cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
We're back with another cheat sheet to make your 2022 easier than ever! Check out our tips here

Dropbox files & folders

Get in sync with the Dropbox Community. Our members can answer all your questions on Dropbox files and folders. Join a discussion or start your own today.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Ransomware attack could delete Dropbox files permanently without ability to restore them

Ransomware attack could delete Dropbox files permanently without ability to restore them

Ahmad Omran
Helpful | Level 5

Hello,

 

"I'm sorry I cannot be more helpful"

 

We thought that with Dropbox business our data is fully protected, but it turned out that we were completely wrong. We lost our data and the only justification was the quoted above!

 

We have faced an attack of a ransomware which's encrypted our account's data, and after doing our investigation, it turned out that ransomware has accessed the Dropbox web interface and applied an action to delete all the existing files and folders in the account, then it's applied an action to delete all the files and folders permanently.

 

I'm sure 100% a few folders have been synced with the affected machine; so practically, only those folders should be encrypted, but once I found all my files and folders has been encrypted on the web, I'm sure the ransomware accessed Dropbox web interface.

I wonder how Dropbox haven't any protection against such an action, while I found that another affected user reported about the same problem recently:

 

https://www.dropboxforum.com/t5/Dropbox-files-folders/Reversing-changes-on-Dropbox-after-ransomware-... 

 

All of us know that delete files from Dropbox permanently isn’t' an easy process especially from an account linked with PC, as we have to pass over a process of 5 steps:

 

1- Click on the Dropbox desktop app

2- Open from the web / open Dropbox.com

3- Select all the files and folders and hit delete 

4- Show deleted files

5- Select the files/folders and hit delete files permanently

 

Or there is a backdoor in the installed files for Dropbox lets the attack access the account page, on other mean, the same page that we request once we click open from the web on the desktop app/ open Dropbox.com.

Also, I realized after request access the files from the web, and as usual Dropbox access your account directly without ask you to enter a password, I tried to sign out of my account over the web interface to check if in the next access try is Dropbox will let me access or no? unfortunately, it's accessed the account!

 

Knowing, we have submitted many tickets for the support and restoration team, all of the answers were "we can't restore permanently deleted files" and after push on the ticket, they took almost 15 days with the same non sensible result. none of the provided solution has been worked, neither give them the files&folders name/deleted date, account rewind, account recovery, disable delete permission for the team members, but this feature isn't valid for the admin! what if the admin account has been affected? ..etc

 

I believe Dropbox must protect their users by allowing recovering the files of such incidents using snapshots from older days, older backup, offsite backup ..etc , there is no technology protected 100% or is a free bugs, so they must have another data-store to keep the users in safe side! 

 

We are extremely disappointed after putting our trust in this cloud storage for 4 years and after adopting it as a crucial point to our backup. their team can't support me in critical accident. While other cloud storage providers offer higher protection layers, such as personal vault, we preferred to keep working with Dropbox! that wasn't what we have waited for 😞 

 

Without doubts there must be a methodology to make two-way verification to accept delete huge amount of the data/files, and solve the auto access issue of a signed out account / remove the stored credential, also there should be lockable folder, otherwise, there is nothing protecting you in such platform!

 

This case must be escalated for the management team in Dropbox to find serious solutions. Don't wait to be one of the affected users then receive the same response "I'm sorry I cannot be more helpful"

 

Regards,

5 Replies 5

Re: Ransomware attack could delete Dropbox files permanently without ability to restore them

Daphne
Dropboxer

Hey there @Ahmad Omran, thanks for reaching out!

 

First of all, I'm sorry to hear about the situation with the ransomware attack and the deletion of your files. It's a very unfortunate situation indeed.

 

Since you mentioned already reaching out to our Support team, would you mind letting me know your ticket number (eg. #1234567), so that I can check on this from my side?

 

In the meantime, while I understand it's not of much help for what already happened, I could suggest posting your suggestion for a feature like two step verification for permanently deleting files in our dedicated area of the Community here.

 

In cases like this, I can see how this would be a useful addition in terms of the security of your files.

 

Looking forward to hearing back from you!


Daphne
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, please give it a Like below.
:arrows_counterclockwise: Still stuck? Ask me a question!
:pushpin: Tips & Tricks Find new ways to stay in flow or share your tips on how you work smarter with Dropbox.

Re: Ransomware attack could delete Dropbox files permanently without ability to restore them

Ahmad Omran
Helpful | Level 5

Hello Daphne,

 

Our ticket number is #11675439

 

Also we will move the ticket for the suggested team.

 

Regards,

 

Re: Ransomware attack could delete Dropbox files permanently without ability to restore them

Daphne
Dropboxer

Thanks for the ticket number @Ahmad Omran.

 

As this is a public platform, we can't offer anything further here regarding your case due to the sensitive info we'd need to discuss.

 

From my side, I've made sure to pass along your comments. If there's anything further you'd like to add, please reply back to the ticket you referenced, as this will be directly with our specialists.

 

Please feel free to give me a nudge here if you need anything else, and I'd be happy to help where I can from here.


Daphne
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, please give it a Like below.
:arrows_counterclockwise: Still stuck? Ask me a question!
:pushpin: Tips & Tricks Find new ways to stay in flow or share your tips on how you work smarter with Dropbox.

Re: Ransomware attack could delete Dropbox files permanently without ability to restore them

Ahmad Omran
Helpful | Level 5

Hello Daphne,

 

Just let me correct your feedback, you can't offer anything further here not because it's public community, but because Dropbox doesn't have any logical feedback about my case, and because they haven't taken any serious actions to protect the users’ data!

Already we have provided all the required information in private for your team, even we have request recover our files for a month back, but your team said sorry we can't recover your files!! Furthermore, the affected user who faced the same issue and already I mentioned him in the first text from my side, his issue isn't closed officially, so either you don't have reliable backup system, or your team aren't willing to provide the enough support!


All the users should be careful here once using Dropbox, otherwise, all of them will write the same feedback within a few months.

 

Regards,

 

Re: Ransomware attack could delete Dropbox files permanently without ability to restore them

ZaCloud
Helpful | Level 5

Wow... And I thought that Dropbox has recently been touting their Ransomware Protection. Doesn't seem to have worked very well...

Need more support?