The book is no longer. It was coming along nicely – albeit slowly – when a few months ago I stupidly allowed a ransomware virus into my computer. I say stupidly, but in my defence, the virus came ingeniously disguised in an authentic-looking email from Australia Post – with whom I had been corresponding that very morning.
The moment I opened the email, every single document and image on my computer (going back over thirty years); both password-protected external hard drives and two on-line back-up facilities were encrypted. The next instant a message popped up on the screen advising me of the lock-down and that if I paid six hundred and something dollars in Bitcoin within twenty-four hours, I would receive a password to unlock my files. After that period, the ransom would increase to thousands of dollars.
A quick Google search returned one key piece of advice: Do not pay! Apparently few, if any individuals have ever received the requisite password to restore their files. I contacted the local Spotty Youth who said he’d have a look at my computer and drives, but in his experience, all was lost.
All was lost. The manuscript is gone – even from the so-called protected drives and on-line storage. The only images I have retrieved are the few “in-the-white” and “polished” pictures I posted on this blog to accompany the completion of the first four chests. A friend had the bright idea that my camera’s memory card might contain the missing book images. Ironically, the card had reached capacity days earlier and consequently, the images had been uploaded to on-line storage for safekeeping.
I’ve been mulling over the options since the event and short of remaking the first four chests – which I’m not in the least inclined to do – the book, as intended, is a complete dud I’m afraid. I may still put a book together solely on what was to be the fifth chest in the original book. It’s a very fine mahogany chest and if I brush up on my descriptive writing, it should be possible to address many of the historical developments and techniques I no longer have detailed images of.
Every Sunday morning I now back everything up to a couple of 512GB flash drives and put them in a drawer when I’m done. Technology!
Jack Plane
I feel for you, having just lost 2.4 terabytes of work files and images, just as I was about to back up…… sob…..
LikeLike
Despicable bastards.
I hereby invoke the secret curse of the white goose, and place a permanent toothache on the cowardly scum.
LikeLike
Please accept my most sincere condolences. A friend who works in I.T. security for the Federal Police is trying to help us recover 3 years of medical data that was encrypted by ransomware. If we experience success with his energies, may I refer him to you? He’s no spotty youth, but nonetheless quite well-oiled in these matters.
Cheers, Michael A.
LikeLike
Please do!
JP
LikeLike
Bother!
LikeLike
… said Pooh, as he chambered another round.
JP
LikeLike
HA!
LikeLike
Hello Jack! So sorry to hear that, years of lost work, your year has been a difficult one, with this and especially having to adjust your own life after the death of your good lady late last year too.
Best regards, Andy
LikeLike
This is heart breaking and depressing news……Have you gone further than just “the local spotty youth”? Seeking more professional help? There are services that can retrieve information from even burned or erased drives, not cheap, but possible. Do not wipe, destroy or write over any of the external drives until a more knowledgeable source can examine them. Do not give up, If the files are still on the drives, Maybe just the disk’s directories that allow access are damaged or encrypted.. Which if repaired or rebuilt, might again give access to the information/files/photos…..Don’t give up……..Please…….. Selfishly……we want that book!
In a philosophical view, you now have a higher purpose. You need to carry on, remake the first four chests and complete the book as you planned….The information you provide is invaluable….and it needs to be preserved and passed on. Do not let these stinking bastards get the better of you!
LikeLiked by 1 person
My condolences, and I agree with Joe M. on the technology stuff–it seems unlikely that the data is completely wiped. It would be worth getting a second opinion. It will cost you, but I imagine the data is valuable, and at least the ransomer won’t be getting your money.
LikeLiked by 1 person
Hi, Good Morning. Some of these viruses are explored. May be your helpers find the right tool to get all files decrypted. Good Luck!
LikeLike
I found this just now: https://blog.botfrei.de/2016/07/ransomware-avg-veroeffentlicht-sechs-kostenfreie-entschluesselungs-tools/
Give this link a good professional. And on other sites are more tools for decrypting. There may be hope. Best Regards.
LikeLike
Thank you.
JP
LikeLike
Hi, try this site: https://id-ransomware.malwarehunterteam.com/
LikeLike
Thank you.
JP
LikeLike
Go to Microsoft.com, under their “malware protection center” page, FAQ “how do I remove ransomware”. Gives descriptions, some methods of removal and some links to further information on what to do.
LikeLike
I see that your email address has been rejected….so here is the address to MS’s page on ransomware.
Go to the FAQ, How do I remove ransomware from my PC and hit the expand to see some help to possibly remove encryption
https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx
Hope it helps..don’t give up
LikeLike
Joe, thank you for your concern. A couple of months down the track, I may come across as flippant, but I can tell you, at the time I was ropeable! The Spotty Youth (a very well informed young genius) and I spent days gleaning the latest info and possible fixes from the likes of McAfee, Microsoft, Norton, Kaspersky et al. Several commercial anti-encryption services offer guaranteed results for fees similar to the blackmailer’s, but the SY advised strongly against them. I could find no reviews of their results and they wouldn’t accept a down payment with the remainder paid on the successful restoration of my files.
My email address works fine this end.
JP
LikeLike
Man, I feel your pain!
Best of luck with that!
LikeLike
Shit! I feel for you, that totally sucks, all that work gone for ever. My mother was victim of some scumbag last year who talked her bank account details out of her. Easy target of course, a lonely old lady. It cost her several 1000 euro. Man was I pissed about that. It seems that thievery is a lot easier with the current technology.
LikeLike
That is a very sad state of affairs. Sorry to hear this JP. I sincerely hope you persist.
