User comments on ISPs
  >> BT Broadband


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | (show all)   Print Thread
Standard User AnnHannah
(newbie) Fri 22-Nov-19 14:18:52
Print Post

BT Broadband call


[link to this post]
 
Hi,
Really hoping someone can help me out. Went to visit my mother in law yesterday and she has been scammed. She had a call and they said they were BT and that there was issues with her computer. It was definitely not BT I have checked the number and found this: comment on the number online She has actually been having issues so she believed them, they knew her full name and address she had no reason to believe it was fake. To cut a long story short she basically let them remotely control her computer to 'fix it' and shes now had every single file on her computer locked. She has a ransom note on her computer which is the only thing she can open, telling her to click some dodgy link and pay in cryptocurrency to get her files back. I have told her not to pay it but I cannot work out how to get all her photos back. Her other son died a few years back and she has lots of photos that are obviously not replaceable and very sentimental. I have looked online and it seems like not much can be done other than to pay it :/ any suggestions at all?

Thanks
Ann
Standard User MoM
(newbie) Fri 22-Nov-19 15:14:01
Print Post

Re: BT Broadband call


[re: AnnHannah] [link to this post]
 
Tough one, if its encrypted then maybe a brute force may work?

How much are they asking for? I don't now of any one who has managed to bypass one of these type of attacks.
Standard User AnnHannah
(newbie) Fri 22-Nov-19 15:19:15
Print Post

Re: BT Broadband call


[re: MoM] [link to this post]
 
They want £1500 and theres no guarantee they will give back access to the photos, what if we pay and they ask for more? frown


Register (or login) on our website and you will not see this ad.

Standard User ian72
(eat-sleep-adslguide) Fri 22-Nov-19 15:24:05
Print Post

Re: BT Broadband call


[re: AnnHannah] [link to this post]
 
Have the police been informed.

As far as getting the photos back I am afraid it is likely to be bad news. It is almost impossible to crack this sort of encryption software - many large companies have tried it when they have been hit and it would cost a small fortune to even get someone to attempt it. And you are already aware that paying the money is no guarantee that they will unlock the files.

I am afraid without a backup of the files the chances of getting them back is very low.

Get the police in. Talk to them about it and I suspect they will give you the same advice.

Sorry that this has happened and I know it is too late but backups of important and personal information are essential and I am so sorry that it isn't going to help to resolve this.
Standard User sheephouse
(member) Fri 22-Nov-19 15:25:08
Print Post

Re: BT Broadband call


[re: AnnHannah] [link to this post]
 
There are ways to break the encryption on some (but not all) of these attacks - but it is a technical job that not everyone could do.
Can you post the *exact* name of the ransom note, and the *exact* text in it? That might identify the malware, and hence a fix.
Then leave the computer switched off for now.
Standard User AnnHannah
(newbie) Fri 22-Nov-19 15:27:35
Print Post

Re: BT Broadband call


[re: ian72] [link to this post]
 
We rang the police and they basically said they dont have the training or knowledge to deal with this type of crime. They aid to call the cyber crime team and report but apparently there is a huge waiting list as there are more hackers than people trained to fight against it. Tbh im really dismayed about the lack of support there is for such crimes. The police even said its up to us if we pay, they cannot advise either way, which I was suprised to hear.
Standard User Oliver341
(eat-sleep-adslguide) Fri 22-Nov-19 15:29:17
Print Post

Re: BT Broadband call


[re: AnnHannah] [link to this post]
 
As already suggested, call the police and do not pay it. The scammers will almost certainly ask for more money or simply take the money and not give anything in return. The more people who pay, the more these scams will proliferate.

Oliver.
Standard User ian72
(eat-sleep-adslguide) Fri 22-Nov-19 15:32:00
Print Post

Re: BT Broadband call


[re: AnnHannah] [link to this post]
 
I am afraid it is difficult to give a solution. As someone else posted it may be that it is a known encryption that could be broken but the majority can't be broken easily - many would take all the computing power you can throw at it thousands of years to crack - this encryption is used for the most sensitive data and it is designed to be effectively uncrackable. Most business end up just reformatting the devices and reinstalling from scratch (although some do pay the ransom as the financial loss from losing the data could be enormous).
Standard User AnnHannah
(newbie) Fri 22-Nov-19 15:33:47
Print Post

Re: BT Broadband call


[re: sheephouse] [link to this post]
 
Hey, this is the ransom note:


—= GANDCRAB V5.0.4 =—

Attention!
All your files, documents, photos, databases and other important files are encrypted and have the extension: .OBKBTXTN

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.

The server with your key is in a closed network TOR. You can get there by the following ways:

| 0. Download Tor browser – hxxps://www.torproject.org/

| 1. Install Tor browser
| 2. Open Tor Browser
| 3. Open link in TOR browser: hxxp://gandcrabmfe6mnef.onion/bba886b160b8e97e
| 4. Follow the instructions on this page

—————–

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.

ATTENTION!

IN ORDER TO PREVENT DATA DAMAGE:

* DO NOT MODIFY ENCRYPTED FILES
* DO NOT CHANGE DATA BELOW

—BEGIN GANDCRAB KEY—

—END GANDCRAB KEY—

—BEGIN PC DATA—

—END PC DATA—
———————
Standard User sheephouse
(member) Fri 22-Nov-19 15:39:09
Print Post

Re: BT Broadband call


[re: AnnHannah] [link to this post]
 
OK, you may just be in luck. They aren't using the latest version of the encryption malware, and there are reports of a bug in the 5.04 version that has been broken previously. I'll look into it a bit more...
Pages in this thread: 1 | 2 | 3 | 4 | (show all)   Print Thread

Jump to