What extension do encrypted files have?
How was my information encrypted?
Normally these attacks happen through spam emails (phishing) where an attached file containing the virus is included. These emails are opened by a network user and when downloading the attachment, usually pdf, .docx, executable, etc. the virus is executed and the virus begins the encryption process.
In other cases, the infection occurs through vulnerable RDP ports or outdated software bugs/flaws.
What should I do to recover my information?
Here are the steps you need to take to retrieve your information:
- Do not contact cyber criminals under any circumstances. This will only let criminals know that you require the information and do not have backups. World statistics show that in approximately 92% of cases, after the extortion payment is made, a second deposit is requested and the data is not recovered.
- Immediately disconnect the network equipment and isolate it to avoid encryption complications.
- Avoid tampering with or running generic data recovery software. By doing so, you can affect the structure of the information and make it unrecoverable.
- Check if you have backups where you could restore the data. If this is not the case, contact us immediately to evaluate the case.