Ransomware used clients computer

adambomb1258

Estimable
Jun 10, 2015
10
0
4,560
0
I have had a call from a customer explaining that one of their servers has ransomware on it. It apparently printed out a sheet of paper with the words "What Happened?". I haven't heard of this before and neither has my adviser. All help is greatly appreciated.
 

Avast-Team

Respectable
Mar 3, 2017
225
0
2,160
52
It's not unheard of for hackers/malware to hijack printers, but I'm not convinced this is ransomware just yet.

The mark of ransomware, usually, is that files on your computer become encrypted and the user receives a message, often which takes up the entire desktop or appears on boot, informing the user that files have been encrypted and demanding a ransom. You can see some examples here:

https://www.avast.com/ransomware-decryption-tools

I would strongly recommend isolating the affected devices (and the printer) and running scans on those devices to remove any malware/etc. as well as any further investigation needed before you re-introduce them to the network. Even if it's not ransomware, that doesn't mean it isn't harmful.
 

Avast-Team

Respectable
Mar 3, 2017
225
0
2,160
52
It's not unheard of for hackers/malware to hijack printers, but I'm not convinced this is ransomware just yet.

The mark of ransomware, usually, is that files on your computer become encrypted and the user receives a message, often which takes up the entire desktop or appears on boot, informing the user that files have been encrypted and demanding a ransom. You can see some examples here:

https://www.avast.com/ransomware-decryption-tools

I would strongly recommend isolating the affected devices (and the printer) and running scans on those devices to remove any malware/etc. as well as any further investigation needed before you re-introduce them to the network. Even if it's not ransomware, that doesn't mean it isn't harmful.
 

adambomb1258

Estimable
Jun 10, 2015
10
0
4,560
0

Thank you for your help. We ended up running a scan with the server HDD plugged into another pc, Hitman pro picked up most of the viruses and the randsomeware seemed to be very armature since it was wiped just from hitman pro. We were very lucky in this case
 
Thread starter Similar threads Forum Replies Date
D Antivirus / Security / Privacy 0
Frankenstein002 Antivirus / Security / Privacy 9
S Antivirus / Security / Privacy 4
A Antivirus / Security / Privacy 9
G Antivirus / Security / Privacy 8
Paul Wagenseil Antivirus / Security / Privacy 10
Marshall Honorof Antivirus / Security / Privacy 1
Paul Wagenseil Antivirus / Security / Privacy 4
Paul Wagenseil Antivirus / Security / Privacy 1
Paul Wagenseil Antivirus / Security / Privacy 2
Paul Wagenseil Antivirus / Security / Privacy 7
Avast-Team Antivirus / Security / Privacy 2
Paul Wagenseil Antivirus / Security / Privacy 1
anbu13 Antivirus / Security / Privacy 0
Paul Wagenseil Antivirus / Security / Privacy 3
L Antivirus / Security / Privacy 20
Paul Wagenseil Antivirus / Security / Privacy 30
S Antivirus / Security / Privacy 9
F Antivirus / Security / Privacy 3
uplink-svk Antivirus / Security / Privacy 29

ASK THE COMMUNITY

TRENDING THREADS