2020-07-24 10:52 勒索病毒终结者
近段时间力创数据接到好些用户的咨询,他们所在公司的服务器都感染了勒索病毒,中招后,服务器上的所有文件都被加密锁定,没办法正常打开使用,而且文件名也被篡改,添加了入侵者的邮箱和DECP后缀,如下图所示:
一客户所在公司服务器中了DECP后缀勒索病毒后的文件夹。
DECP后缀勒索病毒的入侵者会在客户每一个文件夹内留下一个名为#DECP_README#的rtf,例举一位中毒客户的文件内内容如下:
HOW TO RECOVER YOUR FILES?
WE HAVE TO INFORM YOU THAT ALL YOUR FILES WERE ENCRYPTED!
PLEASE BE SURE THAT YOUR FILES ARE NOT BROKEN!
Your files were encrypted with AES-128+RSA-2048 crypto algorithms.
* Please note that there is no way to decrypt your files without unique decryption key and special software. Your unique decryption key is securely stored on our server.
* Please note that all the attempts to recover your files by yourself or using third party tools will result only in irrevocable loss of your data!
* Please note that you can recover files only with your unique decryption key, which stored on our server.
HOW TO RECOVER FILES?
Please write us to the e-mail, we will send you instruction how to recover your data.
Our main e-mail: deccrypasia@yahoo.com
Our secondary e-mail: deccrypasia@protonmail.com
Our secondary e-mail: deccrypasia@aol.com
Please write to our main e-mail. If you will not receive answer in 24 hours, please write to our secondary e-mails! Please always check SPAM folder!
* Write on English or use professional translator
In subject line write your personal ID: xxxxxxxxxxxx
For your assurance you can attach up to 3 small encrypted files to your message. We will decrypt and send you decrypted files for free.
* Please note that files must not contain any valuable information and their total size must be less than 5Mb.
Please don't worry, we can help you to RESTORE your server to original
state and decrypt all your files quickly and safely!
OUR HELP!
You have to pay for our help in Bitcoin Cryptocurrency.
Immidiately after payment we will send you (by e-mail) automatic decryption tool and your unique decryption key. You just have to start decryption tool on your server and all files will be automatically decrypted. All original file names will be restored too.
Jwy2yl4o
服务器中了DECP后缀勒索病毒数据可以恢复吗?中了DECP后缀勒索病毒的服务器内所有的文件均被加密,无法使用,可能会影响企业的正常业务运作,给企业带来无法估计的损失。如若发现中招,力创数据建议第一时间隔离中招的主机;其次加访问控制策略,把3389端口换为其它端口(或只允许VPN登录),关闭139、445、135等不必要的端口;修改登录密码为复杂密码。同时力创数据温馨提醒大家,一定要做好勒索病毒的防御工作,下载安装正版杀毒软件,关闭不必要的端口,关闭不必要的文件共享,避免使用弱口令密码,对没有互联需求的服务器/工作站内部访问设置相应控制,对重要文件和数据(数据库等数据)进行定期非本地物理备份,加强人员安全意识培训等。
如有疑问,马上在线咨询 点击在线咨询
育碧才刚刚曝出了自家的《看门狗:军团》源代码被窃取的事,近日,游戏公司卡普空CAPCOM又宣布服务器遭遇勒索病毒攻击,并被勒索1100万美元。此次事件...
自2016年底全球爆发互联网数据库勒索病毒风潮起,到2017年5月份爆发的WannaCry勒索,勒索病毒正式走进大众的视野,被大众熟知。近几年,勒索病毒不断在...
近两年,勒索病毒愈发猖狂,全球不少企业遭遇勒索病毒的攻击,造成一定的损失。近段时间,法国IT巨头Sopra Steria、Boyne Resorts运营商均遭遇了勒索病毒的...
近日,蒙特利尔STM公共交通系统遭遇到了RansomExx勒索病毒的攻击,其IT、网站和客户服务系统受到影响,但并不影响公交和地铁的运行。RansomExx勒索病毒是...
前段时间,财富500强公司、医院遍布美、英的美国最大连锁医院Universal Health Systems(UHS)遭遇了Ryuk勒索病毒的攻击,系统遭瘫痪多时,医院也被迫将急诊病患...
周一至周日 8:00-22:00
13265855616
即可开始对话