Recently started to work with HA, I came from OpenHab, let me first say thanks to all you people for making a great product with great support!.. Now my question;
I’m a bit embarrassed to tell, but last week my PC got hacked an “hackers” gained access to my machine… From that machine a share was opened to my HA config folder…
Ransomware was installed and all personal files were crypted, including all the files on HA share (config folder and backup folder). I was still busy with migrating from OpenHab etc, so no backups have been transferred outside of the Intel NUC (running device for HA).
Currently, HA is still running fine with all files crypted (I assume it is loading all automations etc from memory?). I guess my question is… Is there any change of getting the automation, configuration, script etc back from memory? I also have access to the GUI still. I’m afraid that, after a reboot or reload of HA, everything is gone and I have to start over… Maybe eventually, but I can always try right…
Try creating a snapshot and hope it doesn’t get encrypted before you get it off the machine. I would closely inspect the contents of the snapshot to ensure it doesn’t have anything that could infect the new host.
You can download the snapshot to any machine from the UI.
Out of curiosity. Do you know what caused you being hacked?
Something you yourself downloaded, or a program with an open door? What environment is it. Nas and couple of pc’s?
