GANDCRAB勒索病毒即GANDCRAB v5.1之后出现最新变种GANDCRAB v5.2,此次是GANDCRAB病毒的增强版本,请大家注意防范
---= GANDCRAB V5.2 =---
UNDER NO CIRCUMSTANCES DO NOT DELETE THIS FILE, UNTIL ALL YOUR DATA IS RECOVERED
*****FAILING TO DO SO, WILL RESULT IN YOUR SYSTEM CORRUPTION, IF THERE ARE DECRYPTION ERRORS*****
Attention!
All your files, documents, photos, databases and other important files are encrypted and have the extension: .OLNFBNSJP
The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.
The server with your key is in a closed network TOR. You can get there by the following ways:
针对病毒我们提供一下几点建议:
(1)针对服务器,不仅要安装带主动防护的杀毒软件,还要部署安全加固软件,阻断******。
(2)关闭445、135、139等不必要的端口,不要在公网上直接暴露远程桌面服务(RDP,默认监听端口3389),如运维需要,确保只能登录×××后才能访问。
(3)及时修复系统漏洞,如果服务器上安装了JBoss、Tomcat、Weblogic WLS等组件,还需及时更新至最新版本。不要轻易安装来路不明的软件,
(4)使用高强度密码并定期更换,禁止在多台服务器上使用相同密码,防止***在爆破一台服务器后可轻易***同密码的其他服务器。
(5)及时备份服务器上的核心数据到其他主机上,并对备份数据做好网络隔离,防止备份数据被加密。
(6)恢复数据请找专业的解密公司,+q725317725
原文地址:https://blog.51cto.com/14010823/2358570