Help. Need to buy 1 Coin

[Need1fkncoin]

I need to buy 1 coin or .79 of one coin to unlock the latest CryptoWall Virus on a employee computer. There is no other solution then to try paying them to release his files. he had no back up or restore points

I am trying to buy 1 coin using American Express Business card.

Tried Virwox- max 78$ deposit - doubtful they would let me deposit multiple times

Coinmama- doesn't seem to allow us users
Coin.mx- really doesn't seem legit and also doesn't accept AMEX

Anyone have any other suggestions? may have to find an in person exchange for $700 - 1 btc locally.

Any help greatly appreciated.

Thanks.

[franky1]

I need to buy 1 coin or .79 of one coin to unlock the latest CryptoWall Virus on a employee computer. There is no other solution then to try paying them to release his files. he had no back up or restore points

I am trying to buy 1 coin using American Express Business card.

Tried Virwox- max 78$ deposit - doubtful they would let me deposit multiple times

Coinmama- doesn't seem to allow us users
Coin.mx- really doesn't seem legit and also doesn't accept AMEX

Anyone have any other suggestions? may have to find an in person exchange for $700 - 1 btc locally.

Any help greatly appreciated.

Thanks.

localbitcoins.com

[gadman2]

This is a ransom virus asking you to send bitcoins to "unlock" a antivirus. Take your PC to a local shop. There's nothing wrong with your computer except that you downloaded a virus.

http://en.wikipedia.org/wiki/Ransomware_(malware)

[Cryptopher]

Ugh, don't give in to this ransom virus unless it is of the utmost urgency. At least through Bitcoin you wouldn't be exposing your credit card details to those holding your machine ransom.

In future take greater care of your machine, that includes anybody else who may use it too.

[Need1fkncoin]

not mine. Its an employee, I work IT and am tasked to fix it, basically get his info back at any cost. . Am I correct to understand that I cannot buy a coin with CC because of so many scams/cancelled transactions?
Have been searching the local exchange thing. any other choices?

Goodluck fixing this  

If he had been on carbonite or had a single system restore point on his computer I could get his data back. At this point, super easy to get rid of the virus but every file is encrypted. Meaning none of them are able to open, even once the virus is gone. So basically I have to go on faith and pay them to give me a code. Awesome I know.



New Ransomware CryptoWall Comes With Nasty Twist
There is a new ransomware strain called CryptoWall hitting organizations. Late April, the cyber criminals who developed the CryptoDefense ransomware released a new variant called CryptoWall. This strain is for the most part the same as CryptoDefense except another brand name, different filenames for the ransom instructions, and a whole new attack vector.

IT security pundits speculated that either the criminals released a new version because CryptoDefense was being blocked by endpoint protection software, or that they sold their source code to another cyber mafia. The bad news is that the earlier vulnerability of CryptoDefense has been fixed and you can no longer yourself decrypt files that are encrypted by CryptoWall.

This puppy comes with a nasty twist though, it no longer requires a user to open an infected attachment, but uses a fresh vulnerability in Java. Malicious advertisements on domains belonging to Disney, Facebook, The Guardian newspaper and many others are leading people to sites that are CryptoWall infected and encrypt their drives. There is a massive attack reported by Cisco, and they have a heatmap with the countries primarily targeted. The US is, predictably, the most affected, with the UK coming in second. Map at the KnowBe4 Blog:
http://blog.knowbe4.com/bid/388403/New-Ransomware-CryptoWall-Comes-With-A-Twist

Since Cisco began blocking the attacks on April 24, its researchers said they had blocked requests to over 90 infected web domains for more than 17 percent of its cloud-security customer base. Mind you, Cisco's customer base for their cloud web security is really large, so 17% is big numbers.

In the mean time, back at the ranch, ransomware grand-daddy CryptoLocker has continued to improve the quality of its spear-phishing attacks with fake fax announcement messages that start to look very real. They also improved their marketing, as the latest version provides a new feature which is a button that gives you the chance to "Decrypt 1 file for FREE" and is fully functional. Oh Joy.

Yes, the CryptoLocker network was taken over by the Feds last week, but there are three competing gangs, and cyber criminals more than anyone build their systems to be robust, redundant and fault-tolerant because they know from the get-go they will be shut down sooner rather than later. They do not go away, they get mad and come back with an even more resilient malware version.

It's a very good idea to step your end-users through effective Kevin Mitnick Security Awareness Training. You can get a free quote to find out how much this would be for your organization. You'll be pleasantly surprised how affordable this is, and this month it comes with an innovative crypto-ransom offer you will like:
http://info.knowbe4.com/we-will-pay-your-crypto-ransom

If your network gets hit with this, look at time stamps and owner(s) of the decrypt_instructions files that were loaded to the (mapped) drives. That's how you can identify which workstation it originally came from and (re-)train the user. Reformat/reimage their PC (a.k.a. "nuke from orbit") and restore all the directories that have those encrypted files. Do a restore from a backup prior to the date you see listed on the file creations.

