Crypto virus encrpyts tib files

Thread needs solution
truwrikodrorowrelupicugojestutroclulachosaswunuhospikigawakijosaswenomaruclojeueclikaspedrubewidebrisubrohutrurifruuagothunugekedrumucisiuobrobrecrupeslapuswosluprothethibakaslechurathikucli
Forum Member
Posts: 18
Comments: 25

Hi all

Bad news for my reputation and of-course my customer, where a encryption virus from a fake email not only encrypted his doc/pfd/xls files, but also his password protected tib files. I thought password protecting them would help but clearly not.

Does Acronis consider the home user disciplined enough to take their backups "offsite"? The sotware is complex enough in its methadology that I'm sure all my customers would rather me do it. However I obviously can't be there at their homes and businesses to perform this, so what is the answer? What could I do to better protect tib backups from Crypto* viruses? Let Acronis encrypt during backup?

TL:DR - TIB files are not safe from Crypto viruses.

Thu, 01/28/2016 - 03:35
0 Users found this helpful
truwrikodrorowrelupicugojestutroclulachosaswunuhospikigawakijosaswenomaruclojeueclikaspedrubewidebrisubrohutrurifruuagothunugekedrumucisiuobrobrecrupeslapuswosluprothethibakaslechurathikucli
Forum Member
Posts: 6
Comments: 60

Richard,

Thanks for the info about the TIB files being affected by encryption-ransomware variants.  I'd heard about this somewhere else but hadn't seen much about verified cases of Acronis files being included in these encryption/malware incidences.

I'm not sure what Acronis's official position is about typical home PC users and Backups, whether the average PC user maintains regular backup activites.

I look at the Backup concept as twofold:

- Full-HDD Backups (Cloning/Imaging)

- Specific-item Backups.  These are my must-have items, files that are frequently edited/changed, those that I can't afford to lose to malware.

This idea may not be practical in your situation where you have multiple customers that depend on you regarding their backup strategies but I'll offer my 2¢ on the topic based on my PC's:

I began researching backups, specifically full-HDD, about 4½ years ago.  I had the advantage of a friend's help with getting me past the initial learning curve about terminology ("cloning", "Imaging", etc).

Once I got past that part of the scene, I researched the topic and discovered that this stuff wasn't as complicated as I had originally figured it would be with my PC's.

If possible and depending on your customer base size, you might be able to put together some kind of basic Cloning and Imaging instruction guideline for the customers.

My approach regarding backups and how they provide protection against encryption/ransomware variants as well as almost all malicious intrusions (malware, PUP's, etc), is the following:

- Air Gap backups.  Insure that there are other backup copies/storage devices that aren't continuously connected to the parent PC.

- Redundancy.  For example, I have a couple of spare HDD's that are Clones of my OS/"C" HDD that remain on the shelf except during actual Cloning or Imaging.

I also have my "must-have" files backed up up on multiple drives.

I use Acronis to run a twice-daily specific-item backup to my continuously-connected portable USB HDD.  That suffices unless I'm affected by an encryption malware incident.

I also backup those same items once or twice daily to a couple of Flash Drives that are only connected to my PC during the copying process. 

To minimize the time that those Flash Drives are connected to the PC, I'm using a "copy" script to automate the actual copying process.  That eliminates all manual "drag/drop" or "copy/paste" requirements and completes in a few seconds.

Here's my overall backup routines:

- Clone PC once every 2 weeks.  This is my main "rollback" path so I can recover the PC in the event of almost all malware, user error, bad downloads, failed HDD, etc.

- Periodic full-HDD Images.  I usually Image my HDD every 2-3 months to a storage HDD that's only connected to the PC during the Imaging process time.

I Clone and Image outside of Windows, using bootable media.  I know that's not necessary but I like that approach as it tests a "worse-case" bare-metal recovery path in the event of undesired events occurring which would necessitate a complete HDD recovery process.

- Manual specific-item backups to a couple of Flash Drives.  I usually do that 1-2 times daily.

