【家族名】
Win32/Ransom.Dark Angels
[平台] / [主类型] . [家族名]
平台类型 : Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
新增扩展名.babyduck
360社区
【勒索提示信息】:
文件名:ATTENTION!!!.txt
文件内容 :
-------------------------------------------------------------------------------
___ _ _____ _
| _ \ | | | __ \ | |
| |_) | __ _| |__ _ _ | | | |_ _ ___| | __
| _ < / _` | '_ \| | | | | | | | | | |/ __| |/ / o<
| |_) | (_| | |_) | |_| |_| |__| | |_| | (__| < >{=}
|____/ \__,_|_.__/ \__, (_)_____/ \__,_|\___|_|\_\
__/ | _
|___/ | | |
__ _ _ _ __ _ ___| | __ __ _ _ _ __ _ ___| | __
/ _` | | | |/ _` |/ __| |/ / / _` | | | |/ _` |/ __| |/ /
| (_| | |_| | (_| | (__| < | (_| | |_| | (_| | (__| <
\__, |\__,_|\__,_|\___|_|\_\ \__, |\__,_|\__,_|\___|_|\_\
| | | |
|_| |_|
Ducky has got your files encrypted!
This happened because you were not paying attention to your security.
Ducky will give you your files back if you pay him a bit of crypto.
1000 XMR to address
41oKF4szxFGVDPsYD9WKa28uJVLJgU9zRUr2uv6cSfy8JzifqFJvBgo8QHkFxD8qWz2J4WjiNzv833j8udDJ4sr16q3Q72J
*****************************************************
DUCKY WILL MAKE YOUR DATA PUBLIC IF U DON'T BEHAVE!!!
*****************************************************
Use TOR browser (https://www.torproject.org/download/) and follow this link, to get the proof of your data is really fucked up
babydfa6yzdx6otdqjgvk53kpqove5cuhpnr7rjigu5rujo25itdnyyd.onion
————————————————————————————————————————————————————-
If you want beg for mercy or negotiate the price, download TOX chat client, and find Ducky there
39D7A4B1E29EEA250523ABFBDB604289DE8513BB71566CDB43E95A73A618957B11820AC343E7
AGAIN, READ UP HERE!!! YOU’VE GOT 72 HOURS
1000 XMR to address
41oKF4szxFGVDPsYD9WKa28uJVLJgU9zRUr2uv6cSfy8JzifqFJvBgo8QHkFxD8qWz2J4WjiNzv833j8udDJ4sr16q3Q72J
Don't worry, if you behave and pay - you'll get your files back;)
Or you’re gonna be fucked up. Quack-quack…
YOUR KEY IS
RWRxmbgCt+0wPvdZ0alM7J46oqsOBTtud3E8zRznnCT0q0u7X971eWUN
-------------------------------------------------------------------------------
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
评论
直达楼层