[dm-crypt] Fwd: Encryption info

Gary Evetts gcevetts at gmail.com
Mon Jan 5 10:51:28 CET 2015

Good Day,

Please see attached the following pics of the screen I came to see when
looking at our 2003 server after the holiday season interval. I am
presuming the invidual/s who have done this have used your software to
encrypt the data files on the server. Only through google search of the
email address they are using to correspond their demands with, did I find a
link to your website. I believe I have traced the infiltration source app
with the server logs - that being Terminal services. They then used the
built in Administrator account ton the 24 December to log onto the server
which was not logged in at the time but only on the log-on screen. What
that password is - is unknown to me as it is the default build account.

Are you able to help me with the un-encrypting of the data files that have
been encrypted or are the offenders the only source of a resolution?

Many thanks,



---------- Forwarded message ----------
From: Gary Evetts <gary at it-inc.co.za>
Date: 5 January 2015 at 10:08
Subject: Encryption info
To: "gcevetts at gmail.com" <gcevetts at gmail.com>


Gary Evetts

072 211 1613
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20150105/ce3d3cba/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: photo 1.JPG
Type: image/jpeg
Size: 138327 bytes
Desc: not available
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20150105/ce3d3cba/attachment-0002.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: photo 2.JPG
Type: image/jpeg
Size: 109490 bytes
Desc: not available
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20150105/ce3d3cba/attachment-0003.jpe>

More information about the dm-crypt mailing list