01-17-2021 , 09:53 PM
https://www.bleepingcomputer.com/forums/...-hundreds/
HELP! IOBit forum hacked? "Free 1 year license" malware link sent to hundreds.
Gender:Male
Location:Houston
Local time:02:50 PM
Posted Today, 12:56 PM
A few weeks ago, I registered to the IOBit Software Support Forums to report a bug in their software. Yesterday, I received an email (appearing to be) from them awarding forum members "a free 1-year license" with download link.
I'm usually a tech savvy guy and know better to download/run strange software, but everything looked legit (email address, artwork, link on their URL), so I downloaded the "freebie" patch that all alleged to register my IOBit software.
Hours later, my computer was completely trashed. Fortunately, I backup my boot drive every month and was able to get a working system again, but the damage the malware did was extensive and I need help recovering.
The malware went through my computer and changed the extension of over 121K files to ".DeroHE". Worse, it either corrupted the headers of those files or they are only fragments of files.
Text files are no problem. Simply change the extension to ".txt". But thousands of other files were not only renamed, but the file type was stripped from the header (bmp, ico, png, jpg, zip, rar, pdf... you name it. Trashed.) Trashed files can't be even be identified by examining the header in "Notepad++". Source code files belonging to my "Visual Studio" projects also trashed. The damage (and possible loss) is extraordinary.
And "Windows Defender" missed it all. :devil:
To recover from this disaster, I need two things: A utility that can identify/fix the now unidentifiable files, and a program that can find & rename every file whose extension was changed (preferably one program that can do both.) Do you know how long it would take to go through 121K+ files by hand, identify them (if possible) and rename them? Just the text messages alone would take ages.
I'm beyond pissed. Even the "IOBit" website appears to be down as I tried to report the problem (either hacked or they took it down themselves till they remedy the hack.)
HELP!
HELP! IOBit forum hacked? "Free 1 year license" malware link sent to hundreds.
Gender:Male
Location:Houston
Local time:02:50 PM
Posted Today, 12:56 PM
A few weeks ago, I registered to the IOBit Software Support Forums to report a bug in their software. Yesterday, I received an email (appearing to be) from them awarding forum members "a free 1-year license" with download link.
I'm usually a tech savvy guy and know better to download/run strange software, but everything looked legit (email address, artwork, link on their URL), so I downloaded the "freebie" patch that all alleged to register my IOBit software.
Hours later, my computer was completely trashed. Fortunately, I backup my boot drive every month and was able to get a working system again, but the damage the malware did was extensive and I need help recovering.
The malware went through my computer and changed the extension of over 121K files to ".DeroHE". Worse, it either corrupted the headers of those files or they are only fragments of files.
Text files are no problem. Simply change the extension to ".txt". But thousands of other files were not only renamed, but the file type was stripped from the header (bmp, ico, png, jpg, zip, rar, pdf... you name it. Trashed.) Trashed files can't be even be identified by examining the header in "Notepad++". Source code files belonging to my "Visual Studio" projects also trashed. The damage (and possible loss) is extraordinary.
And "Windows Defender" missed it all. :devil:
To recover from this disaster, I need two things: A utility that can identify/fix the now unidentifiable files, and a program that can find & rename every file whose extension was changed (preferably one program that can do both.) Do you know how long it would take to go through 121K+ files by hand, identify them (if possible) and rename them? Just the text messages alone would take ages.
I'm beyond pissed. Even the "IOBit" website appears to be down as I tried to report the problem (either hacked or they took it down themselves till they remedy the hack.)
HELP!