B4XCode - We are coming back!

sfsameer

Well-Known Member
Licensed User
Longtime User

We are coming back!​

We are restarting our operations starting from 20/11/2021

Please note that we have explained this situation publicly before in the B4X forum : B4X Post

What happened?​

A company located in Italy (Napoli to be exact) contacted us wanting to work with us, after going back and forth, we agreed to sign a contract with them regarding developing projects for them exclusively.
We signed the contract and we starting working with them, the first project they requested is to finish developing an existing project they had, they sent us the source codes of this project, also they sent us demos (EXE) and Documents (Word Documents).
We (B4XCode) as a company we always set assignments to each employee within the required department depending on the project requirements, in this case, the first department was the research and marketing team, the first task was to read the documents, review the demos to be able to fully understand the concept of the requested project.
Once the team ran the EXE demos, their devices were infected by a virus under the name (makop) which is an encryption virus under the WannaCry virus family, After doing some research about this virus we found out later that this virus is a network (online) virus which means it infects every device that is connected to the same network.
Unbeknownst to us, within minutes the department PCs were encrypted and within less than 48 the the whole company was infected and all of our files were encrypted, personal PC, Work PC, Laptops, servers, NAS server, and 4 of our online servers.
Below are the screenshots of some of our encrypted files (Source codes, Marketing material and other important files) :

Where do we go from here?​

B4X introduced us to a world full of supportive family members, from helping members to selling source codes it was and will always be our pleasure to continue doing so.
Since the first public post we made regarding this matter, we have been working day and night to try our best to recover the encrypted data, we have restored a small percentage of the source codes and some other important files.
We are now ready to continue offering our services starting from 20/11/2021.
This situation really did hurt us badly (mentally and financially) but we will always stay strong and will always be ready to continue developing the best projects possible.

And to let everyone know,an email has been sent from us to every client we have stating the we are coming back on 20/11/2021 stronger and better.

Images of the encryption :​

The Encryption message (readme-warning.txt)
1637887001119.png


1.JPG


1637887016639.png

1637887024699.png

1637887032240.png

1637887040436.png

1637887049833.png

Telegram​

Mail Us​

 
Last edited:

LucaMs

Expert
Licensed User
Longtime User
We did scan the files as we always do, but Kaspersky didn't detect the any virus which is what made us trust the files, mistakes happen.

Also, it feels so good to be back on this amazing platform.
You should sue Kaspersky.

Install on an isolated PC, not on LAN, a received exe and leave it there for 30 days? Eh, but you lose the customer, however, by waiting all that time; 7 days?
 

sfsameer

Well-Known Member
Licensed User
Longtime User
You should sue Kaspersky.

Install on an isolated PC, not on LAN, a received exe and leave it there for 30 days? Eh, but you lose the customer, however, by waiting all that time; 7 days?
We didn't leave it for 30 days, it all happened within minutes, and (Makop) virus leaves back doors, meaning while we were trying to recover and take backups the virus was running in the background for 48 hours and encrypting everything
 

Mark Turney

Active Member
Licensed User
Longtime User
Funny how these evil scammers try to make it sound like it's just "business".

As Liam Neeson said in Taken to the human trafficker in the elevator before he blasted him, "It's personal to me!"
 

sfsameer

Well-Known Member
Licensed User
Longtime User
Funny how these evil scammers try to make it sound like it's just "business".

As Liam Neeson said in Taken to the human trafficker in the elevator before he blasted him, "It's personal to me!"
Scammers, hackers, thieves, out laws, etc... are always finding a new way of destroying people's lives, no matter how much a person can be careful there will always be someone out there inventing a new way to ruin this person life.

But in the end we get up and move on, as the German philosopher "Friedrich Nietzsche" once said, "What doesn't kill you, makes you stronger".
 

Mark Turney

Active Member
Licensed User
Longtime User
Scammers, hackers, thieves, out laws, etc... are always finding a new way of destroying people's lives, no matter how much a person can be careful there will always be someone out there inventing a new way to ruin this person life.

But in the end we get up and move on, as the German philosopher "Friedrich Nietzsche" once said, "What doesn't kill you, makes you stronger".
Glad you're coming back. And well said!
 

LucaMs

Expert
Licensed User
Longtime User
We didn't leave it for 30 days, it all happened within minutes, and (Makop) virus leaves back doors, meaning while we were trying to recover and take backups the virus was running in the background for 48 hours and encrypting everything
All the more reason: install and run exe you don't trust on PCs isolated from the local network at least 24 hours!
 

sfsameer

Well-Known Member
Licensed User
Longtime User
All the more reason: install and run exe you don't trust on PCs isolated from the local network at least 24 hours!
We contacted them via teams video, Signed a contract together, spent more than 7 days talking with each other (our team and their team) so a trustful relationship was established between us, thinking this would be the results was completely out of our minds.

Also one of the main cause was this virus (Makop) is undetectable, because it's a new virus that falls under the WannaCry virus family :
1637180118651.png


We have learned our lesson, we have built a local PC that will be used for these type of files in the future.
 

sfsameer

Well-Known Member
Licensed User
Longtime User
This is the first ever post about the Makop virus that was detected by someone and reported on 28 January 2020 - 05:18 PM :

 

LucaMs

Expert
Licensed User
Longtime User
We contacted them via teams video, Signed a contract together, spent more than 7 days talking with each other (our team and their team) so a trustful relationship was established between us, thinking this would be the results was completely out of our minds.

Also one of the main cause was this virus (Makop) is undetectable, because it's a new virus that falls under the WannaCry virus family :
Did they insert that virus? They are probably victims too.

We have learned our lesson, we have built a local PC that will be used for these type of files in the future.
👍
 
Top