Is Your Windows System Infected with Globe3 Ransomware? A Free Tool Could Help You Decrypt Your Files

The Globe3 Ransomware only infects Windows computers. It will encrypt a victim’s files and then display a ransom note. If the computer owner doesn’t pay, the files are locked up forever, unless that owner has backup copies of the files made before the computer was infected with Globe3.

Comment: Why doesn’t EVERYONE make frequent backups? It is so easy to do. Many of today’s backup products will make periodic backup copies all the time with no human interaction. Oh well, that is a discussion for a different time…

Victims of the latest strain of Globe ransomware can now unlock their files without paying out money to cybercriminal extortionists, thanks to a newly released and free-to-use decryption tool. Details may be found in an article by Danny Palmer in the ZDNet web site at: https://goo.gl/KRo67v

2 thoughts on “Is Your Windows System Infected with Globe3 Ransomware? A Free Tool Could Help You Decrypt Your Files

  1. Many of today’s backup products will make periodic backup copies all the time with no human interaction.

    If there is no human interaction, the chances are that your backup media is permanently connected to your PC. Then if your PC gets ransomed the chances are so do any attached drives – so bye-bye backup!

    To be ransomware proof you need to have scanned your PC, connected the backup drive (and ideally disconnected from the network – just in case), do you back up and then disconnect your backup drive?

    Like

    • —> To be ransomware proof you need to have scanned your PC, connected the backup drive (and ideally disconnected from the network – just in case), do you back up and then disconnect your backup drive?

      Yes.

      First, I should point out that I normally use a Macintosh so it is not bothered by the Globe3 ransomware. I do have an old Windows 7 laptop but haven’t turned it on in 2 or 3 months. However, the method I use on the Mac should work the same on any Windows system.

      First, I have two backup products running all the time. One makes backup copies to an external hard drive connected to a USB port on the back of the computer. The other backup program makes backups to an online service “in the cloud.” The online service never connects as a mapped drive so programs like Globe3 that spread to mapped drives do not cause problems with the online backups. The online backup program sends its data by file transfers to a URL with user name and password encrypted and embedded in the URL, not to a mapped drive.

      Next, the backup made to the external USB drive are made to ENCRYPTED files in the external hard drive, not to normal system-type files. The encrypted files cannot be erased or overwritten without the use of the encryption key used to make the files. Even the file names are encrypted. The files can only be erased or overwritten by software running in the Administrator’s account.

      The second method relies upon the operating system’s functions for file access control so I suspect there is some possibility that a very clever hacker could find a way around it. I suspect that is a slim possibility, but theoretically possible.

      The first backup method that does not use mapped drives at all should be 100% safe against Globe3 and probably safe from other malicious software as well.

      Nothing is ever perfect in this world. Nothing is guaranteed safe. However, I do believe these backup methods will keep most computers safe from Globe3 and most similar programs.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s