Hades勒索病毒家族详情
【家族名】Win32/Ransom.Hades
[平台] / [主类型].[家族名]
平台类型 :Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
被加密文件后缀格式: 修改文件后缀为.cm99v
【勒索提示信息】:
文件名:HOW-TO-DECRYPT-cm99v.txt
文件内容 :
-------------------------------------------------------------------------------
[+] What happened? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on you computer has extension *.cm99v
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant get back your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practiсe - time is much more valuable than money.
[+] How to get access on website? [+]
Using a TOR browser!
- Download and install TOR browser from this site: https://torproject.org/
- Open our website: http://o76s3m7l5ogig4u5.onion
- Follow the on-screen instructions
Extension name:
*.cm99v
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) will make everything possible for restoring, but please do not interfere.
-------------------------------------------------------------------------------
【暗网】
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
【相关情报】
页:
[1]