboard, Asus RTX 4060Ti 16Gb, Thermaltake 1050 Watt PSU, Windows 11 64-bit 1 m2, 4 SSD, 2 HDD.
Yes, I have since this thread emerged decided to disconnect my external WD HD's which only exist for archive purposes anyway. A little inconvenience in that I have to go scrambling about under the desk.
We cannot give in and pay these people. They are criminals, no two ways about it. What next? Pay terrorists to release hostages? It only would serve to encourage them. No, we have to draw a line in the sand. I salute Dino's stance.
Members who have read this thread: 0
Posting Permissions
Bookmarks