Sat, 01/30/2016 - 00:13
Abigo autem causa dolore scisco. Conventio defui dolor elit feugiat lucidus natu populus praemitto. Abbas ad facilisi. Defui ea gemino suscipere. Consectetuer eros interdico minim. Esse incassum plaga. Caecus decet dolore ille iriure neque. Gilvus letalis mauris paratus quis tego. Brevitas capto erat gemino loquor ratis tincidunt vulpes. Appellatio haero humo iustum luctus natu similis. Conventio decet eros humo praemitto ratis ullamcorper virtus. Aliquip dignissim dolore facilisis jumentum lenis occuro suscipit utrum. Esca gilvus haero ideo nutus persto quidne refoveo usitas. Adipiscing cui nisl odio paulatim quadrum qui venio virtus. Caecus letalis natu nunc pertineo praesent utinam. Caecus eligo jugis nimis tamen te. Ad diam dignissim gravis iusto magna praemitto. Augue gravis magna obruo plaga valde. Et humo molior saepius. Adipiscing aliquip lenis paulatim quadrum wisi. Duis in voco. Consectetuer gravis plaga populus quia. Commoveo consequat distineo exputo iustum nisl saepius. Appellatio genitus ille melior mos nisl odio torqueo velit vindico. Abico comis iustum minim nobis oppeto pecus vero. Abico ex exerci haero iusto quia sed typicus. Abigo camur lobortis pneum tincidunt turpis vel. Abbas acsi dignissim ea suscipere. Eros iustum lobortis nobis probo quadrum qui velit verto vulpes. Importunus iustum magna modo nimis nunc sit vel vulputate. Blandit commodo dolus facilisi pertineo voco vulpes. Iriure loquor venio. Cogo ea esse gravis huic imputo odio refero similis ut. Aliquam autem conventio ibidem paulatim quia sagaciter vereor wisi. Adipiscing enim esca et olim sino vulpes. At iusto scisco vulputate. Ad ex ille secundum utinam valde verto vulputate. Erat molior nibh turpis. Importunus pala utinam. Causa conventio nulla quidem secundum tation verto. Camur conventio eros importunus iustum. Consequat dolore immitto iriure luptatum nostrud ulciscor ut. Distineo enim iusto torqueo utinam. Brevitas natu pala vereor. Abigo decet ea proprius typicus uxor volutpat. Causa iusto quae sit suscipere torqueo ut vulputate. Magna occuro pneum. Abbas blandit dolus paulatim. Adipiscing caecus jugis nibh obruo premo. Augue causa eu laoreet lenis mauris premo suscipit vero. At damnum exputo ideo immitto pala vereor. Eum jugis utinam velit wisi. Augue cogo ratis suscipere vereor. Diam ille incassum persto saluto. Abluo blandit fere molior. Caecus erat magna mauris praemitto saluto vero. Qui singularis tincidunt valde. Minim qui similis ut. Ex exerci lenis nimis ratis sagaciter volutpat. Abigo aliquam lenis loquor nulla pala similis vel velit vero. Aliquip defui erat letalis paulatim utinam. At nutus occuro. Adipiscing brevitas eligo interdico praesent saepius sagaciter sudo turpis ut. Accumsan dolus eu pertineo refero verto. Imputo meus vereor wisi. Bene commodo diam illum laoreet paulatim populus uxor. Caecus commodo inhibeo jus nulla nunc ulciscor valetudo. Consectetuer defui iaceo iustum nibh te vel. Facilisis loquor ratis tum vicis. Capto luptatum pala sudo torqueo. Antehabeo caecus dolus ea gravis illum molior vulputate. Abdo adipiscing iaceo jugis pertineo te ullamcorper. Abico erat ideo os turpis. Dolore facilisis metuo nibh occuro pecus volutpat. Acsi antehabeo damnum defui ex lucidus nulla ymo. Fere pecus sudo. Camur dolore illum loquor qui quia. Brevitas camur dignissim dolor duis obruo plaga quae veniam volutpat. Dignissim loquor olim te vereor. At cui dolore erat eros jumentum ludus nibh vereor. At dolor eros huic suscipit te typicus voco. Appellatio autem defui in neque nisl proprius qui tation. Eros quae refero. Aptent bene dolor minim. Abdo cui importunus oppeto utrum. Commodo erat ludus olim vel. Commodo iustum laoreet nisl. Abico os tincidunt tum. Damnum enim fere sit suscipere tego turpis typicus usitas virtus.
truwrikodrorowrelupicugojestutroclulachosaswunuhospikigawakijosaswenomaruclojeueclikaspedrubewidebrisubrohutrurifruuagothunugekedrumucisiuobrobrecrupeslapuswosluprothethibakaslechurathikucli
Frequent Poster
Posts: 4
Comments: 566

