MY COMPUTER WAS HACKED!!!

  • 1
  • Problem
  • Updated 4 weeks ago
On November 20 2018, my computer was hacked and the folders that Trend Micro was protecting were hijacked with encryption.  People have stolen my identity and borrowing money all over town. I am very disappointed with this program and I now have to look for another anti virus software to protect me.  I rang their support and they couldnt help me and they still have written a program to solve my issue.   I have been with Trend Micro for years so i have been let down, big time.
Photo of thevinylroom

thevinylroom

  • 100 Points 100 badge 2x thumb

Posted 1 month ago

  • 1
Photo of TM_X

TM_X, Official Rep

  • 7,658 Points 5k badge 2x thumb
Hi thevinylroom,

I'm sorry to hear of your experience. Are you able to send us a screenshot of the encrypted files showing their file extension? By any chance, is it listed on the supported ransomware families our tool in below link can decrypt? If yes, please follow the step-by-step instructions in running the Ransomware Decryptor Tool. 

https://success.trendmicro.com/solution/1114221-downloading-and-using-the-trend-micro-ransomware-fil...

Also, I don't see any contact from you on any of our support channels aside from this one. May I know what phone number did you call for help and what do you mean by "they still have written a program to solve my issue"? I hope my suspicion that you've reached a tech support scam hotline isn't true. 

Awaiting your response. 

^X
Photo of thevinylroom

thevinylroom

  • 100 Points 100 badge 2x thumb
Sorry i meant "they havent written a program to solve my problem".  i called the support number of Trend Micro that day.  they advised that the ransomware i had been affected by, Trend Micro did not have a file decryptor for it.  Trend Micro took a lot of information from my computer remotely that day of the phone call to assist them in finding a cure.  The files were encrypted with QWEUIRTKSD encryption.

Photo of thevinylroom

thevinylroom

  • 100 Points 100 badge 2x thumb
I use the file decryptor program suggested above daily, but to no avail.

Photo of TM_X

TM_X, Official Rep

  • 7,658 Points 5k badge 2x thumb
Hi thevinylroom

I'm sorry to hear of your experience. I'm afraid we can no longer do much about it as the encryption happened a month ago, but allow me to explain one possible way how the ransomware attack happened.

Ransomware is triggered manually, which means that it requires human intervention for it to be executed. This also applies in QWEUIRTKSD ransomware variant. The hacking that you mentioned proves this intervention. Now... how do hacking works? Hackers usually penetrate your system by targeting your network first -- turning the firewall off, re-configuring network settings, and disabling your device's security software. This is where Trend Micro, unfortunately, has no control over as we only protect the end-point devices. That's why we always recommend that for added protection, make sure that the operating system of your computer is always updated and your network firmware is always up to date. 

The algorithm of the QWEUIRTKSD ransomware is complex, and the lack of sample makes it difficult to decrypt. However, you can monitor the Ransomware Decryptor Tool link that I sent you because we update it from time to time reflecting the latest ransomware variant we can decrypt. 

^X
Photo of thevinylroom

thevinylroom

  • 100 Points 100 badge 2x thumb
Thanks for the reply What should i look for "re-configuring network settings" ??? can i see something that i could repair????

Photo of TM_X

TM_X, Official Rep

  • 7,658 Points 5k badge 2x thumb
For network settings, you may check if your router has the latest firmware for its device model. You may seek help from the manufacturer, or if it is a standard router provided by your ISP, you may contact them to ask if it already has the latest firmware. You may also set static IP addresses and Mac address filtering if your router has this capability so that external connections to your network would be Mac Address specific to those that you own and know of. 

Hope this helps.

^X
(Edited)