Warning - Cryptowall Alert

[Wicus]

We ran into CryptoWall yesterday due to an unsecure laptop, which caused havoc on a corporate network share.

 

However, this has me ponding if Sync's Archive feature would be CryptoWall proof ?

 

Providing the same "protection" again file changes as found on DropBox's file versioning, Time Machine or Snapshot feature.

 

Is there any hope ?

[RomanZ]

@Wicus

It depends. Lets see live scenario:

 

Peer A is infected. Peer B is synced, though not infected. A's files are encrypted with CryptoWall.

Here are outcomes:

1) A's .sync/Archive content is very likely also encrypted. So, no way to restore files without having access to B.

2) If B did not Sync after encryption - you are safe and sound. Take your files from B.

3) If B synced after encryption - it is going to sync only files, NOT .sync/Archive, so go to #4

4) If your files are below 1Gb - you have good chances to get some non-encrypted version on B's Archive. You need to hurry up, as Archive lasts for 30 days only. Grab whole archive, see which file version is the latest and non-encrypted.

5) If your files are above - 1Gb - Sync will only store one copy of each file, no versioning. Now you hardly depend on how your implementation of CryptoWall works with files (i.e. if Sync will manage to sync something DURING encryption or not). If CryptoWall will force Sync to create numerous versions - you won't manage to restore your files using Sync.

 

Hope it helps.