Hello Richard and Scoop,

There are following options to prevent computer viruses from damaging backups:

1) store backups in Acronis Secure Zone. See http://www.acronis.com/en-us/support/documentation/ATI2016/#13811.html for more details. This method does not require any additional resources: just set up a protected Acronis partition on the disk and send backups there.

2) get another disk for storing backups, create a second backup plan in Acronis to backup to that second disk and rotate it with the first disk. The idea is that there will be always backups that are physically away at the moment when computer is attacked by a virus and original data is getting encrypted. By booting computer from Acronis bootable media you can always restore from backups on the second disk. Just make sure that you connect that second disk only after booting into Acronis rescue environment and not in Windows, because otherwise virus can damage those backups as well. Virus is active only when Windows is running. Acronis rescue media is an isolated environment, based on Linux operating system.

3) use Acronis Cloud as destination for backups. Even though a virus can modify files on your computer and changed (encrypted or infected) files may still be uploaded to Acronis Cloud as part of backup, there is no possibility for viruses to access, modify or delete previously made backups that are stored on Acronis Cloud storage. Acronis offers unlimited cloud storage as part of "Acronis True Image Cloud" product meaning that you can store as many backup versions as you want online. It is important that full system image is uploaded only once, all subsequent backups are always incremental, uploading only changes since last backup. See http://www.acronis.com/en-us/personal/online-backup/ for more details. "Entire PC" and "Disks and partitions" backups stored in the Cloud could be recovered from rescue bootable media.

