• NO Processing Fee, No Diagnosis Fee, NO Data No Charge
25 Oct

Ransomware Attack and Ransomware Removal

What you need to know about Ransomware Attack and Ransomware Removal

Ransomware is a type of malware that blocks access to the computer system or data and demands ransom payment for the release of the system. It’s one of the most dangerous types of malware because it locks you out, encrypts your data and then charges you money to get it back.

Ransomware can be installed on your device by clicking on an infected link or by opening an email attachment sent from someone you don’t know.

Ransomware removal tool decrypt

The ransomware removal tool decrypt is a software that can be used to decrypt files affected by ransomware without paying ransom.

Types of Ransomware Attacks online.

The increasing prevalence of ransomware has led to many types of ransomware attacks online.

There are two main types of ransomware attacks: crypto-ransomware and crypto-mining malware. Crypto-mining malware, which uses the processing power of the infected device to mine for cryptocurrency, is not technically classified as a type of ransomware but is often grouped with it in the media and by security experts.

Common Types of Ransomware known

There are many different types of ransomware, but these are some of the most common types:

Ransomware Removal Services by East African Data Handlers

East African Data Handlers is a company that specializes in data recovery. They have trained technicians for data recovery, data deletion, and ransomware removal services.

This malware is often spread through email attachments or downloads from unreliable websites. The most common ransomware targets are computers running Microsoft Windows. Ransomware can also be transmitted via exploit kits hosted on compromised websites or by phishing emails containing links to malicious software downloads.

Why you should not pay the cybercriminals

The cybercriminals are so persistent that they will keep sending you messages and even call you to ask for money.

They will threaten to leak your personal data or harm your reputation if you refuse to pay the ransom.

However, paying the ransom will not guarantee that the cybercriminals will decrypt your files. They may just take your money and leave you with a broken computer.

The most important thing you should do when you’re infected with ransomware is not pay the ransom! Paying the ransom only encourages cybercriminals to continue their criminal activities and develop more sophisticated versions of ransomware in the future.

Need Help Remove Ransomware reach experts like East African Data Handlers to remove.

The East African Data Handlers are experts in removing Ransomware. They have been providing services to the public for more than a decade and they have a 100% success rate.

East African Data Handlers was founded in 2006 by a group of IT professionals with the mission to provide excellent data recovery and computer repair services for all types of data storage devices. The company has grown from just two people to more than 20 employees, including engineers, technicians, and customer service representatives.

Call now 0711 051 000 or send an email helpdesk@datarecovery.co.ke

Share this
04 Dec

Cyber Criminals Are Using YouTube To Install Cryptojacking Malware

Cyber Criminals Are Using YouTube To Install Cryptojacking Malware

 At East African Data Handlers we have discovered that the  Slovakian software security firm Eset  uncovered that cyber criminals  are behind Cryptojacking Malware, the Stantinko botnet which has been distributed as a Monero (XMR) cryptocurrency mining module via Youtube.

We wish to warn the public to be careful. Further research indicate that, On Nov. 26, the major antivirus software supplier Eset reported that the Stantinko botnet operators have expanded their criminal reach from click fraud, ad injection, social network fraud and password stealing attacks, into installing Cryptojacking Malware on victims’ devices using Youtube.

Stantinko botnet has been active since at least 2012

The Stantinko botnet, which has been active since at least 2012 and predominantly targets users in Russia, Ukraine, Belarus and Kazakhstan, reportedly uses YouTube channels to distribute its Cryptojacking Malware module, which mines the privacy-focused crypto coin Monero on the CPUs of unsuspecting victims.

This cryptocurrency-stealing malware has reportedly infected around 500,000 devices, and is similar to the recently discovered malicious malware, Dexphot, malware discovered by Microsoft that has already infected more than 80,000 computers.

These crypto-hijacking codes steal processing resources, take over legitimate system processes and disguise the nefarious activity with the ultimate goal of running a crypto miner on the infected devices.

