• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs

Not what you are looking for? Ask the experts!

Kudos1 Stats

GandCrab v5.1 ransomware attack - Norton FAIL!!!

Not only did Norton fail to protect me from a GandCrab v5.1 ransomware attack on February 24, 2019, you provided no assistance helping me recover from the attack. The first agent, who obviously had little technical ability, first noted the encrypted files had a time stamp from early in January and questioned why I did not call sooner. That's a further concern - Why didn't Norton alert me that there was a problem resident on my system for over a month?

Agent then instructed me to reboot, which failed. Agent did not even understand the error message I was looking at. In short, the boot sequence had been changed to an external drive and could not find a boot sector on the drive it was looking at.  After escalation and an uncomfortably long wait for a callback, the second agent clearly had some technical skill, had me make a BIOS correction and got the system started, but bluntly told me he could not provide me any assistance in regard to decrypting my files.  I find this unacceptable. I understand not all attacks are recoverable, but there was zero attempt to even identify what caused the issue.  

In this case I realize I was very lucky.  A simple google search turned up a FREE tool from BitDefender that successfully decrypted my files.  How come BitDefender can be on top of the issue but Norton apparently doesn't care?  I am not certain I will be entrusting my family's systems to Norton in the future.



Re: GandCrab v5.1 ransomware attack - Norton FAIL!!!

Kudos4 Stats

Re: GandCrab v5.1 ransomware attack - Norton FAIL!!!

The best defense against ransomware is to backup your files (and preferably make disk image backups, as well) to an external drive that is kept disconnected from your system for storage.  I hope you are doing that.  No security product can make your system completely bullet-proof.

This thread is closed from further comment. Please visit the forum to start a new thread.