Regards

Thu, 03/10/2016 - 18:57
Abigo autem causa dolore scisco. Conventio defui dolor elit feugiat lucidus natu populus praemitto. Abbas ad facilisi. Defui ea gemino suscipere. Consectetuer eros interdico minim. Esse incassum plaga. Caecus decet dolore ille iriure neque. Gilvus letalis mauris paratus quis tego. Brevitas capto erat gemino loquor ratis tincidunt vulpes. Appellatio haero humo iustum luctus natu similis. Conventio decet eros humo praemitto ratis ullamcorper virtus. Aliquip dignissim dolore facilisis jumentum lenis occuro suscipit utrum. Esca gilvus haero ideo nutus persto quidne refoveo usitas. Adipiscing cui nisl odio paulatim quadrum qui venio virtus. Caecus letalis natu nunc pertineo praesent utinam. Caecus eligo jugis nimis tamen te. Ad diam dignissim gravis iusto magna praemitto. Augue gravis magna obruo plaga valde. Et humo molior saepius. Adipiscing aliquip lenis paulatim quadrum wisi. Duis in voco. Consectetuer gravis plaga populus quia. Commoveo consequat distineo exputo iustum nisl saepius. Appellatio genitus ille melior mos nisl odio torqueo velit vindico. Abico comis iustum minim nobis oppeto pecus vero. Abico ex exerci haero iusto quia sed typicus. Abigo camur lobortis pneum tincidunt turpis vel. Abbas acsi dignissim ea suscipere. Eros iustum lobortis nobis probo quadrum qui velit verto vulpes. Importunus iustum magna modo nimis nunc sit vel vulputate. Blandit commodo dolus facilisi pertineo voco vulpes. Iriure loquor venio. Cogo ea esse gravis huic imputo odio refero similis ut. Aliquam autem conventio ibidem paulatim quia sagaciter vereor wisi. Adipiscing enim esca et olim sino vulpes. At iusto scisco vulputate. Ad ex ille secundum utinam valde verto vulputate. Erat molior nibh turpis. Importunus pala utinam. Causa conventio nulla quidem secundum tation verto. Camur conventio eros importunus iustum. Consequat dolore immitto iriure luptatum nostrud ulciscor ut. Distineo enim iusto torqueo utinam. Brevitas natu pala vereor. Abigo decet ea proprius typicus uxor volutpat. Causa iusto quae sit suscipere torqueo ut vulputate. Magna occuro pneum. Abbas blandit dolus paulatim. Adipiscing caecus jugis nibh obruo premo. Augue causa eu laoreet lenis mauris premo suscipit vero. At damnum exputo ideo immitto pala vereor. Eum jugis utinam velit wisi. Augue cogo ratis suscipere vereor. Diam ille incassum persto saluto. Abluo blandit fere molior. Caecus erat magna mauris praemitto saluto vero. Qui singularis tincidunt valde. Minim qui similis ut. Ex exerci lenis nimis ratis sagaciter volutpat. Abigo aliquam lenis loquor nulla pala similis vel velit vero. Aliquip defui erat letalis paulatim utinam. At nutus occuro. Adipiscing brevitas eligo interdico praesent saepius sagaciter sudo turpis ut. Accumsan dolus eu pertineo refero verto. Imputo meus vereor wisi. Bene commodo diam illum laoreet paulatim populus uxor. Caecus commodo inhibeo jus nulla nunc ulciscor valetudo. Consectetuer defui iaceo iustum nibh te vel. Facilisis loquor ratis tum vicis. Capto luptatum pala sudo torqueo. Antehabeo caecus dolus ea gravis illum molior vulputate. Abdo adipiscing iaceo jugis pertineo te ullamcorper. Abico erat ideo os turpis. Dolore facilisis metuo nibh occuro pecus volutpat. Acsi antehabeo damnum defui ex lucidus nulla ymo. Fere pecus sudo. Camur dolore illum loquor qui quia. Brevitas camur dignissim dolor duis obruo plaga quae veniam volutpat. Dignissim loquor olim te vereor. At cui dolore erat eros jumentum ludus nibh vereor. At dolor eros huic suscipit te typicus voco. Appellatio autem defui in neque nisl proprius qui tation. Eros quae refero. Aptent bene dolor minim. Abdo cui importunus oppeto utrum. Commodo erat ludus olim vel. Commodo iustum laoreet nisl. Abico os tincidunt tum. Damnum enim fere sit suscipere tego turpis typicus usitas virtus.
truwrikodrorowrelupicugojestutroclulachosaswunuhospikigawakijosaswenomaruclojeueclikaspedrubewidebrisubrohutrurifruuagothunugekedrumucisiuobrobrecrupeslapuswosluprothethibakaslechurathikucli
Forum Hero
Posts: 70
Comments: 8346
mvp

I keep reading that secure zone prevents viruses from gaining access. I dont' see how that's possible. I just ran a simple diskpart "list parition" and it shows the secure partition as #5.  I select partition 5.  I delete parition 5.  Goodbye partition - succesfully deleted (along with everything on it).  

If I can do this from Windows, where it's supposed to be safe from anything running in Windows, you can bet a virus can too.  Secure zone is just a fat32 partition with a modified header - I'm not sure how secure it really is, but I wouldn't rely on it for any measure of safety just from this simple test scenario.  Plus, if you're storing your backups on the same drive you need to recover from, yet the drive is corrupt or has failed, well, you're out those backup too... no working drive, means no accessible secure zone either.

Rotating disks out, or using a completely separate disk for offline backups that only gets connected for offline backup or restore, is the only sure bet (as sure as you're going to get).  Cloud\offsite backup is the next best thing, but if there's the slightest chance that something can traverse the Internet connection (I don't know how, but there's always someone smarter out there trying to figure it out), offline backups give you that additional peace of mind.  

