关闭

绑定手机号

应国家法规对于账号实名的要求,请您在进行下一步操作前,需要先完成手机绑定 (若绑定失败,请重新登录绑定)。了解更多

不绑定绑定手机号

360官网 | 会员商城 | 360手机官网 | 社区客户端

推荐论坛版块活动众测会员商城福利换券
本帖最后由 Potato 于 2019-11-25 18:44 编辑
相关阅读:Medusalokcer勒索病毒样本分析,我是链接请点我。
勒索病毒家族名称:MedusaLocker
是否支持解密:
详情:
被加密文件:
被加密文件后缀格式: encrypted

360社区

360社区

勒索提示信息:
文件名:HOW_TO_RECOVER_DATA.html
文件内容 :
-------------------------------------------------------------------------------
All your data are encrypted!
What happened?
Your files are encrypted, and currently unavailable.
You can check it: all files on you computer has new expansion.
By the way, everything is possible to recover (restore), but you need to buy a unique decryptor.
Otherwise, you never cant return your data.

For purchasing a decryptor contact us by email:
Folieloi@protonmail.com
If you will get no answer within 24 hours contact us by our alternate emails:
Ctorsenoria@tutanota.com

What guarantees?
Its just a business. If we do not do our work and liabilities - nobody will not cooperate with us.
To verify the possibility of the recovery of your files we can decrypted 1 file for free.
Attach 1 file to the letter (no more than 10Mb). Indicate your personal ID on the letter:
BE8D716B4A90B94D87DE03FEA33DC48A575CB2BCB7C64F43482EA60707AF27A7D4DB73EB6CA9C1B3BA97BAA6EDC95E3BC9D3A95768BEDAD001D1861216928E1C
D9577CBBF4627FB0BE290B17C4D6870DF26EEFF88B0DD8C019464BA8DEB53EB87F33331191B9C5660FF8FD37129E4909D9C39A5CEC3BEF4E6F7A877548F1
618BBF8FC7F226691E246057AA5976E46591FB78E28E8A147C753FF907E670B743C1E2057BB6C1C67C9F4FCE0CFA913A5EF8FCCCD77A6571C0819E5AA9BC
A7F5532F78A452A6FB0C3F13B312BC742D84519C628160D956EBF605565B9189875D52B450E032D51C8EFFC5F43179CCE9F5E14ECB2A2BA3F89C18A82CD7
70833ED81C358C54428BC8F890C6211E961F34F16F2A1170915F3C42EEE90093AE7DD90D0EB4A7BD6904B868D3FF0992ECFC50C2F271CAD300409030FB21
712695574D253847EDB194305F35BB5682C5B49C1000EEA99FC87310174EA6BAFB6A61DA1DE0E72513D72F503D094828E17C4C913974D2AE1A607DDC9E50
9674F78BF4F55745210243FFE5D357E9334176F36045AA486C04568109AE6AC2DBA162B0ECD6E109B34144B99485BDD5E74451E1D438D2C0ED272C44DDE6
144AEF66BB23796CC6DF0F7122BE05BDF78A61B56E1CA065C2C0D95D962D6C3730D7569606DFD394757E682C3610C08900F5873A54C6B82CD5263A93D4F3
9D89DF6C04B89A5E0C2820D9DF7D
Attention!
- Attempts of change files by yourself will result in a loose of data.
- Our e-mail can be blocked over time. Write now, loss of contact with us will result in a loose of data.
- Use any third party software for restoring your data or antivirus solutions will result in a loose of data.
- Decryptors of other users are unique and will not fit your files and use of those will result in a loose of data.
- If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key.

-------------------------------------------------------------------------------
弹窗:

360社区

360社区

传播途径:
该勒索病毒家族从2019年10月份开始传播,目前主要通过暴破远程桌面口令后手动投毒。
远程桌面防护建议:
1.        建议设置长度为18位  大小写加字符加数字  最好每三个月更换一次密码
2.        卫士目前已经支持弱口令防护 除xp系统外 都支持

360社区

360社区

防护建议:
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。

360会员商城|360年货节,全场7.9元起

共 9 个关于MedusaLocker勒索病毒家族的回复 最后回复于 2019-11-28 19:07

评论

直达楼层

Potato 产品答疑师 楼主 发表于 2019-10-24 12:32 | 显示全部楼层 | 私信
家族:MedusaLocker
黑客邮箱:willyhill1960@protonmail.comwillyhill1960@tutanota.com 
被加密文件后缀:encrypted
Potato 产品答疑师 楼主 发表于 2019-10-30 17:52 | 显示全部楼层 | 私信
家族:MedusaLocker勒索病毒家族
黑客邮箱:sambolero@tutanoa.comrightcheck@cock.li
被加密文件后缀: encrypted
勒索提示信息:
---------------------------------------------------------------------------------


All your data are encrypted!

