Advice Request Would it be possible for the Ransomware to leave any kind of backdoor?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
Rebsat

Rebsat

Level 6
Thread author
Verified
Well-known
Apr 13, 2014
254
Hello everyone. I was wondering to know after a successful ransomware infection and cleanup by one of the Emsisoft decryptor tools, Would it be possible for the ransomware to leave any kind of backdoor in the PC?Though. How about after a full restore from backup? Thank you very much :)
 
brod56

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
Probably yes. I recommend you to run HitmanPro and backup all your files in order to reinstall Windows then. The safest way possible for sure.
 
  • Like
Reactions: Rebsat
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,821
If I remember correctly PokemonGo left a backdoor on systems it infected, so yes it's entirely possible but that's the only instance of it happening that I can remember.

To clarify: I mean PokemonGo ransomware and not the Pokémon Go app.
 
  • Like
Reactions: RoboMan and Rebsat
Winter Soldier

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
Depending on the ransomware type, yes it is possible that a backdoor module is present, usually it uses an encrypted channel to communicate with its server or C&C.
Please consider that if your backup is stored on your system's HDD, also using another partition, the ransomware could have access to this backup, encrypting the data.
So it is necessary to have also a backup's copy on offline and external support.
 
  • Like
Reactions: giants8058, brod56, BugCode and 2 others
Status
Not open for further replies.

Similar threads

A
  • Locked
UDLA - I´m I the only one infected?
Replies
1
Views
222
Windows Malware Removal Help & Support
nasdaq
nasdaq
upnorth
    • +Reputation
    • Like
    • Thanks
Nitrogen Ransomware Effort Lures IT Pros via Google, Bing Ads
Replies
1
Views
1,267
News Archive
Sandbox Breaker
Sandbox Breaker
vtqhtr413
    • +Reputation
    • Hundred Points
Most businesses aren't getting their data back after ransomware attacks
Replies
0
Views
1,377
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top