From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Fwd: Encryption info
Date: Mon, 5 Jan 2015 13:54:38 +0100 [thread overview]
Message-ID: <20150105125438.GA12908@tansi.org> (raw)
In-Reply-To: <CA+JQLgK3+oEYG-B1ETvhLUD5v0y16jTnsuutRY7dT=d7UkxH+Q@mail.gmail.com>
Yes, you got owned by some criminals.
But cryptsetup is exceedingly unlikely to have anything to do
with this, as it runs only on Linux and you seem to be on
Windows.
Sorry, we cannot help you.
The common wisdom with these types of people are though that most
seem to be taking the money but will not provide any decryption
key.
Side note to others here: This seems genuine if rather clueless.
At least virustotal did not find anything in the jpegs.
Arno
On Mon, Jan 05, 2015 at 10:51:28 CET, Gary Evetts wrote:
> Good Day,
>
> Please see attached the following pics of the screen I came to see when
> looking at our 2003 server after the holiday season interval. I am
> presuming the invidual/s who have done this have used your software to
> encrypt the data files on the server. Only through google search of the
> email address they are using to correspond their demands with, did I find a
> link to your website. I believe I have traced the infiltration source app
> with the server logs - that being Terminal services. They then used the
> built in Administrator account ton the 24 December to log onto the server
> which was not logged in at the time but only on the log-on screen. What
> that password is - is unknown to me as it is the default build account.
>
> Are you able to help me with the un-encrypting of the data files that have
> been encrypted or are the offenders the only source of a resolution?
>
> Many thanks,
>
> Regards,
>
> Gary
>
>
> ---------- Forwarded message ----------
> From: Gary Evetts <gary@it-inc.co.za>
> Date: 5 January 2015 at 10:08
> Subject: Encryption info
> To: "gcevetts@gmail.com" <gcevetts@gmail.com>
>
>
>
>
>
>
>
>
>
>
>
>
> Regards,
>
> Gary Evetts
>
> IT-Inc
> 072 211 1613
> www.it-inc.co.za
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
next prev parent reply other threads:[~2015-01-05 12:54 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <7FD87F5D-AD43-4CC1-8FBA-724919533835@it-inc.co.za>
2015-01-05 9:51 ` [dm-crypt] Fwd: Encryption info Gary Evetts
2015-01-05 12:54 ` Arno Wagner [this message]
2015-01-06 6:47 ` Heinz Diehl
2015-01-06 8:33 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150105125438.GA12908@tansi.org \
--to=arno@wagner.name \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.