首页 > 业界动态

时间:2019-12-25 14:47:18
         12月4日,河北省某医药公司ERP服务器被病毒入侵,数据库及所有有效文件被添加.Snake865qqz后缀,服务器内留下一个文档,内容如下:
Your personal ID (略去)

 English ☣Your files are encrypted!☣

--------------------------------------------------------------------------------

⬇ To decrypt, follow the instructions below.⬇
To recover data you need decrypt tool.
To get the decrypt tool you should:

Send 1 crypted test image or text file or document to China.Helper@aol.com
In the letter include your personal ID (look at the beginning of this document). Send me this ID in your first email to me.
We will give you free test for decrypt few files (NOT VALUE) and assign the price for decryption all files.
After we send you instruction how to pay for decrypt tool and after payment you will receive a decrypt tool and instructions how to use it We can decrypt few files in quality the evidence that we have the decoder.

--------------------------------------------------------------------------------

MOST IMPORTANT!!!

Do not contact other services that promise to decrypt your files, this is fraud on their part! They will buy a decoder from us, and you will pay more for his services. No one, except China.Helper@aol.com, will decrypt your files.

--------------------------------------------------------------------------------

Only China.Helper@aol.com can decrypt your files
Do not trust anyone besides China.Helper@aol.com
Antivirus programs can delete this document and you can not contact us later.
Attempts to self-decrypting files will result in the loss of your data
Decoders other users are not compatible with your data, because each user's unique encryption key
客户所中的勒索病毒为十二主神病毒,这种病毒产生的扩展名常见的有:

.ALCO865qqz
.BIP865qqz
.COMBO865qqz
.KRAB865qqz
.China865qqz
.Help865qqz
.Rat865qqz
.Ox4865qqz
.Tiger865qqz
.Rabbit865qqz
.Dragon865qqz
.Snake865qqz
.Horse865qqz
.Goat865qqz
.Monkey865qqz
.Rooster865qqz
.Dog865qqz
.Pig865qqz
.RESERVE865qqz

***.ldf.pig865qqz

***.mdf.pig865qqz

***.ldf.pig865qqz

***.mdf.pig865qqz

这个客户显然中了该病毒。鸿萌提醒广大客户,重要数据一定要做备份,数据安全的核心就是备份。鸿萌针对各种类型的数据库,如Oracle、Sql server、Mysql等以及其他格式的数据文件都能提供具有自己专有的极具性价比的解决方案。通过我们的方案,可以将客户数据备份到局域网或者广域网的任何位置,有效避免重要数据被加密勒索。