Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

All Data is Encrypted by exploit of CVE-2023-22518

quannd
quannd December 1, 2023

Hi support center,

I choose Confluence, Jira products' License from 2019/2021. 

I was using Confluence V7.19.4 until 2023/11/05, then is infected with ransomware by CVE-2023-22518 vulnerability.

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server | Atlassian Support | Atlassian Documentation

Unfortunately I lost all the backup file because the encryption of the ransomware C3RB3R

More over, and when I open confluence web site it return to Initial Setup stage so all the DB data is clear at that time.

Do you have any method to recovery backup, while my backup file is encrypted with .LOCK3D extension.

Here is the solution to remove but not to restore data. 

C3rb3r DECRYPTOR Virus [.L0CK3D Files] Removal [5 Min Guide] (sensorstechforum.com)

Till now I haven't found any decryption software for it.

Please help if you have full the resolution for recovery data of Confluence in this case.

Thank you & best regard,

(Mr) Quan Nguyen Duc

 

Answer
Watch
Like Ndofunsu likes this
1143 views

2 answers

1 vote
Fadoua
Fadoua
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 2, 2023

Hi @quannd 

Sorry for the problem you are going through.

I will suggest you to raise a support ticket with Atlassian as your case is little bit different than a regular question more related to the application usage itself.

Please click here

Best of luck!

Fadoua

View More Comments
quannd
quannd December 5, 2023

Unfortunately in my case, I restored all VM Host to previous state without check if there was anything backup remain. Because I was afraid of being infected with ransomware again. 

When I was fixing another problem I found there are the recovery backup set in previous upgrade times.

But all previous data are restored so there is nothing backup left!

Like
Reply
0 votes
quannd
quannd December 2, 2023

@Fadoua @Thank you! I hope the problem is resolve as soon as possible

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
VERSION
7.19.4
TAGS
AUG Leaders

Atlassian Community Events

    See all events