Eset informed YouTube, which reportedly responded by removing all the channels that contained traces of Stantinko’s code.

Malware on Monero’s official website was stealing crypto

In November, Monero’s core development team said that the software available for download on Monero’s official website might have been compromised to steal cryptocurrency. A professional investigator going by the name of Serhack confirmed that the software distributed after the server was compromised was indeed malicious:

“I can confirm that the malicious binary is stealing coins. Roughly 9 hours after I ran the binary a single transaction drained the wallet. I downloaded the build yesterday around 6pm Pacific time.”

 Be warned of this trend that  is now slowly coming to Africa. 

Courtesy of https://cointelegraph.com/


We are proud to provide you with full Data Recovery Service and Malware investigation services coverage to any part of Kenya; NairobiMombasaKisumu, Eldoret. Data Loss is only temporary and we prove it every day with the highest Hard Drive Recovery Success rate in Kenya. We Recover Data in Kenya from the Following Devices; Hard DrivesLaptopsDesktopsRaid SystemsRAID / NAS / SAN , ServersMemory Cards, Flash Drives, DatabasesSSD Drives etc

East African Data Handlers ltd no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

Contact us now

If you’ve lost valuable, irreplaceable data — We can save it! Call us now at 0711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands

Share this
15 May

Facebook Messenger Spam and scam is targeting its victims via a video link malware

Facebook Messenger Spam & Scam Spreading Malicious Chrome Extensions, Adware

Beware Facebook Messenger users, as cybercriminals are targeting victims by spreading malware through links sent by their friends.

The malware campaign was discovered by David Jacoby, a senior security researcher in the global research and analysis team at Kaspersky Lab, who was himself targeted after a Facebook friend with whom he rarely interacts, sent a link to a purported video file in Messenger.

After just a few minutes analyzing the message, I understood that I was just peeking at the top of this iceberg. This malware was spreading via Facebook Messenger, serving multi platform malware/adware, using tons of domains to prevent tracking, and earning clicks,” David said.

So, how does this malware spread? Apparently, the malicious message containing a bit.ly or t.cn link and the name of the user plus the word “Video” arrives through one of your friends account on Messenger to make the potential victims believe that it is a legitimate video link. When the victim clicks on the link, it will take the user to a Google Docs page that has a screenshot photo of that Facebook friend. The message is made to look like a playable movie.

But when clicked on that video, the victim is redirected to external sites depending on their browser, location and operating system that ultimately attempt to lure them into installing the malware. This malicious software, if downloaded, will cause the victim to spread the virus to their contacts on Facebook Messenger.

By doing this, it basically moves your browser through a set of websites and, using tracking cookies, monitors your activity, displays certain ads for you and even, in some cases, social engineers you to click on links,” Jacoby writes.



For example, a Google Chrome user is redirected to a fake YouTube page with a fake error message designed to push the user in downloading a malicious Chrome extension.

Meanwhile, on Firefox, the users get directed to a website displaying a fake Flash Update notice, which attempts to run a Windows executable to deliver the adware. Since this malware is cross-platform, it affects MacOS Safari too and offers the download of a .dmg file, which is also adware.

It is unclear how the malware spreads via Messenger.

The initial spreading mechanism seems to be Facebook Messenger, but how it actually spreads via Messenger is still unknown. It may be from stolen credentials, hijacked browsers or clickjacking,” David speculated.

The people behind this are most likely making a lot of money in ads and getting access to a lot of Facebook accounts,” said David.

We know that clicking on unknown links is not recommended, but through this technique they basically force you to do so.

Please make sure that you don’t click on these links, and please update your antivirus!,” added David.

When ZDNet got in touch with Facebook regarding the matter, a spokesperson for the social media giant said: “We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook.

“If we suspect your computer is infected with malware, we will provide you with a free antivirus scan from our trusted partners. We share tips on how to stay secure and links to these scanners on facebook.com/help.

Source: ZDNet

Share this