【家族名】
Win32/Ransom.Abyss
[平台] / [主类型] . [家族名]
平台类型 : Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
新增扩展名:.siqnH
360社区
【勒索提示信息】:
文件名:WhatHappened.txt
文件内容 :
-------------------------------------------------------------------------------
We are the Abyss.
Your company Servers are crypted and your data has been stolen to our servers.
Good news for you:
1) We can restore your entire system.
2) We are not interested in publishing your information.
3) Our motivation is purely financial.
4) We are open to negotiations.
5) We are ready to maintain complete confidentiality of this incident.
Let's explain the further steps in the situation:
You can seek help from authorities - unfortunately, this path will not lead to a constructive resolution of the situation.
They will not assist you with decryption, seize your servers for OPsec, and your company's operations will be halted.
Subsequently, the date will be disclosed, leading to fines, legal actions, and reputational damage.
OR
You initiate negotiations with us, and we reach a mutually beneficial and constructive solution for both parties.
You pay a specified amount and receive the full decryption, support throughout the decryption process,
proofs that all information on our servers has been deleted, and a guarantee that it will never resurface,
ensuring no one learns about this incident.
To initiate negotiations, please download the Tor Browser using their official website: https://www.torproject.org/
use these credentials to enter the Chat for text negotiation: http://jqlcrn2fsfvxlngdq53rqyrwt ... J8ZAduh5dioahO1TXRA
There will be no bad news for your company after successful negotiations for both sides. But there will be plenty of those bad news if case of failed negotiations, so don’t think about how to avoid it.
Just focus on negotiations, payment and decryption to make all of your problems solved by our specialists within 1 day after payment received: servers and data restored, everything will work good as new.
-------------------------------------------------------------------------------
【桌面背景】
360社区
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
评论
直达楼层