Potato 发表于 2020-3-13 20:04

Teslarvng勒索病毒家族详情

本帖最后由 Potato 于 2020-4-10 17:17 编辑

勒索病毒家族名称:Teslarvng勒索病毒家族
是否支持解密:否
详情:
被加密文件:
被加密文件后缀格式: [de-crypt@foxmail.com]1.teslarvng

勒索提示信息:
文件名:How To Recover.txt
文件内容 :
-------------------------------------------------------------------------------
[+] What's happened ? [+]
all your files have been encrypted(locked) by us

[+] what should i do [+]
keep calm and message us

[+] do you guarantee recovery of my files?[+]
it's our job, we can decrypt like we did encrypt and we'll prove that
(unfortunately it's not free, and have to pay a small amount for it )
you'll receive decryption program witch makes your files and system just like they were

[+] well then how should i contact you [+]
email : de-crypt@foxmail.com
email2 : helptounlock@protonmail.com
just mail us with you teslarvngID file in attachment (the file on all you folders besdie this file )
you should receive answer in 24h max

[+] how can i trust you[+]
you get what you pay for, this is our business and we have customer satisfaction rates witch affects later customers decision
we decrypt one file for free for ensuring recoverability of your files
you'll sure do recover your files after payment because
if we don't our repopulation will go bad and others won't make payment. sure we don't want that

[+]should i try third party tools[+]
we use very strong military-grade encryption method
you're free to try but none can work without our privatekeys,
make sure to make a backup of encrypted files before trying tools because they can corrupt your files and make them undecryptable

-------------------------------------------------------------------------------
传播途径:
于2020年3月初发现该勒索病毒,从中招用户反馈机器上的日志分析该用户是被黑客通过远程桌面入侵导致文件被加密。
防护建议:
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。

简简单单chao 发表于 2020-3-16 12:00

安全第一,就用360!

Potato 发表于 2020-6-15 19:10

家族:Teslarvng
被加密文件后缀:yakuza
黑客邮箱:skypaym@protonmail.com

Potato 发表于 2020-7-1 17:28

家族:Teslarvng
邮箱:maedeh81@yakuzacrypt.com
maedeh81@firemail.cc

Potato 发表于 2021-3-5 18:54

家族:Teslarvng
被加密文件后缀:teslarvng1.5
黑客邮箱/Url:eurocrypt@hotmail.com

Potato 发表于 2021-6-18 11:05

家族:Teslarvng
被加密文件后缀:teslarvng2
黑客邮箱/Url:unknownteam@criptext.com
页: [1]
查看完整版本: Teslarvng勒索病毒家族详情