发表时间: 2022-03-28 14:55:23
浏览:
注意:本篇为早期locked介绍,
2022年8月28日后爆发的.locked勒索病毒问题,请移步这里了解详情:https://www.grit.com.cn/Ransomware/locked
近日深圳一家科技公司服务器感染.locked勒索病毒,服务器上部署的OA系统,除C盘外所有文件被加密成.locked扩展名。
提取到READ_ME.html文档,内容如下:
I am so sorry ! All your files have been encryptd by RSA-1024 and AES-256 due to a computer security problems.
If you think your data is very important .The only way to decrypt your file is to buy my decrytion tool .
else you can delete your encrypted data or reinstall your system.
Your personid :
***********************************************************************************************=
Decrytion do as follows:
1. if you not own bitcoin,you can buy it online on some websites. like https://localbitcoins.net/ or https://www.coinbase.com/ .
2. send 0.1 btc to my wallet address **************************
3. send your btc transfer screenshots and your persionid to my email service@goodluckday.xyz . i will send you decrytion tool.
Tips:
1.don't rename your file
2.you can try some software to decrytion . but finally you will kown it's vain .
3.if any way can't to contact to me .you can try send me bitcoin and paste your email in the transfer information. i will contact you and send you decrytion tools.
Anything you want to help . please send mail to my email service@goodluckday.xyz.
Have a nice day .
经过国瑞安全紧急处理,成功解密被加密文件和数据库,客户及时恢复了生产工作,将损失降到最低程度。
需注意的是,此类型并非早期lock或locky勒索病毒家族,加密机制及解密方法均与lock或locky不相同。
24小时应急响应热线:15021662155 / 15611033457