Jump to content

ESET and lockbit 3.0


Recommended Posts

Hi All,

I have ESET (at home, but I'm at work, so I cannot answer questions yet about which version or package).  My work's IT people were hit by lockbit 3.0.  That may have infected us at work too. 

Does ESET recognize and address/remove lockbit 3.0?  Do I need a special malware package for this?

Thank you.

Link to comment
Share on other sites

  • Most Valued Members
55 minutes ago, ctviggen said:

Hi All,

I have ESET (at home, but I'm at work, so I cannot answer questions yet about which version or package).  My work's IT people were hit by lockbit 3.0.  That may have infected us at work too. 

Does ESET recognize and address/remove lockbit 3.0?  Do I need a special malware package for this?

Thank you.

I'm a little confused. Just to clarify the computer that Eset is installed has not been infected?

Most AVs generally have protection against ransomware but once it's infected removing the ransowmare itself won't decrypt the files.

Link to comment
Share on other sites

  • Administrators

When a machine with ESET installed gets infected with ransomware and files get encrypted, it's usually because the attacker managed to gain access to the machine typically via RDP and was able to pause or uninstall the AV prior to running the ransomware.

Link to comment
Share on other sites

57 minutes ago, ctviggen said:

Interesting.  So, if I take a USB memory stick home, I would not then transfer ransomware to my home? 

It all depends on how you acquired the USB drive. Read this article for further reference: https://www.darkreading.com/attacks-breaches/fbi-warns-fin7-campaign-delivers-ransomware-via-badusb .

Also, you must let Eset scan the USB drive when it's connected to your home PC if the USB drive has been used on external computers.

Edited by itman
Link to comment
Share on other sites

Thanks, This was my USB I took from home to use at work, then took from work to home and I used ESET to scan it. ESET found nothing.

I don't think our company has been infected, but the company that is IT support for us has.  But our system at work has been shut down by the IT folks, so it's possible we were infected.  For how long, I do not know. 

So, my concern was that if my USB had lockbit 3.0 malware, would ESET find it?  I guess the answer is, yes. 

Link to comment
Share on other sites

  • Administrators

It is not typical of ransomware to spread via removable media like worms. It's ok to assume that the USB key is malware free if no threat was found on either machine.

Link to comment
Share on other sites

  • Most Valued Members

One thing that I'd recommend if you are concerned about ransomware is to have an offline backup

Ransomware can infect connected devices such as external harddrives and also synced cloud backup services. By having a local offline backup if your ever hit by ransomware you have your offline backup

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...