Sign in to follow this  
Followers 0
r0k_steady

(SOLVED) Obamausa7 Ransomeware

3 posts in this topic

Morning All,

 

Has anyone heard of this obamausa7 virus/ransomeware or more importantly have a removal tool for it?

 

One of our servers was infected overnight. It appears to have encrypted a whole load of files and is obviously asking for cash in return for the decryption key. Searching on Google only brings up a handful of results, none from reputable AV/spyware companies and all use the same wording so look a little suspect. All were written around the 24-26th November so it looks fairly new.

 

Any help getting rid of this would be greatly appreciated.

 

Thanks in advance.

 

RS.

Share this post


Link to post
Share on other sites

Just in case anyone else runs into this, we managed to restore the affected files to a previous version using Shadow Copy. Not sure if this resolved the underlying issues though.

Share this post


Link to post
Share on other sites

Hi RS

 

I've never come across this one (although it may be the same as another just renamed) if SVC works then great, it proves it's not as bad as some and restore procedures should be effective against it.

 

But backups are a must (as I keep telling my clients) often this is the only way to deal with the issue after infection.

 

Glad you got it sorted :)

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0