【家族名】
Win32/Ransom.LukaLocker
[平台] / [主类型] . [家族名]
平台类型 : Win64 Linux
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
新增扩展名:.NBA
【勒索提示信息】:
文件名:readme.txt
360社区
文件内容 :
-------------------------------------------------------------------------------
What's happened?
Your corporate network has been encrypt3d. And that’s not all - we studied and downloaded a lot of your data, many of them have confidential status.
If you ignore this incident, we will ensure that your confidential data is widely available to the public. We will make sure that your clients and partners know about everything, and attacks will continue. Some of the data will be sold to scammers who will attack your clients and employees.
What's next?
You must contact us via qTox to make a deal. To install qTox follow the following instructions:
1. Follow the link to the official release and download the installation file.
https://github.com/qTox/qTox/rel ... -x86_64-release.exe
2. Open and install setup-qtox-x86_64-release.exe
3. Double-click the qTox shortcut on your desktop.
4. In the username field, enter the name of your company.
5. Create your password and enter it in the password field.
6. Enter your password again in the confirm field
7. Click the "Create Profile" button.
8. In the Add Fri3nds window, in the ToxID field, enter this:
3BBD6F23D4691C0C7613F9365E947A3CF7F0454CD792364E2A311EF80934C167800F3AD32250
then click the "Send friend request" button
9. Wait for technical support to contact you.
Advantages of dealing with us:
1. We will not mention this incident.
2. You will receive a recov3ry tool for all your systems that have been encrypt3d.
3. We guarantee that there will be no data leakage and will delete all your data from our servers.
4. We will provide a security report and give advice on how to prevent similar attacks in the future.
5. We will never attack you again.
What not to do:
Do not attempt to change or rename any fil3s - this will render them unrecoverable. Do not make any changes until you receive the d3cryption tool to avoid permanent data damage.
-------------------------------------------------------------------------------
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
评论
直达楼层