What happened?
Your files are encrypted, and currently unavailable.
You can check it: all files on you computer has new expansion.
By the way, everything is possible to recover (restore), but you need to buy a unique decryptor.
Otherwise, you never cant return your data.

For purchasing a decryptor contact us by email:
sambolero@tutanoa.com
If you will get no answer within 24 hours contact us by our alternate emails:
rightcheck@cock.li

What guarantees?
Its just a business. If we do not do our work and liabilities - nobody will not cooperate with us.
To verify the possibility of the recovery of your files we can decrypted 1 file for free.
Attach 1 file to the letter (no more than 10Mb). Indicate your personal ID on the letter:
4736D57E5BF18095F38680466BF6F06F279BA2CFB167E26AAA2F8FA534243D206E8E75AE9328F11846C1E4780DD05111D73A165E1CAF9F626F57EBD799428ADF
6121B0CF0C1D588BEBE2914F7E988657BCC2D709CEF343E5953C7568B5D2E21AC7CCB97C6755F7476DC790F1BA818857B0A21FF2C4951F85BE3BBE5634AA
F4785B0E1B6EDB64F58447942FC7DAC845B20067B15C80C04A494B84FDD550C145C65B072E10963A459D4661FB9E07BE7D2AFC02BDA822B7DFBBAC036C5B
F238EE1A47A6B580E91C6906C1FE1551DD48AD3C89E5795C15470E368AB2AD36E54C5732FA8241993EFB793C7BF2729398C606E192763DC55D1FD915431A
373C4166BDB7B65FDD858644A9299D0DAE37059E6B2AD949A67FAD4F8AFFC49A90F78B88529A5E08530A2F9C58A10C81E741DF8163CBC911863153C4FCDB
3034E816EEF07F204A6A3B9850E4976D95890D988490021EC29AB2A7ADC357DB3F4B2EBF716D11AAF3A69DF205F0CE5EF7966D0A7D1A54EDED488902D39C
95A3B2E6F597794D00801B2F2A01D7BC4682C63F952051F7B269E8C001B63B5EC9834AA2DF347D0D54D7852BFC3D0AB8F7F3061527D97020575D8D40F082
8796E98F3E885103C87DD5A59B032305E296E46DDD7758C3AB9174E4F26A077F95E41788D733A2A58ACAD2B5AEE03091978C687537F25EDE4AA7C1D324FB
2DC27340CA3B61910A4AC7E964AD



Attention!



- Attempts of change files by yourself will result in a loose of data.
- Our e-mail can be blocked over time. Write now, loss of contact with us will result in a loose of data.
- Use any third party software
Potato 产品答疑师 楼主 发表于 2019-10-30 17:55 | 显示全部楼层 | 私信
家族:MedusaLocker勒索病毒家族
黑客邮箱:crypt2020@outlook.comcryptt2020@protonmail.com
被加密文件后缀:encrypted
Potato 产品答疑师 楼主 发表于 2019-11-1 18:28 | 显示全部楼层 | 私信
本帖最后由 Potato 于 2019-11-11 10:32 编辑
家族:MedusaLocker勒索病毒家族
黑客邮箱:willyhill1960@protonmail.comwillyhill1960@tutanota.com
被加密文件后缀:readtheinstructions

360社区

360社区


Potato 产品答疑师 楼主 发表于 2019-11-8 11:40 | 显示全部楼层 | 私信
家族:MedusaLocker勒索病毒家族
黑客邮箱:fartcool@protonmail.chbestcool@keemail.me
被加密文件后缀:ReadTheInstructions
Potato 产品答疑师 楼主 发表于 2019-11-12 14:48 | 显示全部楼层 | 私信
家族:Medusalocker勒索病毒家族
黑客邮箱:goodmen@countermail.com,goodmen@cock.li  
被加密文件后缀:encrypted18

