[CRTech] Christian Radio Tech [MSG 79862]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
RE: Radio automation computer got hacked
To: CRTech <crtech@crtech.org>
Subject: RE: Radio automation computer got hacked
From: Andy Lynch <andy@myitguys.us>
Date: Wed, 17 May 2017 19:28:18 +0000
Accept-language: en-US
Authentication-results: crtech.org; dkim=none (message not signed) header.d=none;crtech.org; dmarc=none action=none header.from=myitguys.us;
Content-language: en-US
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=appriver3651000855.onmicrosoft.com; s=selector1-myitguys-us; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=8ZO3xq/elYPNwxIT3rD/+gKx5KmMAvc7SyFDfYKnHQ0=; b=JJYExIFdFSAWk6bZfWg9syhMzVO+2MmydVBw9yTFecRmS2a0Pv93XZaVHzgCSRLBtkInG4hUXNQ0vTd9orGLVDoumRwK7oGWZPR7qefzTXsPBhOYjNhB3GL/s4FnVFcjiVCcuF8UkU/UEy1Q7K3I1Pb1artgAOUhrs7DI6RT9QM=
In-reply-to: <017901d2cf31$94202f10$bc608d30$@cox.net>
References: <007b01d2cd2b$befd8820$3cf89860$@cox.net> <LuJy1v00J4xsDPQ01uJz1g> <017901d2cf31$94202f10$bc608d30$@cox.net>
Spamdiagnosticmetadata: NSPM
Spamdiagnosticoutput: 1:99
Thread-index: AdLNKxBv6Gx2OXVzRIeEyj4AXIvEhwFCoOseo2+2HNCjdZpKcA==
Thread-topic: [CRTech] Radio automation computer got hacked

This nasty stuff infects one workstation (typically from an email, as I understand it) and then spreads internally via network shares, so any PC on the network could have infected it… (just wanted to make sure you were aware of that detail?)

 

Andy

 

 

 

From: Don Prentice [mailto:dprp1@cox.net]
Sent: Wednesday, May 17, 2017 1:18 PM
To: 'CRTech' <crtech@crtech.org>
Subject: RE: [CRTech] Radio automation computer got hacked

 

This is an external email. Please consider the risks before clicking links or opening attachments.

John,

 

I have no idea…don’t have email on that computer.  Maybe Tight VNC?  I had installed ALL of the latest updates on the computers and they are win7 OS.

 

I normally use LOGMEIN.com to get to the computers.

 

I am looking for a virus remover software to run on everything to make sure they are clean before starting over---I do have to use backup data drives that were off site but still want to check before using anything.

 

It just spread to the production computer.  It has just been a nightmare.  It also hit one of my onsite backup drives too.

I took the network cables  off all the computers and just run the audio through them---they have audio processing cards in them.

 

I will have to start over with new hard drives and reinstall EVERYTHING!!

 

I think they found my IP and got through my router or something.

 

I am operating the station through a Barix to stay isolated from the studio drives!

 

Having a virus remover is great but it is like replacing the “broken down door but ALL of the things stolen are still gone!”

 

I emailed “them” right away but never got a response on how much or anything!

 

Let me know of a small virus software to strip the ransom virus before I use any drives.

 

Thanks,

Don

 

From: John Stortz [mailto:ka4flx@gmail.com]
Sent: Monday, May 15, 2017 11:19 PM
To: CRTech <crtech@crtech.org>
Subject: Re: [CRTech] Radio automation computer got hacked

 

Don,

Any idea how it became launched?


John S.

 

*Politics is the gentle art of getting votes from the poor and campaign funds from the rich, by promising to protect each from the other.

*~Oscar Ameringer~

  

 

On Sun, May 14, 2017 at 11:31 PM, Don Prentice <dprp1@cox.net> wrote:

HELP,

 

Has anyone else been hacked?  It was from decrypter@tutanota.com

 

It added .decrypter@tutanota.com to ALL file names!!!

 

Do I have to pay the ransom dollars?

 

Thanks,

Don

KCAS Radio Station

 

 

 

 

References: Radio automation computer got hacked
("Don Prentice" <dprp1@cox.net>, 15 May 2017 03:31:37 -0000)
RE: Radio automation computer got hacked
("Don Prentice" <dprp1@cox.net>, 17 May 2017 17:18:28 -0000)
Prev by date: RE: Radio automation computer got hacked
(Alan Kilgore, 17 May 2017 17:52:20 -0000)
Next by date: Re: Radio automation computer got hacked
(Sherrod Munday, 17 May 2017 19:31:24 -0000)
Prev by thread: RE: Radio automation computer got hacked
(Alan Kilgore, 17 May 2017 17:52:20 -0000)
Next by thread: Re: Radio automation computer got hacked
(Sherrod Munday, 17 May 2017 19:31:24 -0000)
CRTech.org