My web server was running a critical web service for my company network and was attacked by the Makop Ransomware. The majority of the php files and the databases have all been encrypted. Is there a way to decrypt these files especially the database? The last backup I have was made back in August. Any help or advice would be highly appreciated.
3
-
3Nuke & pave the machine. Recover your August backup. Learn a lesson for the future. A backup is only as good as the date it was generated & proven to work. Alternatively, pay the ransom & hope to hell you are given a decryption key [NOT recommended]. Here's a workthrough from a data recovery company - provendata.com/makop-ransomware-recovery which says the same thing in many more words.– TetsujinCommented Dec 20, 2021 at 12:55
-
Sadly agreeing here. The machine was compromised and the data recovered from it could not be trusted. Especially if it is a critical web service for your company. For replacement use a new machine or completely format the old one, update all software (the malware got in somehow, patch that first) and then look at recovering. Most likely restoring the data from backup. After that it becomes tricky and there will be pressure to copies files from the compromised machine. Take care with that since the last thing you want is to be compromised again.– HennesCommented Dec 20, 2021 at 13:07
-
Thanks everyone. I was really hoping a decryptor might have been released by now.– Joshua BisandaCommented Dec 21, 2021 at 4:21
Add a comment
|