GANDCRAB最新變種出現,相比較於GANDCRAB v5.0.4,GANDCRABv5.1更具危害性,請大家注意防範。
---= GANDCRAB V5.1 =---
UNDER NO CIRCUMSTANCES DO NOT DELETE THIS FILE, UNTIL ALL YOUR DATA IS RECOVERED
*****FAILING TO DO SO, WILL RESULT IN YOUR SYSTEM CORRUPTION, IF THERE ARE DECRYPTION ERRORS*****Attention!
All your files, documents, photos, databases and other important files are encrypted and have the extension:
The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.
The server with your key is in a closed network TOR. You can get there by the following ways:
| 0. Download Tor browser - https://www.torproject.org/
| 1. Install Tor browser
| 2. Open Tor Browser
| 3. Open link in TOR browser: http://gandcrabmfe6mnef.onion/63eefd25f88b4272
| 4. Follow the instructions on this page
**注意防範的同時,如果不幸中招,可以加q2362441418諮詢一下
當然,事中防禦和事後補救,遠不及事前防禦更讓人來得心安。爲了避免不必要的損失,建議您採取如下措施:
(1)針對服務器,不僅要安裝帶主動防護的殺毒軟件,還要部署安全加固軟件,阻斷******。
(2)關閉445、135、139等不必要的端口,不要在公網上直接暴露遠程桌面服務(RDP,默認監聽端口3389),如運維需要,確保只能登錄×××後才能訪問。
(3)及時修復系統漏洞,如果服務器上安裝了JBoss、Tomcat、Weblogic WLS等組件,還需及時更新至最新版本。不要輕易安裝來路不明的軟件,
(4)使用高強度密碼並定期更換,禁止在多臺服務器上使用相同密碼,防止***在爆破一臺服務器後可輕易***同密碼的其他服務器。
(5)及時備份服務器上的核心數據到其他主機上,並對備份數據做好網絡隔離,防止備份數據被加密**