Jump to content

Ransomware


Recommended Posts

Que les parece, el servidor de archivos de un cliente que tenía instalado Eset Endpoint para servidores fue infectado por el RANDSOMWARE MAKOP que encriptó todos los archivos. Lamentablemente la eficacia del producto fue nula pues ESET ENDPOINT fue anulado y bloqueado por completo.

Nunca había visto que un producto de ESET sea tan DEFICIENTE.

 

Machine translation:

The file server of a client that had Eset Endpoint for servers installed was infected by the RANDSOMWARE MAKOP that encrypted all the files. Unfortunately the efficacy of the product was null since ESET ENDPOINT was completely canceled and blocked.

I have never seen an ESET product be so DEFICIENT.

WhatsApp Image 2020-04-06 at 23.45.01.jpg

WhatsApp Image 2020-04-07 at 00.15.59.jpg

Edited by Marcos
Machine translation added
Link to comment
Share on other sites

  • Administrators

First of all, we kindly ask you to communicate in English since this is an English forum and most of moderators and users don't speak other languages.

As for the incident, we don't know what version of ESET was installed and how it was configured or if the server and specifically RDP was secured or not. It often happens that servers don't have RDP secured or have all critical vulnerabilities patched. Then they easily fall a victim of attackers who connect to the server, disable or uninstall the antivirus and run ransomware to encrypt files.

Please submit the following stuff to samples[at]eset.com:
1, Logs collected with ESET Log Collector (first make sure that ESET is running and updating alright)
2, A handful of encrypted files (ideally Office documents)
3, The ransomware note with payment instructions.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...