【家族名】
Win32/Ransom.RADAR
[平台] / [主类型] . [家族名]
平台类型 : Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
修改文件后缀为
360社区
【勒索提示信息】:
文件名:README_FOR_DECRYPT.txt
文件内容 :
-------------------------------------------------------------------------------
RADAR
Your network has been breached and all major data were encrypted.
Important files have been downloaded from your servers and are ready to be published on TOR blogs.
To decrypt all the data and prevent exfiltrated files to be disclosed on TOR blogs, dataleak forums, dataleak databases, telegram channels etc with lot of tags/videos on twitter/facebook you should purchase our decryption tool. We will provide you a proof video how our Decryption Tool works.
Please contact our sales department at Skype: https://join.skype.com/invite/MO0SAOWRh0zo
We appreciate and respect everyone, that's why in Skype you will get a proof, we will record a video of 5-10 files of your choice.
Follow the guidelines below to avoid losing your data:
- Do not modify, rename or delete encrypted files. In result your data will be undecryptable.
- Do not modify or rename encrypted files. You will lose them.
- Do not report to the Police, FBI, etc. They don't care about your business. They simply won't allow you to pay. As a result you will lose everything and your data, recorded data on videos etc will be published.
- Do not hire a recovery company. They can't decrypt files without our Decryption Tool. They also don't care about your business. They believe that they are good negotiators, but it is not. They usually fail. You should contact with us yourself and we'll guarantee you 10077BCB65CA365CF885446C7CB6B4ABA99uccessful decryption without any loss + exfiltrated data erasing from our servers.
- Do not reject to purchase RADAR Decryptor from us, otherwise exfiltrated files will be publicly disclosed with video of files.
P.S. Do not repeat the same mistakes as other companies did with us, for example our old case with a small Spain Company: ALVAC S.A. Their Website - https://alvac.es
Our media team published files and videos, because they didn't pay as in time. Small part of proofs:
https://vimeo.com/752214614
https://hacknotice.com/2022/10/01/alvac-sa/
https://twitter.com/elhackernet/status/1576678217603502080
https://twitter.com/search?q=alv ... ed_query&f=live
Lot of telegram channels like https://t.me/elconfidencial , https://t.me/baseleak , all darkweb resources list from here - https://github.com/fastfire/deepdarkCTI/blob/main/telegram.md
We have a direct contact with a list of ransomware owners in jabber and tox, you can see all the companies that refused to cooperate with us, TOR/onion URLs: http://xb6q2aggycmlcrjtbjendcnnw ... 6cmod3emy7sad.onion
http://mbrlkbtq5jonaqkurjwmxftyt ... kknndqwae6byd.onion
http://bianlianlbc5an4kgnay3opde ... 3dnbz3uaunad.onion/
http://alphvmmm27o3abo3r2mlmjrpd ... 7ejksbpsa36ad.onion
http://knight3xppu263m7g4ag3xlit ... zrscqlfu3pqd.onion/
For ALVAC SA we hired 3rd party team of data analysts with OSINT-specialists. Because of adding such 3rd parties, the price for Decryption Tool and exfiltrated data erasing has been increased. In result they suffered significant problems due disastrous consequences, leading to loss of valuable intellectual property and other sensitive information, GDPR issues, costly incident response efforts, information misuse/abuse, loss of customer trust, brand and reputational damage, legal and regulatory issues. And it will never end for them, as their files are constantly downloaded and videos are viewed by people from all over the World.
That's why we don't recommend to ignore us.
Let's respect each others time.
With best Regards, RADAR
-------------------------------------------------------------------------------
修改桌面显示:
360社区
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
评论
直达楼层