Help. Hells Kitchen Ransomeware

[skeptic_SA]

So arrived to this today...



Is there a solution other than paying?

 

[Sinbad]

Restore data from a pre-infection backup

 

[wolverine_dcp]

I am assuming home pc and no backup?

 

[Slootvreter]

Remember: paying is never a solution.

 

[skeptic_SA]

Work based PC

 

[stefanl33t]

Search the extension of the encrypted files on Google. Maybe there is a decryption key available.
Although if it is a relatively new encryption, the key might not be available yet.

 

[skeptic_SA]

Docs being renamed ".xlsx.id-60805CA6[hells_kitchen@tutanota.com].java"

 

[TheMightyQuinn]

Restore data from a pre-infection backup

This.

 

[backstreetboy]

https://www.ubuntu.com/download/desktop

 

[Compton_effect]

That reminds me, time to backup my wife's laptop again.

 

[LCBXX]

No decryption tool available for that. Restore from backup.

 

[mercurial]

Eish.

 

[Slootvreter]

https://www.ubuntu.com/download/desktop

Interesting. Will that unlock the encrypted data?

 

[shadow_man]

Interesting. Will that unlock the encrypted data?

No - it's just a Linux OS.

The chances of being infected whilst using it are far slimmer though. Most ransomware is written with Windows in mind, as its easier to exploit and often the user has FULL PRIVILEGES.

Linux on the other hand follows a principle of least privilege and thus is way harder to exploit (by design).

 

[DrJohnZoidberg]

Interesting. Will that unlock the encrypted data?

No, he was trying to be funny

 

[mercurial]

No - it's just a Linux OS.

The chances of being infected whilst using it are far slimmer though. Most ransomware is written with Windows in mind, as its easier to exploit and often the user has FULL PRIVILEGES.

Linux on the other hand follows a principle of least privilege and thus is way harder to exploit (by design).

He was trying to be funny

 

[froot]

Interesting. Will that unlock the encrypted data?

It should stop it from happening again at least

 

[backstreetboy]

Interesting. Will that unlock the encrypted data?

No but it will stop it from happening again...

EDIT: too slow

 

[Slootvreter]

No - it's just a Linux OS.

The chances of being infected whilst using it are far slimmer though. Most ransomware is written with Windows in mind, as its easier to exploit and often the user has FULL PRIVILEGES.

Linux on the other hand follows a principle of least privilege and thus is way harder to exploit (by design).

Ah, as I thought. Someone punting Linux in a thread where someone has Windows issues. Yawn.

 

[leonb]

A side question, if I may:

Our business uses Dropbox to sync files across all the working computers, for collaboration, but also as backup should something goes wrong (stolen hardware, etc). Will these randsomwares also encrypt the Dropbox files that are synced locally on an infected computer, and then sync the encrypted files across all other computer, thereby corrupting all the original files (in cloud as well)?

If this is the case, what would be the easiest way of recovering all the original files from Dropbox?