Dino Cattaneo
Charter Member
Actually the virus is not that hard to remove - entering in safe mode with Win 8.1 is not a problem. Problem is that the malware had time to actually encrypt all my files.
-
There seems to be an uptick in Political comments in recent months. Those of us who are long time members of the site know that Political and Religious content has been banned for years. Nothing has changed. Please leave all political and religious comments out of the forums.
If you recently joined the forums you were not presented with this restriction in the terms of service. This was due to a conversion error when we went from vBulletin to Xenforo. We have updated our terms of service to reflect these corrections.
Please note any post refering to a politician will be considered political even if it is intended to be humor. Our experience is these topics have a way of dividing the forums and causing deep resentment among members. It is a poison to the community. We appreciate compliance with the rules.
The Staff of SOH
Dino Cattaneo posted bad news on Facebook
- Thread starter Navy Chief
- Start date
menef
Charter Member
Dino don't give up !!! The best answer to those virus-makers &
hackers is to continue better and STONGER than before
klnowak
Charter Member
Hi,
do you know this one ? Perhaps it can help ? But you shurly know this....
https://support.kaspersky.com/de/viruses/disinfection/8547#block3
Greetings
Klaus
do you know this one ? Perhaps it can help ? But you shurly know this....
https://support.kaspersky.com/de/viruses/disinfection/8547#block3
Greetings
Klaus
Dino Cattaneo
Charter Member
@Klaus
thank you, but afaik this does not work with Cerber - hopefully sooner or later a decryption tool for Cerber will pop up.
thank you, but afaik this does not work with Cerber - hopefully sooner or later a decryption tool for Cerber will pop up.
Chris Sykes
Charter Member
Sadly I have seen this through work many times and the only way to recover from this type of attack is to have a working offsite backup that is not associated through a drive or online sync such as one drive etc. Its a harsh thing to come across but to be effected I cant imagine how it would be.
Dino I feel for you and was so looking forward to your Eurofighter, if you can find a way to continue that will be awesome and im sure the FS community will get behind you fully!
Dino I feel for you and was so looking forward to your Eurofighter, if you can find a way to continue that will be awesome and im sure the FS community will get behind you fully!
Bjoern
worst developer ever
I don't think that anyone ever had a "unprovoked" virus infection
"Let me just open this file from an unknown and untrusted source, what could go wrong?"
snow_white
Charter Member
Sorry Dino to hear of your loss.
I firmly believe in complete system clones to backup drives not permanently linked to computor
Have 3 drives, cycle them every month, so I have copy of last month, 2 months ago and 3 months ago.
never so far been unable to recover from anything seriously going wrong. (touch wood) and never needed to go back past 1 month if I did have to restore and I had to restore a few times in couple years.
Yes computers crash, operating systems fail, drives fail. I have learned the hard way long long time ago.
proper backup is not negotiable for me and if my backup strategy fail me, then yes it will also be my last of flightsim. there is just NO WAY I am ever reinstalling fsx and all add-ons and struggling months to get FSX running as it is now.
I firmly believe in complete system clones to backup drives not permanently linked to computor
Have 3 drives, cycle them every month, so I have copy of last month, 2 months ago and 3 months ago.
never so far been unable to recover from anything seriously going wrong. (touch wood) and never needed to go back past 1 month if I did have to restore and I had to restore a few times in couple years.
Yes computers crash, operating systems fail, drives fail. I have learned the hard way long long time ago.
proper backup is not negotiable for me and if my backup strategy fail me, then yes it will also be my last of flightsim. there is just NO WAY I am ever reinstalling fsx and all add-ons and struggling months to get FSX running as it is now.
Dino Cattaneo
Charter Member
...well, it is a question of point of view - if you are getting a virus/malware you are, in a perspective, ALWAYS responsible... sure I did not made a backup on a physically separate location (my backup was on another HD which was in turn encrypted). Sure, you don't get this type of problem if you were not connected to the internet, and if you are it is safe to assume that you are not getting into this kind of problems if you only navigate on wikipedia, nasa.gov or esa.int.... and so long and so forth. So, it is - in that perspective - my reponsibility. Reality is that, while I have no problem in confessing that I sometime navigate in the darker areas of the net, I am not a completely dumb user - I keep my computer protected and I believe(d) I can tell a true system message from fake prompt.
