[HELP] Cerb3r Ransomware attack

[HELP] Cerb3r Ransomware attack

Missing
Deal Cadet
0
73
518
7

One of my friends small company has been attacked by Cerb3r Ransomware and he is not able to use any of his files.
Does anybody know how to fix this . Please its urgent.

Thanks in advance.

29 Comments  |  
12 Dimers
Missing
Deal Cadet
0
73
518
7
@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?

Timon    gesture drawing by gooseberry007
Deal Lieutenant
0
20
4674
37
@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


If he is ready to pay then where is the problem ? Thats why ransom wares are created roll

Missing
Deal Cadet
0
73
518
7
[email protected] ":http://www.desidime.com/users/...34 wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


If he is ready to pay then where is the problem ? Thats why ransom wares are created roll


question is will they unlock data after that or not . money asked is in bitcoins .. what if they don’t do after paying .. like any ransom !

Timon    gesture drawing by gooseberry007
Deal Lieutenant
0
20
4674
37
@gotrajk wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


If he is ready to pay then where is the problem ? Thats why ransom wares are created roll


question is will they unlock data after that or not . money asked is in bitcoins .. what if they don’t do after paying .. like any ransom !


Check this if it helps

https://noransom.kaspersk...m/

Paying is always a risky affair. Sometimes it work and sometimes not.

ad bot
1
1
1
1
Ad Bot

I found this sponsored content on one of the ad networks.

Missing
Deal Cadet
0
73
518
7
[email protected] ":http://www.desidime.com/users/...34 wrote:

@gotrajk wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


If he is ready to pay then where is the problem ? Thats why ransom wares are created roll


question is will they unlock data after that or not . money asked is in bitcoins .. what if they don’t do after paying .. like any ransom !


Check this if it helps

https://noransom.kaspersk...m/

Paying is always a risky affair. Sometimes it work and sometimes not.


Thanks for the help. Will try..

Tumblr n4kqg2kerk1tzsjxho3 500
Moderator
80
132
25090
634
@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.

Missing
Deal Cadet
0
73
518
7
@no fpd wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.


Thanks bro .. .conveyed message to him.. he is trying methods you told.
appreciate ur help

Timon    gesture drawing by gooseberry007
Deal Lieutenant
0
20
4674
37
@no fpd wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.


How to lose already lost data ? roll

Tumblr n4kqg2kerk1tzsjxho3 500
Moderator
80
132
25090
634
[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.


How to lose already lost data ? roll


its not lost.. its encrypted.. u need a decryption key.. thats it

If you do system restore or regedit it will be back to normal

Timon    gesture drawing by gooseberry007
Deal Lieutenant
0
20
4674
37
@no fpd wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.


How to lose already lost data ? roll


its not lost.. its encrypted.. u need a decryption key.. thats it

If you do system restore or regedit it will be back to normal


Since when system restore started backing up User Files roll

Blackberry logo2
Deal Subedar
0
75
1266
37

They charge 0.75 or 1.5 BTC i think,so be ready to pay 500-1000$,also search for anti ransomware softwares,some might work.

Tumblr n4kqg2kerk1tzsjxho3 500
Moderator
80
132
25090
634
[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.


How to lose already lost data ? roll


its not lost.. its encrypted.. u need a decryption key.. thats it

If you do system restore or regedit it will be back to normal


Since when system restore started backing up User Files roll


System restore will remove the malware/Trojan which came up with some update or bad software/driver installation form unreliable sources/torrents etc .
Read the whole thing u will understand.

I dont think u r from CS background. smile toungueout

Timon    gesture drawing by gooseberry007
Deal Lieutenant
0
20
4674
37
@no fpd wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.


How to lose already lost data ? roll


its not lost.. its encrypted.. u need a decryption key.. thats it

If you do system restore or regedit it will be back to normal


Since when system restore started backing up User Files roll


System restore will remove the malware/Trojan which came up with some update or bad software/driver installation form unreliable sources/torrents etc .
Read the whole thing u will understand.

I dont think u r from CS background. smile toungueout


OP files are encrypted and you are suggesting system restore ?

If the boot sector is infected will the system restore work ?

Tumblr n4kqg2kerk1tzsjxho3 500
Moderator
80
132
25090
634
[email protected] ":http://www.desidime.com/users/...34 wrote:

OP files are encrypted and you are suggesting system restore ?

If the boot sector is infected will the system restore work ?


Read the following

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...

and ask OP tomorrow if this worked??

Kill bill pandey
suspended
0
50
302
5
@no fpd wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

[email protected] ":http://www.desidime.com/users/...34 wrote:

@no fpd wrote:

@gotrajk wrote:

@no fpd wrote:

sorry its not possible. if u dont hv any back up forget all data

u may try this.. safe mode removal
scroll down towards end

https://www.pcrisk.com/removal-guides/10432-cer...

http://www.virusresearch.org/remove-cerber3-ran...


guy is ready to pay as data is very imp for him. will they restore his data ?


DO NOT EVER PAY..!! YOU WILL LOSS BOTH.. DATA AND MONEY..!! THEY EVEN HACK YOUR ACCOUNT TOO..

