【家族名】
Win32/Ransom.SquadLocker
[平台] / [主类型] . [家族名]
平台类型 : Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
被加密文件后缀格式:.SquadLocker
修改文件后缀为
【勒索提示信息】:
文件名:SquadLocker_ReadMe.txt
文件内容
---------------------------------------------------------------------------------------------------------------------------
ALL YOUR FILES HAVE BEEN ENCRYPTED
Your documents, photos, databases, and other critical files have been encrypted using AES-256 + RSA-4096 encryption.
This is military-grade security. Without our decryption key, recovery is impossible.
➤ WHAT HAPPENED?
Your files are locked and unreadable.
Your backups have been deleted or encrypted.
We have exfiltrated sensitive data (financial records, client info, internal documents).
➤HOW TO RECOVER YOUR FILES
Pay the ransom in Bitcoin (BTC) to the address below.
Telegram us with proof of payment.
Receive the decryption tool and restore your files.
➤ RANSOM AMOUNT: 300 USD
➤ BITCOIN ADDRESS: bc1q00000j8dz02p8rlj7he4kjd4mhtrm4grr99sky
➤ CONTACT TELEGRAM: https://t.me/SquadLocker
➤ WARNING
❌ Do NOT shut down your computer –this may corrupt files.
❌ Do NOT attempt manual decryption – this will destroy your data.
❌ Do NOT contact authorities – we will leak your data if you do.
➤ If you do not pay, we will:
✔ Leak your data to competitors, media, and dark web forums.
✔ Sell your data to the highest bidder.
✔ Permanently delete the decryption key.
---------------------------------------------------------------------------------------------------------------------------
【修改桌面显示】:
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
|
|
评论
直达楼层