360社区

360社区

360fans33233933 LV2.下士 发表于 2019-11-14 11:08 | 显示全部楼层 | 私信
您好 我的主机也中招了这个后缀,目前只有主机感染了,同一条网线内的其他电脑暂时没发现问题,都有装了360卫士,现在比较担心病毒会不会扩散到其他电脑,其他电脑里面的文档需要怎样操作才比较保险,如果有潜伏的病毒,有移动储存设备拷贝会不会把病毒也一起考了。主机中招的时候是突然蓝屏,以为是死机,重启后发现被锁了,后缀也是.ReadTheInstructions,现在打算换新的电脑,原先电脑的文档用什么方式转移到新设备才保险呢 谢谢
Potato 断网后处理 
2019-11-14 16:40回复
Potato 产品答疑师 楼主 发表于 2019-11-25 18:46 | 显示全部楼层 | 私信
家族:Medusalocker勒索病毒家族
勒索提示信息:
All your data are encrypted! What happened?  Your files are encrypted, and currently unavailable.  You can check it: all files on you computer has new expansion. By the way, everything is possible to recover (restore), but you need to buy a unique decryptor.  Otherwise, you never cant return your data.  For purchasing a decryptor contact us by email:  broccoli007@protonmail.com If you will get no answer within 24 hours contact us by our alternate emails:  broccoli007@cock.li   What guarantees?  Its just a business. If we do not do our work and liabilities - nobody will not cooperate with us. To verify the possibility of the recovery of your files we can decrypted 1 file for free.  Attach 1 file to the letter (no more than 10Mb). Indicate your personal ID on the letter: 1F7E2B3C3A3431D7ED370297920F320CBEAA3E543FFF1BF507FAC4A2080D0795E959EDF56AAC2A3D6742F6CE37FF5A548D4FC2834F7D452F81F787BA392AC666 8E82380D98BA8ADD884820FF8E8EC5B31D45E8F67ABD556EC2033061CECC558CBA7EBE44F238C487782C2B334947605922BEAD3C7D2A208F85397EBC6B18 48C38D03CA39DDDDC9361108A59E633F9E23C9F8DCA130353BEA1B8F37FB779A9C49720EAF4D39518CA56B0812EC49C4060DA8E31460862DD16C565FAC5B E8D52961217B06C58641BFF73F0AF7F6D3281820870EA332E132044D9ABC2464906FE819E6CC19D3D7DBC3F124C89E06A7AB05ADE06D0C248D401392C142 CDF59B9F51AFFBC7B4FDA8754DFAD7BBDA1B47A4F4D7EEC5AA6A71A09E722AD2B30806260AD1FA1C34F8085E4C0AFA1F44ADC24FB77101F4E7B392542B15 8AE9CFEDE9B6AAF340D37EC3D77AE3D1803F5E59F34A3AB5A9378615D16D017751CBCC062415F6787780EA47AB22805AF7C09CA0F522E1D2D513E841F292 00AE8C96FB4AE793F7913325C4274BCFD828DCB1D6A80E5A16F81895799A25EE5EF05A82FA6521CDFAB66B122EAE44E2ED9C4AD2FBA7C0E4BA35BD69F719 46170D4246991E90C59976B04E3947F2B58D233B81D8F24A4300F2E720A739D7263E527D122C19E66693E85043A0A098C4C605A09872D78C08BD4850FEB4 29F69F6B78F9F206385EF25CCE75  Attention! - Attempts of change files by yourself will result in a loose of data.  - Our e-mail can be blocked over time. Write now, loss of contact with us will result in a loose of data. - Use any third party software for restoring your data or antivirus solutions will result in a loose of data.  - Decryptors of other users are unique and will not fit your files and use of those will result in a loose of data. - If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key.
Potato 产品答疑师 楼主 发表于 2019-11-28 19:07 | 显示全部楼层 | 私信
家族:Medusalocker勒索病毒家族
黑客邮箱:contaktesme@protonmail.com,contaktme@firemail.cc
被加密文件后缀:encrypted
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Potato 产品答疑师

粉丝:6 关注:0 积分:2061

精华:0 金币:1162 经验:1583

最后登录时间:2020-1-22

私信 加好友

最新活动

新春活动

排行榜

热度排行 查看排行
今日 本周 本月 全部
    今日 本周 本月 全部

      内容推荐 热门推荐最新主帖

        关注360粉丝团,回复:抽奖,每周抽一个锦鲤大奖,等啥呢?扫它!!!

        快速回复 返回顶部 返回列表