GANDCRAB勒索病毒最新变种GANDCRABv5.1
洋葱浏览器http://gandcrabmfe6mnef.onion
后缀5-10位的随机字母
如图所示
此次病毒涉及范围很广,企业、事业单位、医院、学校等。
近几日有很多学生咨询说中了此种病毒,鉴于没有重要文件,所以没有造成严重损失。
---= GANDCRAB V5.1 =---
UNDER NO CIRCUMSTANCES DO NOT DELETE THIS FILE, UNTIL ALL YOUR DATA IS RECOVERED
*****FAILING TO DO SO, WILL RESULT IN YOUR SYSTEM CORRUPTION, IF THERE ARE DECRYPTION ERRORS*****
Attention!
All your files, documents, photos, databases and other important files are encrypted and have the extension: .DMKBS
The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.
The server with your key is in a closed network TOR. You can get there by the following ways:
| 0. Download Tor browser - https://www.torproject.org/
| 1. Install Tor browser
| 2. Open Tor Browser
| 3. Open link in TOR browser: http://gandcrabmfe6mnef.onion/611465c4986eced2
| 4. Follow the instructions on this page
On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.
ATTENTION!
IN ORDER TO PREVENT DATA DAMAGE:
- DO NOT MODIFY ENCRYPTED FILES
- DO NOT CHANGE DATA BELOW
---BEGIN GANDCRAB KEY---
lAQAALUswz80tChXParbk5NYyw8wwmkk3RUzvjao1Z1tfZ40NuO01YJ5TidP6qWLub0kzSaT99M1T27ruC3dxNfv+cbvfSkwTg9uNhtGnhoJZRcpoH2ou+TczYuo/xKFuvjai3K3W+k1RvrCXon7GQQ+aM5/CoGhaSBdJ3u7dU9whU726EbL8y+sL3eAhuEiCof+EtWYIvL3z+al8D5P+cpKQg7BxKKtuqwxPywjdRpy0uQrIKFBGD8Bc6qHthxrqPJHlAAMQWKuxwjDeIAB0ey1tmRtD2cyuqDpTevgQFge3lBi9dUjDsuvAVcErkBvSm4Vk1iuI5ffXc0gRQGU4wDc/IfC0P8I2/wxlqzwba52m5rJXlre0TU08XTHxYPJKjvVnwaBvr+pWYCIXAEcPv4J9DlCvKKARrV4vNpfPjavks6olQapp2mtFGOG9sAgzQ/o6fV5dwRkVevXuheICW3Cl6D47W2tHB0o4274VAHuSJeWTLVu6x4tAthSUaX/ispZwUXBVpmFQgx8mJvRmq6FT2BLQ98hWxcjVYokfMvdazCi4iI5b70jN07t+q3aCRZSg90WCdCj77iA8u7TOc1RqyECdBQbzNAph8/88D9/0q05WEHPCkIUaUPt9Je2hHXNWS7kTcWsb+6HrRL1hHuSSBDGNnhgIb7jsIGRrA0RhSIr4rF882smjsb5Wcz3cxlZwef8+pkFenjdJEGU9yKOvEMWcaZB6BleDV3Av8bykIYqaMNIL+wfrPqT52GPnYI5bO0ynFWce5dGpZzFWNVjUZ0rVVk+pjy2WlwHyEltdS7QSwoo/uHj4lJwNrTiNNn5MwF3SBmpzouOaAqMVJH3ff07l7GbHdP2B6FFC9GYsbGixIAOkyqRdWmuKAy2DfbsJXLE0krStFW5n4k0+WXf7dZNrND3Bi/UGXNHkUf42GECkiLNmYD4ISW+vcSgASEqcG9CaqUrVAk+6Hv7Ax1ACNAyJk2nxLXZLMp+cxPC4qWwwqhb2aHy9ZghMJsDBu743JqUcCkvsqLaW3/k4SN+C20uN0nBLoafWCL6Z2DSIS9MosrjbpGQfhgvyOakdLbNv6YN7SYLQOEHgrdv6Wpjvzy0L71M8oTQFq203KA4sr22dwDMC96Lf7AgDQXua6mmVZ9VOKG5sBJtMNksdFTpADsbSu6Z+4ji9G1qQP/+BGkqJffrMW49a78yhYLCVR5RYGhAPi81JgLvxcwC2ExeVoDlcjWErqISvSDcWEjwfR2ZJD/2xT/F65F8aYZSXXPXO6cPVCJUC41EKKqSlsQDYO7J8YcXXs+zm8pYEov5PEgff+ddu6SPu3CHZlj9XcfNYx2lFoz3dTxdSAh7CBSRXP+x2MdLQx/dUlP1CjOhmrID3FRcOVS+Uvf66oShQNrgb3CDZdiR/DGqX7ZqDPLIaYEfIXXcD5XxgBMRKk5TgveEGBnYs0sVVhdHOyIoqah/cN7oiAPv/vpVMUle8nVJ2lux2fr8MlNpukdJ04Fsbrksu171RBIac/tne7ITcBFPeBRFHFqlUhm0GcyC5mCmogK1ljOGzZFjANHMNcy7ZcKuE3bzwUNgmb4TRD5p9+UxTWD5xf+goV0MWv8eznjRIoTRIsHTbZlsCuLlFBRQe0QICjxMOzGupDQRHM7zCVhWeOg3SscDmxW7eq4GWEyvvGvEUNbkGUKr3HObDysGWPm30ryS/C0j1mFr7RQtU425TMzDBuJ3wqdo8bCrXMvP/jLAjWIEYNLse0MFi2z88azz9kjMxFetYIvitzicdnHIPpZL/GB9HI0/arJBzg8Tl9dkTfyzB9xERIgDivqEM+81Vj0wxvND3f3d7d99qnd1zzoVgPQvLgH4R8QTxQu9t18B3elOd8872hG8xlXrOsq+xk9yqBJWBd7JGCP6mFaQSsz9LQt+CV8zQFND8OQHypkicsnXMuvZvr/bTEZzlhaRwJFA5FC2wEzXac8ZzoA/q6MW/aEcc8NQ8sdctBpEB3fGpyfgBqlav4ZLGWCsJO/B0qtgY6d8stTLdZXTzMkUm3HbyBm/Gv9k4jZQDnrMOrmwWZiNGqyiakX2GOuUNbPD/pghUTqqmptHl1Er42HqVOujctmhsvR189bfIgQhavWreDzD9tf/LvVsr62vnhMkBQyWd5xKZmZT0KF8COV9PSqrMk3TnMwhcYd5Cs1jbdJ8nibAnDP0MoKFZyGRV5gIBSKEa36hAoOrk917j6AfsPJeu/c=
---END GANDCRAB KEY---
---BEGIN PC DATA---
7ftDEgLb/ZS0lcmZbHM61KDJ6AOtD78KkA6VbsAgRnYcWLQC7p+WYEhxTWDO9P/JI5D0AsWViODlRRbIVXQoQxaa2rPazq4SeOgCaoKX2qbLGOIpU0uVIkugicQ2qivs7UgEXVJiDcF0iWP/gFL8WqBHGyOgMof74iZHO883kWa60KsRG/oAEuDBktlhsrSHT/UeIK90f4NTA3Q0Aa7fDOtFnCOTB5ome7FLZ/fMCt27gAb2/52sUzN7xdxdWKoyoIWs5zhHRnKRMIiBilCjeiCo9VqinJKZtl8CSVLOoTBGmLz7tYCZGAQpE6j8RSEVYffb0xBSRSCQtKyJItBOBktq/MZnR6S3PLGEmdKRiEeWP5vyrfM7LPfjBqO/r2dW7OYoT03J2fa0Lzd0vPeJSzez0KAuoTrFpp2CPGWxsCgXuYzoNloc6nqVnun9qBVvELwIrq0y2i9v1Y+lKzn+7qx4B+w8gTqwNEzbb5Ufu9xQLW2jr7jUwEPi8TPeKPWggY2eWK3+6wkXvCaihIFfEv1EqSNNANDhs9RsICb1JUHvyYeMb50O1gM/++QXe20E2nSfCuLraNdOPEuVL8o3LqYb8QmccCaV+LDEEcmsH7TTnImaaEIlb4k0v1Gdc2TS16JdDFjF04HgqA5wt0aIxMTG4nVMm77KYPN8Et+dA5i9zkRfGbod7wI2+l/UdCt8r5KzQApj/F09ysPw+FzVuqpBMg4jyURubMY=
---END PC DATA---
**在这里 提醒大家,不要在不正规的网站上下载东西,以防中招
为防止用户感染该类病毒,我们可以从安全技术和安全管理两方面入手:
1、不要打开陌生人或来历不明的邮件,防止通过邮件附件的***;
2、尽量不要点击office宏运行提示,避免来自office组件的病毒感染;
3、需要的软件从正规(官网)途径下载,不要双击打开.js、.vbs等后缀名文件;
4、升级到最新的防病毒等安全特征库;
5、升级防病毒软件到最新的防病毒库,阻止已存在的病毒样本***;
6、定期异地备份计算机中重要的数据和文件,万一中病毒可以进行恢复
7、找可靠的恢复数据公司解密,可咨询qq2362441418**
原文地址:http://blog.51cto.com/14090158/2347372