首页 > 业界动态

时间:2020-04-06 11:23:31
       在消失了一段时间之后,.ciphered后缀勒索者病毒重现了!
       今天下午,鸿萌收到一位客户服务器中勒索者病毒的案例。工程师一检查,发现客户的这台服务器中的是消失了一段时间的.ciphered后缀勒索者病毒。服务器上,除程序文件之外的文件资料,比如Office文档、图片、文本文件、数据库等全被添加了.ciphered后缀。而且文件都被加了密。如下图所示:
 
       勒索者在服务器上留下一个名为:how_to_back_files的网页格式文件,打开后里面内容如下:

 

All your data has been ciphered!


The only way of recovering your files is to buy a unique decryptor.
A decryptor is fully automatical, all your data will be recovered within a few hours after it’s installation.

For purchasing a decryptor contact us by email:
Kim_Chen_Yn@protonmail.com

If you will get no answer within 24 hours contact us by our alternate emails:
bathed1212@cock.li

We assure full recovery after the payment.
To verify the possibility of the recovery of your files we can decipher 1 file for free.
Attach 1 file to the letter (no more than 25Mb). Indicate your personal ID on the letter:
ID号码略去

In reply we will send you an deciphered file and an instruction for purchasing an automatical decryptor for all your files. After the payment we will send you a decryptor and an instructions for protecting your computer from network vulnerabilities..

 

Attention!
•Only Kim_Chen_Yn@protonmail.com, bathed1212@cock.li can decipher all your files.
•Launching of antivirus programs will not help.
•Changing ciphered files will result in a loose of data.
•Attempts of deciphering by yourself will result in a loose of data.
•Decryptors of other users are unique and will not fit your files and use of those will result in a loose of data.

       举世疫情期间,服务器被加密的此伏彼起,看来勒索者还是“勤奋不辍”,还在像某些国家一样,不停向全世界放毒。针对花样翻新的勒索者病毒,鸿萌有专业的防护解决方案。针对勒索者病毒造成的数据加密,可以一键恢复到正常状态。
     
       我们的方案采用基于时间状态的保护膜技术,通过全息记录方式恢复整个系统的创新型安全模式。全息系统通过底层控制技术,先于操作系统加载,每时每刻记录系统全部的运行轨迹,自动生成每个历史时间点。在遇到勒索病毒或者其他破坏性事件时,用户可以自由选择历史时间点进行还原,回到系统的正常状态,恢复被加密的文件。
       方案特点:
1.驱动层控制系统,实现物理设备与逻辑设备的映射
2.通过全息记录方式,记录系统所有运行轨迹
3.历史全息记录隐式存储,防止任何程序及操作系统的篡改
4.通过智能算法自动创建可恢复的秒级还原点
5.可在任意还原点对系统整体还原,可在任意时间点进行反复还原
6.可在任意还原点对文件完整镜像恢复
7.操作系统被破坏崩溃后可自动恢复
8.一键恢复被勒索病毒加密的系统及文件
     数据被加密,一键就可以恢复,还有比这更爽的方案么?