Hey everyone,
I have installed the Frappe and ERP Next into my Linux system and attached it with my Database, all the data is reflecting inside my CRM but suddenly at morning everything wiped out,
when i checked and added the below command into my Linux Terminal
SELECT * FROM RECOVER_YOUR_DATA LIMIT 10;
i have received the below Ransom Message.
| All your data is backed up. You must pay 0.0097 BTC to bc1qfnu6j2n54k58uduufzuthhy7qn3sx7zalyuytz In 48 hours, your data will be publicly disclosed and deleted. (more information: go to paste.sh · encrypted pastebin) |
| After payment send mail to us: rambler+25i73@onionmail.org and we will provide a link for you to download your data. Your DBCODE is: 25I73
I’m seeking advice on how to proceed without making any rash decisions in this panic situation. Any help or guidance would be greatly appreciated!
Regarding the payment in BTC, my recommendation is don’t do!
Create a fresh installation using your existing backups, and destroy that one, because is really hard to predict how compromised this instance is right now!
Also ensure your new instance is deployed in production mode!
If possible, use docker deployments as they are more reliable and don’t expose your root server!
Also Frappe and ERPNext have security hardened!
Finally, going to Frappe Cloud, will guarantee you never will have to deal with those issues for a fair price!