Good Day,
Please see attached the following pics of the screen I came to see when looking at our 2003 server after the holiday season interval. I am presuming the invidual/s who have done this have used your software to encrypt the data files on the server. Only through google search of the email address they are using to correspond their demands with, did I find a link to your website. I believe I have traced the infiltration source app with the server logs - that being Terminal services. They then used the built in Administrator account ton the 24 December to log onto the server which was not logged in at the time but only on the log-on screen. What that password is - is unknown to me as it is the default build account.---------- Forwarded message ----------
From: Gary Evetts <gary@xxxxxxxxxxxx>
Date: 5 January 2015 at 10:08
Subject: Encryption info
To: "gcevetts@xxxxxxxxx" <gcevetts@xxxxxxxxx>
Regards,
Gary Evetts
IT-Inc
072 211 1613
www.it-inc.co.za
From: Gary Evetts <gary@xxxxxxxxxxxx>
Date: 5 January 2015 at 10:08
Subject: Encryption info
To: "gcevetts@xxxxxxxxx" <gcevetts@xxxxxxxxx>
Regards,
Gary Evetts
IT-Inc
072 211 1613
www.it-inc.co.za
Attachment:
photo 1.JPG
Description: JPEG image
Attachment:
photo 2.JPG
Description: JPEG image
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
