Help Please !!! - Hit by DMA Locker before uploading Blobs to Azure Console RRS feed

  • Question

  • I have a client who has been hit by !DMA Locker 3.0 , all the data has been locked.

    I was in the process of getting his data to Azure Cloud Backup when he got hit.

    I was mid process , as in I had an external USB Drive on the server and the azure agent installed , we had run the initial backup to the external of two files 1 x Aibblob and 1 x baseblob ( total 188Gb ).

    We uploaded those two files to the Azure console over the last 24 hrs and cannot see how to access the data within them. 

    My URGENT question is; Is the Data in the two files I have viable? As in can it be opened and recovered or is it lost because we had not got to the process of encrypting them and sending off the encrypted files to Microsoft Australia for upload into our console?

    I would encypt the blobs and send the drive off to Microsoft but the server they need to be encrypted on does not run the Microsoft tool anymore.

    • Moved by vikranth s Sunday, February 5, 2017 3:32 PM Related to Storage
    Sunday, August 14, 2016 12:38 AM

All replies

  • Hi,

    Thank you for posting here!

    If your data successfully backed up to Azure vault, data is there in Azure vault. If your entire server is lost or unable to access, you can still recover that data from Azure vault to a different machine.

    Please follow the steps outlined in the below document for recover data to an alternate machine:

    For recovery service vault https://azure.microsoft.com/en-us/documentation/articles/backup-azure-restore-windows-server/#recover-to-an-alternate-machine  

    For Backup vault :https://azure.microsoft.com/en-us/documentation/articles/backup-azure-restore-windows-server-classic/#recover-to-an-alternate-machine

    If this is not the case, please let us know.


    Vikranth S.

    Sunday, August 14, 2016 3:02 PM
  • Thankyou for the reply Vikranth.

    The following is true of our situation.

    1. ) 2 days before the DMALocker outbreak an external drive was connected to the main file server

    2. ) The Azure client was installed on the main file server and the initial backup was completed.

    3. ) We did not get the opportunity to encrypt those Blob files to another external drive prior to shipping to Microsoft for uploading to our Microsoft Vault.

    4. ) We are unable to use the original file server due to DMA Locker Damage

    5. ) We have uploaded the 2 blob files to Microsoft using the Azure client on another Server ( using the upload file action )

    Does this clarify the situation we are currently in?

    Question:  Is there a way to confirm that our clients data is in the Blob Files other than a complete restore?


    Regards John

    • Edited by Oz_John Sunday, August 14, 2016 8:55 PM additional question.
    Sunday, August 14, 2016 8:45 PM
  • Gee, lucky Microsoft provide us Azure Subscribers with such an efficient support system so we can feel confident of resolving events such as this in a timely manner. NOT!

    Maybe a Google search of Azure Cloud Backup Alternative may be in order.



    Regards John

    Tuesday, August 16, 2016 11:25 PM
  • Hello,

    Apologies for the delay in responding!

    When you say "We have uploaded the 2 blob files to Microsoft using the Azure client on another Server (using the upload file action)" How exactly have you uploaded data to Azure storage account? 

    Microsoft Azure Storage Explorer enables you to manage Azure Blob Storage resources, including the ability to visually create, read, update, and delete blob containers and blobs, as well as manage access to your blobs containers and blobs.

    If it doesn’t help, please let us know, we are happy to assist you more.


    Vikranth S.

    Thursday, August 18, 2016 1:28 PM