In case you do not have recent backups, pay the ransom and hope for the best. Surprisingly these criminals do their best to decrypt your files, it's their "reputation" after all! But do not waste a crisis like this and use it to your advantage. Strengthen your policies and IT Best Practices. Keep your systems patched and your users on their toes with security top of mind!

[LouReed]

This is a ransom virus asking you to send bitcoins to "unlock" a antivirus. Take your PC to a local shop. There's nothing wrong with your computer except that you downloaded a virus.

http://en.wikipedia.org/wiki/Ransomware_(malware)

If it's anything like Cryptolocker, then I highly doubt he will just be able to take it in to his local computer shop for repair.

CryptoLocker
Main article: CryptoLocker

Encrypting ransomware reappeared in 2013 with a worm known as "CryptoLocker". Distributed either as an attachment to a malicious e-mail or as a drive-by download, CryptoLocker first attempts to connect to a command-and-control server, after which it generates a 2048-bit RSA public and private key pair, and uploads the key to the server. The malware then attempts to encrypt data on any local or network storage drive that the user can access using a 2048-bit RSA key, targeting files matching a whitelist of file extensions. While the public key is stored on the computer, the private key is stored on the command-and-control server; CryptoLocker demands a payment with either a MoneyPak card or Bitcoin to recover the key and begin decrypting files, and threatens to delete the private key if a payment is not received within 3 days. Due to the extremely large key size it uses, analysts and those affected by the worm have considered CryptoLocker to be extremely difficult to repair.[36][37][16][38]

[BurtW]

Your best bet is to buy the BTC you need for cash at the web site https://localbitcoins.com

I am a Hero Member with years of experience in Bitcoins on the https://bitcointalk.org web site and can answer any questions you might have.

Just send me a PM if you need any help.

People will not accept any form of reversible money (credit cards, paypal, etc.) for irreversible Bitcoins.  That is why cash is used because it is the only form of fiat currency that is not reversible.

[LouReed]

not mine. Its an employee, I work IT and am tasked to fix it, basically get his info back at any cost. . Am I correct to understand that I cannot buy a coin with CC because of so many scams/cancelled transactions?
Have been searching the local exchange thing. any other choices?

Goodluck fixing this



New Ransomware CryptoWall Comes With Nasty Twist
There is a new ransomware strain called CryptoWall hitting organizations. Late April, the cyber criminals who developed the CryptoDefense ransomware released a new variant called CryptoWall. This strain is for the most part the same as CryptoDefense except another brand name, different filenames for the ransom instructions, and a whole new attack vector.

IT security pundits speculated that either the criminals released a new version because CryptoDefense was being blocked by endpoint protection software, or that they sold their source code to another cyber mafia. The bad news is that the earlier vulnerability of CryptoDefense has been fixed and you can no longer yourself decrypt files that are encrypted by CryptoWall.

This puppy comes with a nasty twist though, it no longer requires a user to open an infected attachment, but uses a fresh vulnerability in Java. Malicious advertisements on domains belonging to Disney, Facebook, The Guardian newspaper and many others are leading people to sites that are CryptoWall infected and encrypt their drives. There is a massive attack reported by Cisco, and they have a heatmap with the countries primarily targeted. The US is, predictably, the most affected, with the UK coming in second. Map at the KnowBe4 Blog:
http://blog.knowbe4.com/bid/388403/New-Ransomware-CryptoWall-Comes-With-A-Twist

Since Cisco began blocking the attacks on April 24, its researchers said they had blocked requests to over 90 infected web domains for more than 17 percent of its cloud-security customer base. Mind you, Cisco's customer base for their cloud web security is really large, so 17% is big numbers.

In the mean time, back at the ranch, ransomware grand-daddy CryptoLocker has continued to improve the quality of its spear-phishing attacks with fake fax announcement messages that start to look very real. They also improved their marketing, as the latest version provides a new feature which is a button that gives you the chance to "Decrypt 1 file for FREE" and is fully functional. Oh Joy.

Yes, the CryptoLocker network was taken over by the Feds last week, but there are three competing gangs, and cyber criminals more than anyone build their systems to be robust, redundant and fault-tolerant because they know from the get-go they will be shut down sooner rather than later. They do not go away, they get mad and come back with an even more resilient malware version.

