Jump to content

Recommended Posts

Posted (edited)

Que les parece, el servidor de archivos de un cliente que tenía instalado Eset Endpoint para servidores fue infectado por el RANDSOMWARE MAKOP que encriptó todos los archivos. Lamentablemente la eficacia del producto fue nula pues ESET ENDPOINT fue anulado y bloqueado por completo.

Nunca había visto que un producto de ESET sea tan DEFICIENTE.


Machine translation:

The file server of a client that had Eset Endpoint for servers installed was infected by the RANDSOMWARE MAKOP that encrypted all the files. Unfortunately the efficacy of the product was null since ESET ENDPOINT was completely canceled and blocked.

I have never seen an ESET product be so DEFICIENT.

WhatsApp Image 2020-04-06 at 23.45.01.jpg

WhatsApp Image 2020-04-07 at 00.15.59.jpg

Edited by Marcos
Machine translation added

Share this post

Link to post
Share on other sites

First of all, we kindly ask you to communicate in English since this is an English forum and most of moderators and users don't speak other languages.

As for the incident, we don't know what version of ESET was installed and how it was configured or if the server and specifically RDP was secured or not. It often happens that servers don't have RDP secured or have all critical vulnerabilities patched. Then they easily fall a victim of attackers who connect to the server, disable or uninstall the antivirus and run ransomware to encrypt files.

Please submit the following stuff to samples[at]eset.com:
1, Logs collected with ESET Log Collector (first make sure that ESET is running and updating alright)
2, A handful of encrypted files (ideally Office documents)
3, The ransomware note with payment instructions.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...