NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ransom ware restoration
RN524X00 RUNNING FW: V6.6.1 PAID THE RANSOM BUT THIEF'S CHANGED USER ID AND PASSWORD AND I HAVE NO ACCESS TO GET TO THE DATA. I need help if Netgear can provide any work around for me to gain acces...
StephenB wrote:
Either way, if the files are still encrypted you are out of luck.
Maybe not, if snapshots are available. Unfortunately, that's not always a solution unless you have a lot of unused space on the NAS. If the NAS had insufficient space to store the "new" encrypted files, it'll delete snapshots to make way.
If an OS re-install doesn't get your access back, then you may also be able to access your files via tech support mode.
I am wondering why you believe the attacker changed (or maybe removed) the admin user name.
We have tried to gain access to the stored information after payment but are unable to use any past user ID or passwords. There wasn't any further communication with the thief's after payment. Is there something we are unaware of from other knowledge you may have gained that we should do to get to our info? Of course, this is the first (and hopefully the last time experiencing this ransom situation)
BBuzz wrote:
We have tried to gain access to the stored information after payment but are unable to use any past user ID or passwords.
Are you saying that when you go to the NAS admin page ( https://nas-ip-address/admin ) you cannot log into that site with the NAS admin credentials?
As I mentioned, you can do an OS-reinstall that will reset the admin password back to password.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
