My iCloud account was infected with a ransomware virus thru in a Windows Desktop

Do I have to pay the ransom or there is a software I can use? The fies were encrypted and a .ooss extension was added. Thanks in advance for all your input.

Solution 1:

It depends.

They didn’t infect your iCloud rather they encrypted the files on the local Windows machine in the synced directory.

If you have a backup of the files taken before they encrypted your files, then no, you don’t have to pay. Simply restore your data. If you don’t have a back up, you will probably have to pay. The good news is this is very likely to work. These scams don’t work if people know that paying doesn’t get your data back.

Whether you restore your data from backup or pay the ransom, make sure you do the following

• Change your iCloud password from a non-infected machine in case the virus had a keylogger
• Wipe that machine (format and reinstall)
• Change the passwords on other accounts you may have visited.
• If any of the documents contained banking or sensitive info, contact those institutions and change logins/passwords. It’s advisable to let them know what happened.
• Update your anti-virus

As far as breaking the encryption, it’s next to impossible. It’s not so much a “password” they used, but an encryption key and attempting to brute force it could take years; many, many years.

I wish there was better news I could give you, but you do have some work to do to recover and clean up. You can take some solace knowing that municipalities and government agencies with dedicated IT departments have been hit with this as well.