Login

r/ransomwarehelp

▲ 16 r/ransomwarehelp+1 crossposts

Should I just erase (or trash) my old ransomwared NAS at this point?

Hello. I have a QNAP NAS that was locked by ransomware probably 10 years ago. I'm sure I could pinpoint exactly when with a little research, I know it hit a lot of people at the time by exploiting some some vulnerability in the QNAP software. I didn't pay the ransom, and I've been lugging this thing around with me since thinking someday I might be able to recover it. Is this a total pipedream? Should I just format the thing, or is that not even safe? I don't even know if I can connect it to anything without spreading the ransomware.

reddit.com
u/Ancient_Past_5363 — 3 days ago
▲ 4 r/ransomwarehelp+1 crossposts

Makop ransomware

Is there any known decryptor for this ransomware family?
Current situation:
- No backups available.
- Initial point of infection is unknown.
- Organization-wide compromise.
- Encrypted files have a double extension. A random 5-character string is appended after the original file extension.
- Ransom note provides only an email address for communication. No tox communication.
- OSINT on the email address shows it appears to be newly created, with no leaks, mentions, or known attribution.
At this stage, what are the best sources for additional intelligence and attribution? How to know the small threat actor group behind it?
Specifically:
Are there repositories or databases that can help identify the ransomware family based on file naming patterns and extensions?
What artifacts should I focus on collecting when the initial infection vector is unknown?
Are there threat intelligence platforms, ransomware-tracking projects, or malware repositories that may help correlate a fresh email address with a known actor?
Has anyone encountered a ransomware strain that appends a random 5-character suffix after the extension?
I understand determining the infection vector is important for containment and scoping, but with no decryptor, no backups, and limited indicators, I'm trying to identify the threat actor or ransomware family first to determine whether recovery options exist.
How did you reach to Makop ransomware? Ransom note, encrypted file size is similar. Yes only those two.
Any guidance would be appreciated.

reddit.com
u/Numerous_Aide6139 — 10 days ago
▲ 0 r/ransomwarehelp

What are these?

so I barely left my laptop alone and for some reason, a bunch of pop ups kept appearing that my device was hacked in russia and stuff

​

i just turned these off in my notifications but im not sure if they're gone gone

​

i kept using the virus scan on windows defender but nothing appeared and these just kept going until i stopped it

​

any help on my next steps to do (I was using Microsoft Edge until recently I've started using Brave if thats any help)

u/samieep — 13 days ago