New
#1
Let's start a new sub: Survivors of ADAME ransomware attacks
I've been using computers since 1989. Started with DOS 3.0 and Machine Basic on an old IBM PC-XT 8088 with the 8086 Match Coprocessor.
I've seen computers develop over the years, so that now there are systems with two 28-core CPUs making a 56-core system with multiple 32-GB Ram Cards. I've even experienced this progress firsthand when I built a Ryzen 5 system for a friend- With only 8GB of Ram, the CPU Itself had better 4K graphics than my Geforce GTX 750 Ti and its 2GB of GDDR5 Ram.
But while Computers and Operating systems have progressed, so have VIRUSES.
What's the Old Man on about, is what you are asking?
Last week I was watching Season 9 of Perry Mason on my Apple TV 4K*, counting down to Episode 21, the only colour episode of the series, "The Case of the Twice Told Twist". But instead of my PLEX server automatically starting playback of the next episode, suddenly I was faced with the Signature "Apple Spinner" and no video signal.
No Problem, I thought, the system where my Perry Mason DVD rips were (note: were) stored was my old ASUS M2N system, which notoriously hangs up all the time or BSOD's or some failure. But when I flipped over to that system, I was confronted with a Desktop populated with files ending with "ADAME". The whole drive was ADAME files.I don't even know how the OS was still running. At first I thought that this virus was simply renaming the files, but it was also ENCRYPTING the files. So most of the files on my storage PC were lost.
Looking at the system FS, I could see how the virus was jumping from folder to folder to the next drive and then into my Apple Time Capsule where it infected THOSE files (mac files on a mac partition, so MACs are not immune to this cack).
The first thing to do was find the process that was doing this, I found it easily, but that's when I flipped back to my Main PLEX server, and the damn virus was starting in on that system too!
I had to delete music and video libraries I had been collecting for YEARS. But I finally stopped the progress, I was able to catch it trying to jump into my main PC once again, but the worst damage was on my ancient Windows XP driven Pro Tools workstation (The version of PT I use has to run on XP only).
I Lost YEARS of recording sessions, mixes, video files.
But thanks to ol' Perry Mason, this ransomware would have infected every file on 3 PCs and over 10 TB of data. - And it had even started getting into my iPhone, cos I use a program called Filza which is a full Finder for iOS, and I saw it trying to get in THERE.
I don't know where I got this from, and I am always careful. But THIS version of the ransomware, Spyhunter passed right over it without detecting it. It got passed my VPN and the AV on two systems, and my AV did not even blink, it just allowed the intrusion with a how de do, please come in and delete my files.
So, these rat finks managed to finally get me. I lost ONE whole system, two whole drives on that system, and half of a 2TB WD MyBook. It ransacked 80gb on a 160gb Windows XP System drive, it DEVOURED about 300gb on a 750gb drive where I had recording sessions stored. Then it got in to my main PC and it literally erased most of the files on 8 HDDs and it even chipped away on the SSD system drive. But the reason why it did not do more damnage THERE, is because I use a 2TB eSATA HDD as scratch disks for all my programs, ie, video editors, music mixing programs, Photoshop etc.
Just remember, if they can get someone as paranoid as me, they can get you too.
And as I did not lose EVERYTHING, I can start rebuilding. But I did lose about 2 TB of Programs I had been storing since the late 90's, some of which were still useful, but are totally unavailable.
Since I don't really know where this came from, and it had to be something new, and I do occasionally download old programs from Oldversion com, and sometimes I even use download com or softpedia. Majorgeeks, Afterdawn, which in the past have been relatively harmless, these SOBs that planted this, it may have been put into a popular item, maybe even into a program update.
Has anyone else in here been ADAME'd? I'd like to know how you dealt with it, and more important, what you did you do to add safeguards into your system(s) to make sure this can't get in again? What are the most effective Anti Ransomware tools, and, is there a way to de-decrypt infected files?
* Irony there, he's got a 4K ATV and he's watching Perry Mason?!?