LikeLike
This is tragic I feel very sorry you. An act of bastardy.
LikeLike
I had the same thing happen, and I feel for you. You are doing the only logical thing – having two portable, large-capacity backup drives. I keep one at home and one at work, and I rotate them every Friday. Again, you have my sympathy.
LikeLike
A weekly device rotation only gives you one to two weeks to discover a problem with a file (corruption, deletion). Backup using a network service that retains multiple file versions for some period of time gives you a bigger window of time to recover in. There are a few of this type of service around.
LikeLike
I am so sorry to hear about this. I had been looking forward to a book by someone who genuinely and deeply knows and cares about the subject matter.
LikeLike
All my feeling’s said above,Sorry J.P.
LikeLike
I would suggest contacting Alastair MacGibbon, Special Adviser to the Prime Minister on Cyber Security. cyber@pmc.gov.au
LikeLike
Thank you!
JP
LikeLike
The online storage should be recoverable via the service. I have had similar dealings with recovery of the online materials, and, in the several cases, files that had been present on the server for any significant time have been backed up for recovery. The backups may not be available for long, but good practice in the industry says not to ovewright them the next backup cycle, and in several places I have worked, the incrementals were daily, with full weekly, and all incrementals were held through the next cycle. I would be surprised if most online services aren’t similar. Some even advertise version recovery, for a fee.
LikeLike
Fear of making matters worse, a weekend and an International Dateline conspired against me and by the time I had a reply from the on-line back-up people, all was lost at their end. Had I more experience and acted sooner, I probably could have retrieved the data.
JP
LikeLike
No!!!! Sorry to here
LikeLike
May I ask what computer system was hit- MAC or other?
LikeLike
PC.
JP
LikeLike
I am a young, self-taught, amateur woodworker from Northern Ireland, with a love of antiques, of beauty, craft, creativity, history; of timeless, traditional woodworking. It can be a lonely and at times frustrating hobby as I don’t know anyone locally who has a similar outlook and by following your blog you have become a mentor of sorts. Your knowledge, skill and passion is very inspiring. I have been keeping a particularly close eye for news of your book and needless to say your latest news is very saddening, to say the least. I feel for you. For what its worth, my hard-earned advice is simply: when life give you a kidney punch such as this, don’t give-in, just use this experience as a catalyst to make you more determined, persistent that ever….
LikeLike
Sorry to hear of your ransomware experience. If it’s any comfort to you..I received the same email from Australia Post, and as I was expecting a parcel at the very time that the email received, also followed the instructions to download the new shipping label. Et voila! Cryptolocker version 2, which has no known cure. The last 3 months have been horrendous due to the effect this ransomware infection has had on my business. A word of warning though..they are now using emails supposedly from utilities companies, such as AGL, asking the recipient to open their latest statement..it’s a nasty new ransomware world we’re living in right now.
LikeLike
I too have been recently ‘got’ by this plague, but it wasn’t from an email, it seems the scum can use a number of ‘exploits’ to load the malware from ads placed on web sites – they pay for and post a legitimate ad then change the code after a week or so – most web ad services are just in it for the money so they don’t bother to check what is uploaded to their ‘service’ as long as the bills are paid. Luckily for me the computer that was infected was only used for gaming and browsing when I am at a friends playing online games so the few .jpgs that were encrypted were valueless. And the encryption happened when the computer was turned off and didn’t show up until the next time I started it up, a few weeks later.
I have a few rules that have served me well so far – NEVER give your email address to any Government or Financial organisation – they are not trustworthy and regularly have private details accessed improperly by staff (most incidents involve an ‘insider’) or by criminals breaking thru flimsy security (again, oftern with the help of an insider). Several of them (Smelstra) also sell your details to various dodgy operators so you get bombarded with spam.
If you have to give an email address, use a Google mail, Yahoo mail or similar ‘free’ account, then carefully check the header information of the email – usually you have to go digging to find it, but it will show where the email really originated. It also helps to tell the serf you are dealing with that they need to include a nonsense phrase to get past your spam filter otherwise you will never see their message, e.g. ‘About the drains in East Hackney’ – no need to pay for a program then.
LikeLike
Sorry for your loss, Jack. Like some of the others, I can relate. It’s painful.
LikeLike
Sorry to hear of your loss.
I thought of you this morning when I saw this on The Huffington Post:
http://www.huffingtonpost.co.uk/entry/ransomware-removal-tool-no-more-ransom-will-unlock-your-files-for-free_uk_5797160ae4b0796a0b604a19?utm_hp_ref=uk
Now, I’m no computer person and I’m not recommending it but perhaps you could get your young turk to run his eye over it. It may be of some use.
Colin
LikeLike
Thank you.
JP
LikeLike
Pingback: One Million | Pegs and 'Tails
. I too have been recently ‘got’ by this plague, but it wasn’t from an email, it seems the scum can use a number of ‘exploits’ to load the malware from ads placed on web sites – they pay for and post a legitimate ad then change the code after a week or so – most web ad services are just in it for the money so they don’t bother to check what is uploaded to their ‘service’ as long as the bills are paid.
LikeLike
Jack …Then how about a special finishes book…to include antiquing techneques…ageing mirror glass techniques,,etc….or how about a series of smaller hand out sheets…CHARGE FOR THEM.I will pay…….I am 75 years ol;d but still interested in your methods. Robert R. Lindh…Western Pa. , USA.
LikeLike
You youngsters never give up! I have considered what you suggest however, time and a few other factors are against me at present. I’m still hopeful I might produce something later next year.
JP
LikeLike