TRY THE METHODS I MENTIONED IT SHOULD WORK.


How to lose already lost data ? roll


its not lost.. its encrypted.. u need a decryption key.. thats it

If you do system restore or regedit it will be back to normal


Since when system restore started backing up User Files roll


System restore will remove the malware/Trojan which came up with some update or bad software/driver installation form unreliable sources/torrents etc .
Read the whole thing u will understand.

I dont think u r from CS background. smile toungueout


bro I am from cs background but have no idea about this ransomware thing

Missing
Deal Cadet
0
64
788
5

Happened with me as well. All files photos on my laptop were encrypted. Mostly small files below 100 mb were encrypted. However a few movies were encrypted a most were not. Didnt pay, lost all my old photographs roll

Missing
Deal Cadet
0
73
518
7
@ayushman.gaur722 wrote:

Happened with me as well. All files photos on my laptop were encrypted. Mostly small files below 100 mb were encrypted. However a few movies were encrypted a most were not. Didnt pay, lost all my old photographs roll


so nothing worked for you ? did you try any of the software from above ?

Images
Moderator
2
214
13526
208

OMG!

Can we approach Police for this? Will having a very good anti-virus will Avoid this problem?
How can this happen actually?

Bookmarked

Missing
Deal Cadet
0
64
788
5
@gotrajk wrote:


@ayushman.gaur722 wrote:

Happened with me as well. All files photos on my laptop were encrypted. Mostly small files below 100 mb were encrypted. However a few movies were encrypted a most were not. Didnt pay, lost all my old photographs roll


so nothing worked for you ? did you try any of the software from above ?

Happened a year and half ago, used a few tricks and softwares mentioned on the internet, none worked

Missing
Deal Cadet
0
64
788
5
@hese wrote:

OMG!

Can we approach Police for this? Will having a very good anti-virus will Avoid this problem?
How can this happen actually?

Bookmarked

Nope, most attackers are based outside India, use a good antivirus and avoid malicious links, that’s the best we can do roll

Missing
Deal Cadet
0
73
518
7
@ayushman.gaur722 wrote:

@gotrajk wrote:


@ayushman.gaur722 wrote:

Happened with me as well. All files photos on my laptop were encrypted. Mostly small files below 100 mb were encrypted. However a few movies were encrypted a most were not. Didnt pay, lost all my old photographs roll


so nothing worked for you ? did you try any of the software from above ?

Happened a year and half ago, used a few tricks and softwares mentioned on the internet, none worked

ok

Missing
Deal Cadet
0
50
572
6
@hese wrote:

OMG!

Can we approach Police for this? Will having a very good anti-virus will Avoid this problem?
How can this happen actually?

Bookmarked


I believe Linux is inherently immune to such attacks. That and its negligible marketshare in the consumer space(as opposed to servers etc where it dominates) which makes it unattractive to hackers looking for the biggest payout. Security by obscurity!

Missing
Deal Cadet
0
77
740
6

Had it would be so easy to just use online available software and get your data back, attackers would not have asked for ransom.

The future path here depends on the past. If the system has a recent backup with most of the data stored then attempts could be made to restore data from a previous date by loosing the recent bytes. If the backup is not strong enough then a computer professional could be hired who will try to break the encryption. He can work on contract and needs to be paid only if data is retrieved.

Images
Deal Cadet
0
62
860
9
@abcwevr762 wrote:

@hese wrote:

OMG!

Can we approach Police for this? Will having a very good anti-virus will Avoid this problem?
How can this happen actually?

Bookmarked


I believe Linux is inherently immune to such attacks. That and its negligible marketshare in the consumer space(as opposed to servers etc where it dominates) which makes it unattractive to hackers looking for the biggest payout. Security by obscurity!

Nothing is immune,but it is 2000% times better

Missing
Deal Newbie
0
50
20
0

Hi, Cerber3 Ransomware is hard to be removed by common security software or traditional removal tool. To completely get rid of Cerber3 Ransomware, You should use a real-time malware removal tool. If your files-have-been encrypted, try the following methods and they might help restore your files.

Option 1: Use ShadowExplorer to restore files.

Option 2. Perform a system restore

if you do not know how to do, see this post:
http://guides.uufix.com/how-to-remove-cerber3-r...

Ransomware is really a big threat to your PC. Once your PC is infected with ransomware, your files will be encrypted that is hard to decrypt. Therefore, learn to how to prevent PC from ransomware infection is very important for a computer user. Otherwise, you need to pay for lots of money to hackers to decrypt the encrypted files. Please note that ransomware is a kind of malware designed by cyber criminals to extort money from its victims.

To prevent Ransomware infection in the future, you should read this infographic with patience.

http://guides.uufix.com/understand-ransomware-a...

https://heimdalsecurity.com/blog/wha...re-prote...

Missing
Deal Cadet
0
77
740
6

@gotrajk Update the thread with latest improvements.

Kabali
Deal Colonel
444
23,434
33756
275

@ayushman.gaur722 can u share how were u attacked. would help us a lot in taking precautions. tia.

Missing