It's a very good idea to step your end-users through effective Kevin Mitnick Security Awareness Training. You can get a free quote to find out how much this would be for your organization. You'll be pleasantly surprised how affordable this is, and this month it comes with an innovative crypto-ransom offer you will like:
http://info.knowbe4.com/we-will-pay-your-crypto-ransom

If your network gets hit with this, look at time stamps and owner(s) of the decrypt_instructions files that were loaded to the (mapped) drives. That's how you can identify which workstation it originally came from and (re-)train the user. Reformat/reimage their PC (a.k.a. "nuke from orbit") and restore all the directories that have those encrypted files. Do a restore from a backup prior to the date you see listed on the file creations.

In case you do not have recent backups, pay the ransom and hope for the best. Surprisingly these criminals do their best to decrypt your files, it's their "reputation" after all! But do not waste a crisis like this and use it to your advantage. Strengthen your policies and IT Best Practices. Keep your systems patched and your users on their toes with security top of mind!

I sent you a pm. Are you in the USA? I can help you acquire Bitcoin to get this taken care of, but I do not accept CC. PM me to discuss other payment options. Here is a link to my trust rating to show that I am not just blowing smoke:

https://bitcointalk.org/index.php?action=trust;u=52185

[notlist3d]

I need to buy 1 coin or .79 of one coin to unlock the latest CryptoWall Virus on a employee computer. There is no other solution then to try paying them to release his files. he had no back up or restore points

I am trying to buy 1 coin using American Express Business card.

Tried Virwox- max 78$ deposit - doubtful they would let me deposit multiple times

Coinmama- doesn't seem to allow us users
Coin.mx- really doesn't seem legit and also doesn't accept AMEX

Anyone have any other suggestions? may have to find an in person exchange for $700 - 1 btc locally.

Any help greatly appreciated.

Thanks.

DO NOT PAY THE RANSOMWARE!  Even if you pay it's still on your computer.  And if this is a business computer.... I hope you don't keep confidential info on it.

If you google the message or name of it most likely you will find a fix.  Most of these you need to boot into safemode as they block anti-virus.  Might need to end a task or two in safe mode aswell.  Then install a antivirus if you weren't running one or try to run your virus protection, and also for malware. 

If you cannot do it find a local business/service to remove it.  You want it off of a business computer......

[gadman2]

Just reinstall, cut your losses and go on. If your losses are somehow greater than 1 bitcoin, then consider it a tough lesson in backups. I highly doubt the computer will be the same even if you pay the ransom.

[notlist3d]

Just reinstall, cut your losses and go on. If your losses are somehow greater than 1 bitcoin, then consider it a tough lesson in backups. I highly doubt the computer will be the same even if you pay the ransom.

The biggest worry I would have is it being a business computer.  I sure hope you don't store confidential information on it.   And with backup's it could still be on it, just has not launched yet.  So make sure to run anti-virus, malaware checks if you do use a back up.  I even suggest trying multiple anti-virus programs if you do fix it on scans to make sure.

[DannyHamilton]

franky1, LouReed, and BurtW are all giving you good advice.  You can pretty much ignore the rest of the people in this thread so far that either don't understand your problem, or don't care about helping you get your data back.

Please note however, that there is a VERY good chance that you will NOT receive the decryption key after paying the ransom. If you don't have a backup that you can restore from, and you are desperate enough to take the chance, there is a possibility that paying the ransom will allow you to regain access to your data, but you should probably be prepared to be out both the money and the data.

BurtW and LouReed are both generally recognized as trustworthy around here.  Either (or both) of them should be able to help you quickly acquire the bitcoins that you need.  If you are anywhere near the Chicago area, I can meet up with you and assist as well.

[thejewelrytech]

I work in I.T and have a lot of experience in virus removals it's something I get paid to do. I've had experience removing ransomware used to get customers who would freak out because the ransomware  would hijack the webcam and take a picture of you saying they knew who you are and you must pay and i was able to get rid of those although I haven't worked on the new ransom wares so not sure if the same techniques will work?This is what has worked in the past
 I would first look for a program it's called HIREN's BOOT CD it creates a virtual windows xp operating system that you load to a USB or copy and boot from disk and its loaded with anti virus software and doesn't boot up your operating system so you can get rid of it on the virtual disk there is a program called COMBOFIX that comes with it this will usually get rid of it but it will only work with Windows 7 and Below operating systems won't work with windows 8 you would have to do some googling to find it if you can't find it? Then go to majorgeeks.com you can find Combofix there you should also download the programs Old time Temp file cleaner,Malwarebyte and Superanti spyware and CC cleaner.These are all Free programs or at least Free 30 day trial.
 You will have to boot into safemode with networking and when booted into safemode you will first have have to go to ViEW folder Files this is found in the Control Panel press the ALT button and the top of the screen there will be a section that says View Folder Options and you want to first UNHIDE HIDDEN FILES and Operating system Files. Then you will want to Run Temp file cleaner and you will probably have to reboot after it runs and cleans out files. After that and on reboot run Malware byte Full scan will probably take about a hour to run then after that run Combofix again this can take up to another hour and after it runs it will reboot and tell you what it finds in a Log found in C:/ drive where windows operating system is stored depending on how bad machine is infected and what was removed? If your able get combofix to run through successfuly?Then your most likely Good you might also will want to run it again in normal mode just to be safe for getting rid of the virus fully if it runs through successfully then afterword  do a full scan with Super Anti spyware and then finally run CC cleaner and clean out the registry. Afterwords if all the programs run through ok make sure to go back and Re Hide your hidden files and operating system files and uninstall combofix by ,Click on the “Start” button.

