• Welcome to AppraisersForum.com, the premier online  community for the discussion of real estate appraisal. Register a free account to be able to post and unlock additional forums and features.

Ransomeware Extortion

Status
Not open for further replies.
Joined
Jul 13, 2005
Professional Status
Certified Residential Appraiser
State
California
I clicked on an email I mistook for something else, and WHAMO! System locked, encrypted by extortionist Ransomeware criminals! Having a very bad day today, after inspection a particularly stinky, ugly mfg house, I returned to my ofc to deal with the ransomeware problem & continued my research re: Ransomeware, Cryptosystems etc, and found that although FBI says not to pay the criminals, there is absolutely no way to de-encrypt your files without paying the creeps. There are ways to remove the virus, but not de-encrypt your files. Confession: I've been erratic about backing up my computer offsite. My bad. So now what? Changed my passwords via my laptop immediately, sent a detailed log to the FBI field ofc, as they are gathering info on these hacks, and finally, blindly, started the process to pay the info-nappers. They want Bitcoins! ??! The original email has a Russian-looking name ID on it. Blind program to "buy" the Bitcoins is in Luxembourg. They wanted 0.9 Bitcoins! Sheesh! That couldn't be so much... oh yeah... $617.99!!!!! I closed the program and went for a glass of wine.

I probably have 3 months of reports (and other personal stuff) turned to gibberish. Don't have time to rebuild everything, & haven't printed hardcopies of my reports. Also didn't send my reports to "The Vault" via ala Mode. Duh. So today I learned that 1) even the itty bitty little guys are in jeopardy 2) automatic backups connected to your computer will also be turned to mush 3) automatic and continual backups to the cloud may be turned to mush and 4) only full backups that are stored separately from your computer not be corrupted, so after you have your hard drive, incl operating system & all programs wiped off your computer, you can re-load the backup stuff onto your empty computer. What a financial and time waster.

Don't know if I'll try to pay this criminals, or perhaps try to get .pdfs of the missing reports from my customers, or just hook up my new, clean computer and start from NOW, and add in my old backup stuff that is incomplete. So this is a real thing, folks.
 
Joined
Jul 13, 2005
Professional Status
Certified Residential Appraiser
State
California
More bad news. I had my camera chip plugged into a usb in my desktop computer last night, and all those files and photos are also corrupted. I didn't know that when I pulled the chip out and took photos onto that chip today. All of today's ugly mfg house photos and comps taken AFTER the ransomeware attack, are all corrupted and unusable, and show file extension as THOR. I think I may be having a heart attack. Really.
 

CindyR

Senior Member
Joined
Oct 26, 2003
Professional Status
Certified Residential Appraiser
State
Arizona
oh wow. i can not imagine how awful this may be. try to take a few deep breaths and not really have a heart attack.

i have been having some computer battles with windows 10 lately and ended up with all my appraisal files on one computer but i am still stuck with my email programs on a different computer. they are all networked and it is easy to share data but i decided i was not going to try and fix it. i really did consider worst case scenario and i know that an email catastrophe, such as you experienced, will not cause an appraisal file catastrophe, such as you experienced.

Good luck in your recovery efforts. From what i have read they really do give you your data back if you pay the fee but i have no experience and no advice.
 

Elliott

Elite Member
Joined
Apr 23, 2002
Professional Status
Certified General Appraiser
State
Oregon
1. You have no assurance the bad people will release the data just because you pay them.
2. Learn to back up early and often.
3. If the work went to lenders, I'd bet they cooperate and send you what you sent them.
4. Change your settings so your a guest user. Guest users don't have administrative privileges and can't 'run' unknown programs.
 

Meandering

Elite Member
Joined
Feb 26, 2006
Professional Status
Real Estate Agent or Broker
State
Pennsylvania
time for a new computer.
 
D

Deleted member 134708

Guest
Hmm, tough call. I'd be way too Leary of that program laying in wait to be used again on me if you paid them off. In back my mind I'd be thinking it lives in 1 of my appraisal files. Be worrying about it for years.


I'd probably unplug PC, store it in garage as evidence/explanation if ever needed it about missing workfiles.

Go get new PC and start from scratch. Take the necessary security steps you have learned while investigating this crime.

I'm huge fan of 2-step verification. Please share any security tips you learned and I mean it, best whishes.
 

bnmappraisal

Elite Member
Gold Supporting Member
Joined
Nov 9, 2011
Professional Status
Certified Residential Appraiser
State
Florida
So sorry to hear Sandra. Best of luck.
As far as paying to get your info back ... that's your call. I don't honestly know what I would do in that situation.
 
Status
Not open for further replies.
Find a Real Estate Appraiser - Enter Zip Code

Copyright © 2000-, AppraisersForum.com, All Rights Reserved
AppraisersForum.com is proudly hosted by the folks at
AppraiserSites.com
Top

AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock
No Thanks