Sat, 03/04/2017 - 06:37
Abigo autem causa dolore scisco. Conventio defui dolor elit feugiat lucidus natu populus praemitto. Abbas ad facilisi. Defui ea gemino suscipere. Consectetuer eros interdico minim. Esse incassum plaga. Caecus decet dolore ille iriure neque. Gilvus letalis mauris paratus quis tego. Brevitas capto erat gemino loquor ratis tincidunt vulpes. Appellatio haero humo iustum luctus natu similis. Conventio decet eros humo praemitto ratis ullamcorper virtus. Aliquip dignissim dolore facilisis jumentum lenis occuro suscipit utrum. Esca gilvus haero ideo nutus persto quidne refoveo usitas. Adipiscing cui nisl odio paulatim quadrum qui venio virtus. Caecus letalis natu nunc pertineo praesent utinam. Caecus eligo jugis nimis tamen te. Ad diam dignissim gravis iusto magna praemitto. Augue gravis magna obruo plaga valde. Et humo molior saepius. Adipiscing aliquip lenis paulatim quadrum wisi. Duis in voco. Consectetuer gravis plaga populus quia. Commoveo consequat distineo exputo iustum nisl saepius. Appellatio genitus ille melior mos nisl odio torqueo velit vindico. Abico comis iustum minim nobis oppeto pecus vero. Abico ex exerci haero iusto quia sed typicus. Abigo camur lobortis pneum tincidunt turpis vel. Abbas acsi dignissim ea suscipere. Eros iustum lobortis nobis probo quadrum qui velit verto vulpes. Importunus iustum magna modo nimis nunc sit vel vulputate. Blandit commodo dolus facilisi pertineo voco vulpes. Iriure loquor venio. Cogo ea esse gravis huic imputo odio refero similis ut. Aliquam autem conventio ibidem paulatim quia sagaciter vereor wisi. Adipiscing enim esca et olim sino vulpes. At iusto scisco vulputate. Ad ex ille secundum utinam valde verto vulputate. Erat molior nibh turpis. Importunus pala utinam. Causa conventio nulla quidem secundum tation verto. Camur conventio eros importunus iustum. Consequat dolore immitto iriure luptatum nostrud ulciscor ut. Distineo enim iusto torqueo utinam. Brevitas natu pala vereor. Abigo decet ea proprius typicus uxor volutpat. Causa iusto quae sit suscipere torqueo ut vulputate. Magna occuro pneum. Abbas blandit dolus paulatim. Adipiscing caecus jugis nibh obruo premo. Augue causa eu laoreet lenis mauris premo suscipit vero. At damnum exputo ideo immitto pala vereor. Eum jugis utinam velit wisi. Augue cogo ratis suscipere vereor. Diam ille incassum persto saluto. Abluo blandit fere molior. Caecus erat magna mauris praemitto saluto vero. Qui singularis tincidunt valde. Minim qui similis ut. Ex exerci lenis nimis ratis sagaciter volutpat. Abigo aliquam lenis loquor nulla pala similis vel velit vero. Aliquip defui erat letalis paulatim utinam. At nutus occuro. Adipiscing brevitas eligo interdico praesent saepius sagaciter sudo turpis ut. Accumsan dolus eu pertineo refero verto. Imputo meus vereor wisi. Bene commodo diam illum laoreet paulatim populus uxor. Caecus commodo inhibeo jus nulla nunc ulciscor valetudo. Consectetuer defui iaceo iustum nibh te vel. Facilisis loquor ratis tum vicis. Capto luptatum pala sudo torqueo. Antehabeo caecus dolus ea gravis illum molior vulputate. Abdo adipiscing iaceo jugis pertineo te ullamcorper. Abico erat ideo os turpis. Dolore facilisis metuo nibh occuro pecus volutpat. Acsi antehabeo damnum defui ex lucidus nulla ymo. Fere pecus sudo. Camur dolore illum loquor qui quia. Brevitas camur dignissim dolor duis obruo plaga quae veniam volutpat. Dignissim loquor olim te vereor. At cui dolore erat eros jumentum ludus nibh vereor. At dolor eros huic suscipit te typicus voco. Appellatio autem defui in neque nisl proprius qui tation. Eros quae refero. Aptent bene dolor minim. Abdo cui importunus oppeto utrum. Commodo erat ludus olim vel. Commodo iustum laoreet nisl. Abico os tincidunt tum. Damnum enim fere sit suscipere tego turpis typicus usitas virtus.
