GroundingConductor勒索软件家族详情
【家族名】Win32/Ransom.GroundingConductor
[平台] / [主类型].[家族名]
平台类型 :Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
被加密文件后缀格式: 修改文件后缀为@filename.{<random{8-4-4-12}>}.Grounding Conductor.@fileext
【勒索提示信息】:
文件名:
文件内容 :
-------------------------------------------------------------------------------
CAN I DECRYPT MY FILES ?
YES.
SURE.
We guarantee that you can recover FULL of your data easily!. We are give you full instruction. And help you untill decryption process is totaly finished.
CONTACT US:
Download the (Session) messenger (https://getsession.org) in messenger :ID"05bc5e20c9c6fbfd9a58bfa222cecd4bbf9b5cf4e1ecde84a0b8b3de23ce8e144e" You have to add this Id and we will complete our converstion.
You have to pay for decryption BITCOIN ONLY!
!!! ATTENTION !!!
IF YOU WILL CONTACT DATA RECOVER COMPANY THEY WILL WASTE YOUR TIME AND TRY TO GET MONEY FROM YOU, than they will try to contact us and try to got your money from 2 sides.
REMEMBER : IF SOMEONE PROMISE YOU DECRYPT !!! YOUR PERSONAL INFORMATION IS ONLY IN OUR HANDS !
REMEMBER !!!! This money will be from your pocket any way.
We can give you 1 - 2 encrypted files not big , NOT VALUE,for test (You send us encrypted we send you back decrypted data).
You data encrypted and only WE ARE have decryption key.(To decrypt your data you need just 1-3 hours, after payment to got your data back fully )
Do not rename encrypted files, do not try to decrypt your data by using third party software, it may permanent data loss.
We have been in your network for a long time. We know everything about your company most of your information has already been downloaded to our server. We recommend you to do not waste your time if you dont wont we start 2nd part.
You have 12 hours to contact us.
Otherwise, your data will be sold or MADE PUBLIC!
IF YOU CONTACT DATA RECOVERY COMPANIES !!!! YOU MUST UNDESTAND YOU HAVE SO MUCH MORE CHANSE TO BE PUBLISHED ! ! !
We have a lot info about you and your clients , its can kill your organization ! DONT KILL YOU PESONAL AND BUSSINES.
PAY and NO ONE WILL BE KNOW ABOUT THAT situation
-------------------------------------------------------------------------------
【备注】
勒索提示信息被写入到每个被加密文件的头部
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
页:
[1]