Even taking my fair share of responsibility into this mess, it is also well clear that these guys are just lame criminals - and they are responsible in the first place.
Paying the ransom is indeed tempting, as I lost 5-6 years of work - along with configuration files, shortcuts etc. which were paramount for me. But - at least at the moment - my decision is:
- NOT to pay the ransom... as much as I think that my files are worth much more than 1.25 Bitcoins, I am giving money to criminals. They may be lame cybercriminals, or even terrorist or provide fundings for actions much more violent and serious than just stealing money.
- Will start a fresh new Windows installation (...and enter in the SSD era).
- Will try to complete and release the F-35 update (compiled files are OK, and the new avionics code is in place)
- Will evaluate what to do. I am so upset and disappointed that, frankly, just thinking of starting a new design without my legacy "digital resources" is way too much
- then...and patiently wait for someone to create a Decrypt tool for Cerber while I enjoy the summer.
Thank you all for your support.
Even taking my fair share of responsibility into this mess, it is also well clear that these guys are just lame criminals - and they are responsible in the first place.
Paying the ransom is indeed tempting, as I lost 5-6 years of work - along with configuration files, shortcuts etc. which were paramount for me. But - at least at the moment - my decision is:
- NOT to pay the ransom... as much as I think that my files are worth much more than 1.25 Bitcoins, I am giving money to criminals. They may be lame cybercriminals, or even terrorist or provide fundings for actions much more violent and serious than just stealing money.
- Will start a fresh new Windows installation (...and enter in the SSD era).
- Will try to complete and release the F-35 update (compiled files are OK, and the new avionics code is in place)
- Will evaluate what to do. I am so upset and disappointed that, frankly, just thinking of starting a new design without my legacy "digital resources" is way too much
- then...and patiently wait for someone to create a Decrypt tool for Cerber while I enjoy the summer.
Thank you all for your support.
tommieboy
SOH-CM-2025
I do off-site backups, but the backup is only as good as the files being backed up. If you unknowing backup infected files (which is easy to do), you may end up loosing your work in any case. Only had that happen once in the last thirty years or so, but it did happen. The infected files were going after the OS and taking the whole network down with it. After a week reformatting the RAID, reinstalling the OS, restoring the backups, etc. the decision was made to abandon all data files, including all offsite backups. Lots of unhappy employees and clients....but by the next week we were up and running again without any virus / OS issues.
Still, better to have an off-site backup than not.
Tommy
Still, better to have an off-site backup than not.
Tommy
Hi Dino,
First of all, you've no responsability at all. All the speeches that transform a victim in a culprit are unacceptable, as they increase the violence made by the criminals. You can regret things, but the sole responsible are the people who attacks you.
Second, thanks for all the things you bring to us. That means that we're also victims, and a whole community is touched by the events. I hope we could find something to help you, if you need it. That's a responsability, called solidarity.
Third : take a break and a breath. That's violence, as I already said. Maybe you'll find a solution. Or maybe this will be an opportunity to a fresh start on new projects. And there are hundreds of your planes that are flying on computers for the greatest joy of childs like us.
First of all, you've no responsability at all. All the speeches that transform a victim in a culprit are unacceptable, as they increase the violence made by the criminals. You can regret things, but the sole responsible are the people who attacks you.
Second, thanks for all the things you bring to us. That means that we're also victims, and a whole community is touched by the events. I hope we could find something to help you, if you need it. That's a responsability, called solidarity.
Third : take a break and a breath. That's violence, as I already said. Maybe you'll find a solution. Or maybe this will be an opportunity to a fresh start on new projects. And there are hundreds of your planes that are flying on computers for the greatest joy of childs like us.