2,Select Run ( if on windows xp).

3,Copy combofix /uninstall into the box ,click on the OK button ,(why copy? thers is an space between the fix and the /u) ,combofix will work itself,click OK if there is any dialog box.
 I've used this on older ransomware last year and it worked no problem so not sure if it will work with cryptowall but its definitely worth trying these are the steps I would do with virus removals and have over 95% success rate because who's to say they won't just ask for more? or reinfect anytime they please because it will still be there in your system? Hope this helps...

[Mike323]

Hey,

I accept credit cards (via paypal) no problem. I've never done this before though so I may prefer incremental payments. Send me a private message if you have any questions. Hope you get it worked out.

/Mike

[DannyHamilton]

Hey,

I accept credit cards (via paypal) no problem. I've never done this before though so I may prefer incremental payments. Send me a private message if you have any questions. Hope you get it worked out.

/Mike

Use extreme caution if you decide to purchase from Mike323.  He is a brand new user that just created a user account to post this offer.  As such he has no reputation in this forum yet.  Typically new users offering high risk payment methods are scammers looking to take advantage of the time constraints and stress that someone is under to trick them into making bad decisions that result in additional losses.

If you do decide to purchase from Mike323, do NOT send the payment first.  Have them send the bitcoins first.  Since you are also new here, they will probably not be comfortable sending bitcoins to you and hoping that you send payment.  Therefore, it would be advisable to have Mike323 send the bitcoins to a trusted member of this community to be held in escrow until Mike323 receives payment.

You can find a list of trusted community members here:
https://bitcointalk.org/index.php?topic=276897.0

Note to Mike323, it is entirely possible that Need1fkncoin is not really a victim of ransomware, and is actually a scammer using a ransomware story to prey on the emotions of potential victims.  You should understand that credit card (and PayPal) transactions are reversible.  If Need1fkncoin is a scammer, he is likely to end up with your bitcoins, and you are likely to end up with nothing.

[serje]

Well I only need to know one thing!

Can he access the files right now? If the answer is yes then you can remove it!

Otherwise if you could give me team viewer to that pc I could try and help you!

But I will do this only tomorrow because now I'm in bed and it's 4.24 AM here!
Anyway at 10 AM I will be at work and will be able to help you if I can!

[Justin00]

eerr where are you located mate ?
I'll even help for free. or i am sure others would be more than happy to help.

do not pay random as others have said.

[Mike323]

Hello again,

After careful thought I will have to take back the offer so there's no need to send me a PM. It would have only been done in incremental payments via Paypal (or ATM card).  I'm skeptical now because your email is hidden. So my offer has expired now I've have second thoughts about it. Sorry about that but I hope all works out.

Danny, I've never had anyone take back a transaction after making a payment via paypal but you're right all it takes is one. I think it'd be hard to scam people if via Paypal if they're are reversible but it's cool though
I wish there were more watchdogs to monitor the developers of alt-coins and I'll try and plug in to a bitcoin community in the LA area.

Thanks

/Mike

 

[serje]

eerr where are you located mate ?
I'll even help for free. or i am sure others would be more than happy to help.

do not pay random as others have said.

Oh and of course I forgot to mention that I only do it for free!
Or I do it because I want to fuck the fuckers that want to fuck you!

Take it as you wish!

[Cryptogirl82]

I need to buy 1 coin or .79 of one coin to unlock the latest CryptoWall Virus on a employee computer. There is no other solution then to try paying them to release his files. he had no back up or restore points

I am trying to buy 1 coin using American Express Business card.

Tried Virwox- max 78$ deposit - doubtful they would let me deposit multiple times

Coinmama- doesn't seem to allow us users
Coin.mx- really doesn't seem legit and also doesn't accept AMEX

Anyone have any other suggestions? may have to find an in person exchange for $700 - 1 btc locally.

Any help greatly appreciated.

Thanks.

You donwload a well known virus - try deleting it - if that does not work, take your computer to a local expert.