How to send Bitcoins to nefarious people?

[Alumarine]

If I've posted this in the wrong area sorry, please remove or delete.

I'm hoping someone in our community here can provide some help.

A friend got a Crypto virus and she has to send a Bitcoin payment to get the files unencrypted.
Has anyone had to do this?
I'm trying to make sure she doesn't get ripped off just purchasing the Bitcoin.

I realize that it's a crapshoot no matter what. Just trying to make it go as good as possible.

thanks for any help

And yes, she knows about backups and virus software etc.
Sometimes stuff just happens.
And also realize may get nothing back.

 

[Scott Danforth]

find a good IT guy to take care of the ransom ware

 

[Alumarine]

find a good IT guy to take care of the ransom ware

Good idea but apparently virtually impossible to unencrypt with out the key.

 

[sangerwaker]

Not true. Our work server got infected with ransom ware and we were able to get all of our files back and never paid the bastages a cent! You just need a GOOD IT person.

 

[tpenfield]

There are better ways to deal with this, and often it is advised not to pay the ransom. So, you may want to have your friend look into alternatives first.

 

[GA_Boater]

Paying the ransom insures this theft continues. It can be removed;

http://lmgtfy.com/?q=removing+cryto+virus

 

[aspeck]

Please don't pay the ransom. As has already been said, a good IT guy can clear it up.

 

[Alumarine]

Not true. Our work server got infected with ransom ware and we were able to get all of our files back and never paid the bastages a cent! You just need a GOOD IT person.

I'm guessing they were backed up so didn't have to deal with them.

 

[Alumarine]

find a good IT guy to take care of the ransom ware

If you meant to get rid of the ransom ware on the computer, yes it's gone.
I also put in a new hard disk and did a factory restore.
Just have to get the data back.

 

[gm280]

marc C, if you have over the ransom, you promote more of the same. And obviously that isn't what anyone need to to. As previously stated, a good IT person can void your drive of ransom ware without paying any money. Please don't allow them to profit.

 

[tpenfield]

There have been great strides in the past couple of years to be able to decrypt the files without paying the ransom. Google 'cryptolocker decrypt' and that can get you heading in the right direction.

That is the course of action that myself and others are recommending. Your friend may have to do that regardless of paying the ransom.

 

[Scott Danforth]

The guy at my last job was a guru. Has his own ISP for the small town he lived in. Has something like 5000 customers.

Fixed the laptop that had ransomware on it from the sites my daughter was on. Took him all of 10 minutes

The current IT guy at my current job couldn't backup a laptop if his life depended on it.

Get a good IT guy

 

[fhhuber]

contact cops.
Let them set up the tracing needed to catch the criminals.

 

[Alumarine]

This is the Ransom.Crysis one.

It's not hard to get rid of but I don't think anyone's figured out how to decrypt it.
Haven't seen a fix for it.

Somehow I don't think the police are going to go to Africa to help me out.

 

[GA_Boater]

This is the Ransom.Crysis one.

It's not hard to get rid of but I don't think anyone's figured out how to decrypt it.
Haven't seen a fix for it.

Somehow I don't think the police are going to go to Africa to help me out.

Yes, there is a fix found in the last couple of days - http://www.lifehacker.com.au/2016/11...cryption-keys/

Not so much the police, but the FBI and international cybercrime units are after these ransomware thieves.

 

[tpenfield]

This is the Ransom.Crysis one.

It's not hard to get rid of but I don't think anyone's figured out how to decrypt it.
Haven't seen a fix for it.

Somehow I don't think the police are going to go to Africa to help me out.

Advise your friend as you see fit, but there are ways to resolve this.

 

[Alumarine]

Yes, there is a fix found in the last couple of days - http://www.lifehacker.com.au/2016/11...cryption-keys/

Not so much the police, but the FBI and international cybercrime units are after these ransomware thieves.

Thanks for that link. I had searched earlier in the week but there was no info then.
It helped to decrypt the files but some are corrupt.

 

[gm280]

Being able to open or edit a file is the key to fixing them. However, unless you are familiar with the file language, it would take a very good IT person to clean them up. But there are such folks all over the place. I could easily fix computer files that I knew the language of them, and had done so many times. But there are so many languages that a person has to know to clean the corruption out of them.

Sounds like when you do get everything working again, you need a much better firewall installed to perclude that from ever happening again. Downloading games, programs and such are how some folks do get access to your computer to corrupt them. JMHO

 

[Alumarine]

Being able to open or edit a file is the key to fixing them. However, unless you are familiar with the file language, it would take a very good IT person to clean them up. But there are such folks all over the place. I could easily fix computer files that I knew the language of them, and had done so many times. But there are so many languages that a person has to know to clean the corruption out of them.

Sounds like when you do get everything working again, you need a much better firewall installed to perclude that from ever happening again. Downloading games, programs and such are how some folks do get access to your computer to corrupt them. JMHO

I've sent the now bad simply accounting data to an online site that might be able to fix them.
We'll see.

Thanks for all the ideas guys.