How do I recover my database from ransomware?
Linode
Linode Staff
My database was recently hacked and encrypted with ransomware. Can you restore it for me? If now, how do I go about recovering from this?
1 Reply
tommydavidson
Linode Staff
When a system is infected with ransomware, the disk/files become encrypted, and a message is left behind instructing you to pay a ransom, how much to pay, and how to go about paying it. The claim is that if you pay the ransom, you can obtain the keys needed to decrypt and recover your data. There are a few ways you can go about resolving this:
- Rebuild your Linode from a backup (Recommended) - Linode only makes backups of customer data when the Backup Service is enabled. If you have the service enabled, you can follow the instructions in our guide to rebuild your Linode from a backup. If you don't have the service enabled, then you may be able to restore another backup, if you've made one.
- Rebuild your Linode from scratch (Recommended if option 1 isn't available to you) - You can follow our guide to rebuild your Linode from scratch.
- Pay the ransom (NOT recommended) - I've heard of people successfully paying these ransoms and obtaining the encryption keys, however this is strongly advised against, if only because there is no guarantee that the attackers will actually provide you with the key to decrypt your data. This, of course, is on top of the risk you would be taking with your financial information.