8Base勒索软件家族详情
【家族名】Win32/Ransom.8Base
[平台] / [主类型].[家族名]
平台类型 :Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
被加密文件后缀格式: 修改文件后缀为:.id.[support@rexsdata.pro].8base
【勒索提示信息】:
文件名:info.txt
文件内容 :
-------------------------------------------------------------------------------
!!!All of your files are encrypted!!!
To decrypt them send e-mail to this address: support@rexsdata.pro.
Write us to the Tox Messanger: 1167BDDAA32671D52932698FF508CFF194BF9E9B35E91BFBA7AD803C0A57EB41BB23880DD595
-------------------------------------------------------------------------------
【弹窗】
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
Dear Management,
If you are reading this message, it means that:
\- your network infrastructure has been compromised,
\- critical data was leaked,
\- files are encrypted
Text
--------------------------------------------------------------------------
The best and only thing you can do is to contact us
to settle the matter before any losses occurs.
Text
Onion Site:
http://basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onion/
Telegram Channel:
https://t.me/eightbase
--------------------------------------------------------------------------
1\. THE FOLLOWING IS STRICTLY FORBIDDEN
Text
1.1 EDITING FILES ON HDD.
Renaming, copying or moving any files
could DAMAGE the cipher and
decryption will be impossible.
Text
1.2 USING THIRD-PARTY SOFTWARE.
Trying to recover with any software
can also break the cipher and
file recovery will become a problem.
Text
1.3 SHUTDOWN OR RESTART THE PC.
Boot and recovery errors can also damage the cipher.
Sorry about that, but doing so is entirely at your own risk.
Text
--------------------------------------------------------------------------------------------------
2\. EXPLANATION OF THE SITUATION
Text
2.1 HOW DID THIS HAPPEN
The security of your IT perimeter has been compromised (it's not perfect at all).
We encrypted your workstations and servers to make the fact of the intrusion visible and to prevent you from hiding critical data leaks.
We spent a lot of time researching and finding out the most important directories of your business, your weak points.
We have already downloaded a huge amount of critical data and analyzed it. Now its fate is up to you, it will either be deleted or sold, or shared with the media.
2.2 VALUABLE DATA WE USUALLY STEAL:
\- Databases, legal documents, personal information.
\- Audit reports.
\- Audit SQL database
\- Any financial documents (Statements, invoices, accounting, transfers etc.).
\- Work files and corporate correspondence.
\- Any backups.
\- Confidential documents.
Text
2.3 TO DO LIST (best practies)
\- Contact us as soon as possible.
\- Contact us only in our live chat, otherwise you can run into scammers.
\- Purchase our decryption tool and decrypt your files. There is no other way to do this.
\- Realize that dealing with us is the shortest way to success and secrecy.
\- Give up the idea of using decryption help programs, otherwise you will destroy the system permanently.
\- Avoid any third-party negotiators and recovery groups. They can become the source of leaks.
Text
--------------------------------------------------------------------------------------------------
3\. POSSIBLE DECISIONS
Text
3.1 NOT MAKING THE DEAL
\- After 4 days starting tomorrow your leaked data will be Disclosed or sold.
\- We will also send the data to all interested supervisory organizations and the media.
\- Decryption key will be deleted permanently and recovery will be impossible.
\- Losses from the situation can be measured based on your annual budget.
Text
3.2 MAKING THE WIN-WIN DEAL
\- You will get the only working Decryption Tool and the how-to-use Manual.
\- You will get our guarantees (with log provided) of non-recovarable deletion of all your leaked data.
\- You will get our guarantees of secrecy and removal of all traces related to the deal in the Internet.
\- You will get our security report on how to fix your security breaches.
Text
--------------------------------------------------------------------------------------------------
4\. EVIDENCE OF THE LEAKAGE
In our contact form or mail:
Text
http://basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onion/contact
helpermail@onionmail.org
8filesback@onionmail.org
--------------------------------------------------------------------------------------------------
5\. HOW TO CONTACT US
Text
5.1 Download and install TOR Browser https://torproject.org
5.2 Go to our contact form website at http://basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onion/contact
5.3 You can request sample files chat to review leaked data samples.
5.4 In case TOR Browser is restricted in your area use VPN services.
5.5 All leaked Data samples will be Disclosed in 4 Days if you remain silent.
5.6 Your Decryption keys will be permanently destroyed at the moment the leaked Data is Disclosed.
--------------------------------------------------------------------------------------------------
6\. RESPONSIBILITY
Text
6.1 Breaking critical points of this offer will cause:
\- Deletion of your decryption keys.
\- Immediate sale or complete Disclosure of your leaked data.
\- Notification of government supervision agencies, your competitors and clients.
Text
--------------------------------------------------------------------------------------------------
页:
[1]