高危病毒预警:.471zyimn后缀勒索者病毒出现
首页 > 业界动态
时间:2020-07-05 16:39:08
近日,天津一个客户中了后缀为.471zyimn的勒索病毒,客户服务期内的文件都被添加了.471zyimn后缀。如下图所示:
鸿萌工程师在现场看到入侵者留下的信息:
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension 471zyimn.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/293F900AEE014266
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/293F900AEE014266
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
yg97e1kt(省略)
Extension name:
471zyimn
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension 471zyimn.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/293F900AEE014266
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/293F900AEE014266
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
yg97e1kt(省略)
Extension name:
471zyimn
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
勒索病毒经过近几年的发展,加密的复杂程度越来越高,目前最新的病毒基本是对文件整体加密。数据恢复难度很大。鸿萌甚至还发现一些入侵者购买第三方的商业加密软件,侵入客户服务器后使用第三方的商业加密软件对客户服务器进行加密。因此,鸿萌提醒客户做好核心服务器数据的备份工作,不要以为勒索病毒侵入不了自己的服务器而掉以轻心。
假如您的服务器不小心中了勒索者病毒,也不要慌乱,要尽快拔掉中毒服务器的网线,然后联系鸿萌工程师咨询。我们会为您的数据安全提供专业而有效的建议。
假如您的服务器不小心中了勒索者病毒,也不要慌乱,要尽快拔掉中毒服务器的网线,然后联系鸿萌工程师咨询。我们会为您的数据安全提供专业而有效的建议。