[CRTech] Christian Radio Tech [MSG 79824]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
RE: Radio automation computer got hacked
To: "'CRTech'" <crtech@crtech.org>
Subject: RE: Radio automation computer got hacked
From: "Tom Raehl" <raehl@fastmail.net>
Date: Mon, 15 May 2017 08:57:23 -0400
Content-language: en-us
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.net; h= content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc :x-sasl-enc; s=fm1; bh=D+sa4Tg7NVH5kLPC1JrpfVbBuj61wfMSVpZIgvL/u q4=; b=r3vWBaUWqBuTxVm8JRBkel7dtEhKNElzAgFZMlNTE00aRu7XGciwgalHU AsKtIbGit9q7JGhdLye2VCvCx7H2NMDwFAAr35tTWKMa97ror7i4A+ViST5Ne9ih ArmfOzMzaR0Krxzj0x5ctjdk9q44Rfwy5g4fhOiG58bminPiadqFO+f+XOLA6xFD /XDrZL9/WeeXDzTqZjPLCcLey5Px2DdZSAhyDcqancUMbSCjUJpeh5hxToN6Mr+y AnDUZtB4+omNcyZk/ince7KtJyhn2vCQJhbb8crPSbF3fgtGun8w3Maqox8FmIkS bd5XYX1rrZY0ZXmqhKoBHvuAvbMLw==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=D+sa4Tg7NVH5kLPC1J rpfVbBuj61wfMSVpZIgvL/uq4=; b=Y9g/548QoxB422nGkpAjx+kd8dT05g1zhz HqyVYnAnKw/m2RH334LsoBE7pjX2G14dweod21cAZ6EZU08fHO/SYZ6/mQhh063V eN1TXxzEHSifqeEKFXy+VmFCtcCHRAeh3y0DIXECXmiY5Bl9dc6cacigsUA+T1+j HRQJ9xmlUfh0ybhDIVbMbuxO0pSow/oOXZI93glySNvfnf6+hPbszs80AmLIS6U2 7o0p7gwTBpx693kUoYEk3F0UrJ8owAvXkLDvp3c8cHTFwW0XVwRPfdT3CgYyB2W1 aYCeEVQEu8nRbtMr8cxe9NjaeYPBWL8waB2FMDwkb87zPupLziAw==
In-reply-to: <CAHL64sGKkiA5_8RHiRo93cgPS8o5JwOd17+gXEsefGopQQyH6g@mail.gmail.com>
References: <007b01d2cd2b$befd8820$3cf89860$@cox.net> <CAHL64sGKkiA5_8RHiRo93cgPS8o5JwOd17+gXEsefGopQQyH6g@mail.gmail.com>
Thread-index: AQESSGU0BInP0iNMXF10k12fot4DEgJyWMR8o2LRimA=

.wcry removal instruction may work without having to pay the ransom.  I don’t have the infection to try it.

 

https://www.pcrisk.com/removal-guides/10942-wcry-ransomware

 

~Tom Raehl

 

 

From: Kevin Kidd [mailto:kkbroadcastengineering@gmail.com]
Sent: Monday, May 15, 2017 8:33 AM
To: CRTech
Subject: Re: [CRTech] Radio automation computer got hacked

 

There are a number of references to that viri found by google.  Do you have a full backup?

Some of the removal instructions say that even if you pay the ransom, the hackers often don't respond.

Good luck,


Kevin C. Kidd, CSRE/AMD
Lawrenceburg, TN
AM Ground Systems Company  -  WD4RAT
kkidd@kkbc.com  --  866-22-RADIO -- 866-227-2346
www.amgroundsystems.com

 

On Sun, May 14, 2017 at 10:31 PM, Don Prentice <dprp1@cox.net> wrote:

HELP,

 

Has anyone else been hacked?  It was from decrypter@tutanota.com

 

It added .decrypter@tutanota.com to ALL file names!!!

 

Do I have to pay the ransom dollars?

 

Thanks,

Don

KCAS Radio Station

 

 

 

 

References: Radio automation computer got hacked
("Don Prentice" <dprp1@cox.net>, 15 May 2017 03:31:37 -0000)
Re: Radio automation computer got hacked
(Kevin Kidd <kkbroadcastengineering@gmail.com>, 15 May 2017 12:32:53 -0000)
Prev by date: RE: Radio automation computer got hacked
(Tom Raehl, 15 May 2017 12:52:00 -0000)
Next by date: AM tower tuning affected by fog
(Tom Van Gorkom, 15 May 2017 14:26:10 -0000)
Prev by thread: Re: Radio automation computer got hacked
(Kevin Kidd, 15 May 2017 12:32:53 -0000)
Next by thread: RE: Radio automation computer got hacked
(Tom Raehl, 15 May 2017 12:52:00 -0000)
CRTech.org