2019年4月18日,鸿萌接到深圳某客户被勒索者病毒加密文件,鸿萌工程师看到客户所有办公文件都被添加.tater文件后缀,如下图所示:
客户文件被添加.tater后缀,文件被加密
文件名因涉及客户隐私被隐去。释放病毒的黑客留下名为:#HOW TO DECRYPT#的文本文档,里面内容如下:
!!!!!!!Your files are encrypted!!!!!!!
Do not try to recover your files on your own or with someone else,because after the intervention you can remain without your data forever.
You have 48 hours to contact us,otherwise you will be left without access to the files forever.
Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service
Only we can decrypt all your data!
Contact us us:
tater@mail2tor.com
And tell us your unique ID
ja7ezy51+MuBitDzfc9CQxPU3Lu7pCA8vvlhhxYxMWTjyjG21M/A/sC9p4KYm/N6MoLMrNeszEMVSknKmkmOwyqYhfoYkqhycpoEz53cU088eBeV2IkFXE631XjhFkYbOINO5XIjdf/6BQTIfT9U4CtAwmjEd9I2HHKk7uNueSflpP9mX1Qu1QxOlTYRUmrfQqTHBP6kZIAHn+n1m/axpUfsBknpr4aGngQKBTNe6LTWdmx30UdQD54/9mVi11yYfnQwm4BKAba1QyUtlv2TbIhjYqVucZpOwvi4yBfA0TYPpX4zZ1cGKaQRhp2WCyx2pP1bUd4JrVOS6rg/KHfOpc5FzywuCxP7lUjrDGTqt7IZk4ed64mprcFFg9RS2TFg/G7cBgNLJJAgzlFnJLGymEVj9BvsyoMwwAGoK
针对.tater后缀勒索者病毒,鸿萌已成功为该客户提供数据解密服务。
网友评论