Corrado5834
Charter Member
That's crystal clear to everybody here. I wonder if there's a way to prosecute them ...
Also everyone here can tell the difference between them and a great guy that has gifted tons of fun stuff to the flightsimming community during the years; for free. While those criminals are asking money what for ???? I guess you know Mafia ...
My guess is that, anyhow, you'll be up and running again in a few weeks, no matter what.
Best wishes,
Corrado
mikewmac
Charter Member
If 25 of us donated $20 each to a Dino Recovery Fund, the $500 could be used to pay the ransom for Dino and he would not have succumbed to these criminals since 25 very appreciative users of his freeware FS aircraft did it for him.
This might be considered risky due to there being no guarantee of success when dealing with criminals, but personally I'm more than happy to risk $20 for my past, present and future enjoyment from flying Dino's FS aircraft.
Edit: Since Dino is strongly opposed to this suggestion, I respectfully withdraw it.
Last edited:
Dino Cattaneo
Charter Member
Thank you all for your offers and you appreciation - but paying the ransom is not an option. Period.
And then, it is not the question of the money per se - 500 USD is a lot for many, but I could afford to pay them - it is just the fact that I do not want any money, coming directly or indirectly from my work, to go into criminal hands. It is just wrong.
And then, it is not the question of the money per se - 500 USD is a lot for many, but I could afford to pay them - it is just the fact that I do not want any money, coming directly or indirectly from my work, to go into criminal hands. It is just wrong.
The last thing you want to do is pay any kind of ransom. It only encourages these people to keep designing ransomware if they think it will pay off somehow.
Thankfully we are starting to break down and fix some of these types of viruses. Hoping Dino can wait out a cure for the Cerber variant.
For one, I am encouraged that Malwarebytes has a beta in progress.
https://blog.malwarebytes.org/malwa...ducing-the-malwarebytes-anti-ransomware-beta/
Been following this ransomware stuff for a while now. It spooked me enough that I cloned my main drive to a 2nd drive recently and keep it unplugged so I can hot swap and reboot in just minutes if anything ever happens to my main drive.
Thankfully we are starting to break down and fix some of these types of viruses. Hoping Dino can wait out a cure for the Cerber variant.
For one, I am encouraged that Malwarebytes has a beta in progress.
https://blog.malwarebytes.org/malwa...ducing-the-malwarebytes-anti-ransomware-beta/
Been following this ransomware stuff for a while now. It spooked me enough that I cloned my main drive to a 2nd drive recently and keep it unplugged so I can hot swap and reboot in just minutes if anything ever happens to my main drive.
Dino, are you really going to allow these criminals to destroy a hobby and craft you've honed and enjoyed for so many years? Not to mention the admiration and following from so many who have benefited from your work?
To me that's a far higher price than paying any ransom, for which I fully appreciate your views.
I hope you find the resolve to rise from this and not allow the experience to take something so valuable from you.
To me that's a far higher price than paying any ransom, for which I fully appreciate your views.
I hope you find the resolve to rise from this and not allow the experience to take something so valuable from you.
cortomalteseit
Charter Member
Dino, we are with you, whatever you decide to do!
Don't let those bastards overwhelm on your and our passion!!!
Don't let those bastards overwhelm on your and our passion!!!
mikewmac
Charter Member
I can't argue with your logic and wishes, so I have withdrawn my suggestion above.
Naismith
Charter Member
Reading this made me review my AV situation. W10 has Defender and will not sit comfortably with any other AV programs, in fact it switches off if any other AV is installed. A quick check of various sites gives an impression that Defender is just about "adequate" but not stellar for protection. I was always impressed in the past with W7 and the MS Security Essentials package, never having been infected in years. Anyway I have opted to go a combo 3rd party payware with AVG which seems to get amongst the highest reviews at the moment and Malwarebytes They can sit together quite the thing. First scan revealed 6 malwares residing on the PC that Defender had missed. Obviously the situation is fluid as one AV overtakes the other on a daily review basis. Generally it is a case of close eyes and hope for the best.