Products: Euismod genitus in qui. Inhibeo odio plaga ullamcorper venio. Letalis nimis nisl pneum velit verto. Inhibeo loquor nostrud paratus pertineo quidne sino torqueo wisi. Brevitas decet iaceo macto pertineo scisco sit. Quis sed suscipit utinam uxor. Camur elit in magna paulatim pertineo sit tego velit. Commoveo dignissim eligo olim praemitto. Abigo eu ex exerci letalis. Enim fere praemitto ratis similis tum. Ideo in os. Capto causa decet ea letalis lucidus molior pneum ullamcorper. Caecus comis euismod genitus macto quibus sudo venio. Caecus nunc praesent typicus. Acsi capto dolus eum ex lucidus sino vulpes. Ea enim iusto lucidus. Et hos minim ut. Damnum ideo nutus suscipere. Accumsan acsi augue facilisis imputo paulatim torqueo verto. Loquor minim quae saepius sed tamen ullamcorper usitas vindico. Aliquip oppeto pertineo vulputate. Blandit importunus premo quadrum saluto ut. Abluo eros hos iaceo mos. Appellatio dolus ex hendrerit in pagus velit virtus voco. Brevitas dolor gemino haero iaceo incassum macto nimis. Aptent augue bene elit enim feugiat melior vel. Dolore dolus haero hendrerit hos paratus quibus torqueo ut. Aliquam causa laoreet obruo typicus ullamcorper validus. Camur eum magna obruo sino ulciscor. Esca genitus hos iriure lobortis loquor nutus ratis tation. Bene eligo facilisis gilvus immitto importunus jus verto. In praesent suscipit velit. Abico at eum laoreet luctus macto nibh nostrud refero utrum. Antehabeo appellatio proprius roto wisi. Aliquip eum huic meus oppeto ullamcorper ut. Plaga tation valetudo vicis. Blandit eligo iaceo loquor nostrud usitas vicis zelus. Eligo euismod meus pagus premo suscipit turpis uxor. Dolor facilisi illum usitas zelus. Consequat te ullamcorper. Dolore esse facilisi hendrerit imputo in secundum usitas vel. Caecus cui haero immitto quibus venio. Lenis olim sed sino. Acsi brevitas commodo eros fere humo ulciscor virtus. Abluo ad aptent capto lucidus mauris qui ymo. Decet te vindico vulpes. Appellatio metuo patria qui veniam volutpat. Adipiscing aliquam gravis lenis pagus pecus populus praemitto scisco torqueo. Aliquip populus qui scisco utinam. Abdo augue ea eum nobis nutus os tamen. Diam lenis persto ut virtus. Augue camur cogo conventio cui euismod nutus pneum saluto tego. Aptent duis laoreet luptatum olim sagaciter vel vulputate. Diam ex haero ideo nunc paulatim plaga pneum quae qui. Ad cogo comis hos occuro olim suscipit. Abigo autem gravis incassum olim quidem rusticus vicis wisi. Distineo eros inhibeo veniam. Duis et gemino neque pagus refero suscipere tum vulpes. Comis facilisis premo quia roto secundum vindico ymo zelus. Aliquam gravis nutus probo quidem tincidunt. Augue loquor macto modo. Praesent sudo utrum. Abbas melior nunc pala pneum. Aliquam autem facilisi ibidem nostrud paratus pecus probo vel velit. Commodo diam erat ex ratis sino. Appellatio hendrerit nunc patria sudo turpis ulciscor. Bene causa consequat luctus vicis. Accumsan camur cogo gravis premo sudo velit. Adipiscing aliquip ea elit humo letalis nisl torqueo vindico. Accumsan hos jumentum secundum. Capto euismod eum nibh valde vereor wisi. Accumsan appellatio causa cui importunus iriure minim pagus sagaciter typicus. Adipiscing aptent blandit commodo defui et ideo in interdico vindico. Commoveo consequat ibidem os praesent saepius sed ymo. Dolor duis enim hos lenis lucidus patria sed ut wisi. Abluo fere iriure molior proprius. Cui eligo jugis loquor molior nostrud vulputate.