DumbStackz 勒索软件加密大多数文件类型

我们的研究团队在检查新的恶意文件样本时发现了 DumbStackz。这款恶意软件源自 Chaos 勒索软件，旨在加密文件并要求付费才能解密。

在我们的系统上进行测试后，该勒索软件成功加密了文件，并在文件名中添加了“.DumbStackz”扩展名。例如，“1.jpg”变成了“1.jpg.DumbStackz”，“2.png”变成了“2.png.DumbStackz”，所有加密文件都是如此。

加密后，DumbStackz 修改了桌面壁纸，并在名为“read_it.txt”的文本文件中生成了一封勒索信。DumbStackz 发送的消息告知受害者文件已加密，并要求支付 0.001 BTC（比特币加密货币）的赎金。截至撰写本文时，这相当于约 60 美元，请注意，汇率可能会发生变化。

勒索信中向受害者保证，付款后将提供解密工具。如果两天内未能满足这些要求，受影响的文件将被删除。

DumbStackz 勒索信威胁数据丢失

DumbStackz 勒索信全文如下：

Sht well your files are locked. Lmao, well, sorry to say you won't be able to get them back without paying a fee. Unless you don't care about your files, I would encourage you to pay. The fee will cost you 0.001 bitcoin. Making this sht affordable. Sorry to cause you stress. Now, if you want to make this quick and simple, let's cut to the chase.

Step 1: Buy the bitcoin. Unless you own bitcoin, you will obviously need to buy it. Well, where the f*ck do I buy bitcoin?? You may be asking yourself that question. Luckily, there are many places to buy bitcoin. Such as apps like Coinbase, Crypto.com, Changelly Kraken, etc. There are also crypto ATMs to find one near you, go to coinflip.tech and enter a zip code. Or find others.

Step 2: Create a Bitcoin wallet. If you are on a mobile device, I recommend downloading Cake Wallet or Trust Wallet. They are wallets that hold many different crypto currencies. Such as Bitcoin. And if you are using a Windows computer, you can use the Wassabi wallet. It is a great and fast wallet to set up. From there, you can send the address you are sending the 0.001 bitcoin to, which is below this line. Or scan the QR code that is shown in my wallpaper. (My Bitcoin Address): 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV

Step 3. Once you have sent the bitcoin successfully and it confirms through the blockchain, don't hesitate to contact me. I will provide you with the password to recover all of your files. It is another piece of software, so please disable virus and threat protection to allow it to decrypt successfully. Contact Me Once Paid: whosdumb_stackz@proton.me (This is an email, so you will need to write to me by email.)

Your files will be automatically deleted after 2 days from when this ransomware was installed. Do not try after 2 days because you will just be losing your money for nothing. Attempting to reset the computer will also delete all of your files, which you can try if you want.

PAY EXACTLY 0.001 BITCOIN OR YOUR FILES WILL NOT BE RELEASED TO YOU. IF ONE OF MY WORKERS IS THE ONE WHO GAVE YOU THIS RANSOMWARE, THEY WILL WAIT FOR THE PAYMENT TO GO THROUGH, AND THEY WILL GIVE YOU THE DECRYPTER. DO NOT TRY NEGOTIATING, OR ME OR MY WORKERS WILL BLOCK YOU. THE AMOUNT WILL NEED TO BE 0.001 BITCOIN, EVEN WITH THE FEES. MAKE SURE TO GET SOME EXTRA BITCOIN FOR EASY PAYMENT.

Again, if you have any issues or concerns, please contact me at whosdumb_stackz@proton.me (This is an email, so you will need to write to me by email.)

Bitcoin Address Again: 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV

DumbStackz 之类的勒索软件通常如何在线传播？

像 DumbStackz 这样的勒索软件通常通过各种在线媒介传播，包括：

网络钓鱼电子邮件：攻击者经常使用网络钓鱼电子邮件来分发勒索软件。这些电子邮件可能包含恶意附件或链接，点击后会下载勒索软件并将其执行到受害者的系统上。

恶意网站：访问受感染或恶意网站可能会导致驱动下载，即勒索软件会在受害者不知情或未经同意的情况下自动下载并安装到受害者的设备上。

漏洞工具包：勒索软件可以通过漏洞工具包进行传播，漏洞工具包是一种利用软件漏洞将恶意软件传送到受害者系统的工具包。这些漏洞可能存在于过时的软件或浏览器中。

远程桌面协议 (RDP) 攻击：攻击者可能利用远程桌面协议 (RDP) 的弱凭据或默认凭据来获取系统的未经授权的访问并部署勒索软件。

恶意广告：合法网站上的恶意广告（恶意广告）可以将用户重定向到托管勒索软件的网站，或启动勒索软件自动下载到受害者的设备上。

文件共享网络：勒索软件可以通过文件共享网络和点对点 (P2P) 文件共享应用程序传播，用户在不知情的情况下下载受感染的文件。

社会工程学策略：攻击者可能使用社会工程学策略诱骗用户下载和执行勒索软件，例如冒充合法的软件更新或技术支持人员。