什么是SRC勒索软件?
SRC 勒索软件是 Makop 家族的恶意感染。这种勒索软件在感染系统后会加密文件,并通过附加唯一的受害者 ID、电子邮件地址“restoreBackup@cock.li”和“.SRC”扩展名来更改文件名。例如,“1.jpg”被重命名为“1.jpg.[2AF20FA3].[RestoreBackup@cock.li].SRC”等等。SRC 勒索软件还会更改桌面壁纸,并留下一张标有“+README-WARNING+.txt”的勒索信。
Table of Contents
SRC 勒索软件感染症状
SRC 留下的勒索信告知受害者,他们的文件已被加密,但文件结构被保留以避免数据损坏。它要求支付解密费用,并提出解密两个示例文件以证明他们确实可以做到这一点。该信提供了电子邮件地址“restoreBackup@cock.li”和用于联系攻击者的 TOX ID。它还警告不要使用第三方工具修改或解密文件,因为这可能会导致永久性数据丢失。
以下是 SCR 勒索软件赎金通知的示例:
::: Greetings :::
Little FAQ:
.1.
Q: Whats Happen?
A: Your files have been encrypted. The file structure was not damaged, we did everything possible so that this could not happen.
.2.
Q: How to recover files?
A: If you wish to decrypt your files you will need to pay us.
.3.
Q: What about guarantees?
A: Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will cooperate with us. Its not in our interests.
To check the ability of returning files, you can send to us any 2 files with SIMPLE extensions(jpg,xls,doc, etc... not databases!) and low sizes(max 1 mb), we will decrypt them and send back to you. That is our guarantee.
.4.
Q: How to contact with you?
A: You can write us to our mailbox: RestoreBackup@cock.li
Or you can contact us via TOX: -
You don't know about TOX? Go to hxxps://tox.chat
.5.
Q: How will the decryption process proceed after payment?
A: After payment we will send to you our scanner-decoder program and detailed instructions for use. With this program you will be able to decrypt all your encrypted files.
.6.
Q: If I don t want to pay bad people like you?
A: If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause only we have the private key. In practice - time is much more valuable than money.
:::BEWARE:::
DON'T try to change encrypted files by yourself!
If you will try to use any third party software for restoring your data or antivirus solutions - please make a backup for all encrypted files!
Any changes in encrypted files may entail damage of the private key and, as result, the loss all data.
其他 SRC 勒索软件详细信息
一旦勒索软件(如 SRC)加密了系统上的文件,这些文件将无法访问,除非攻击者拥有解密工具。支付赎金风险极高,因为攻击者不一定能给你解密密钥。在某些情况下,网上可能会提供免费解密工具。从备份中恢复文件也可以免除支付赎金的需要。及时删除勒索软件对于防止其传播到其他连接系统或加密其他文件至关重要。
什么是勒索软件
勒索软件攻击通常涉及加密受害者的数据并要求支付解密赎金。大多数勒索软件还会重命名其加密的文件。攻击者通常要求以加密货币付款。其他勒索软件变体包括EMBARGO 勒索软件、 Anyv 勒索软件和ZHO 勒索软件。为了防止攻击导致数据丢失,重要的是将重要文件的备份保存在云端或离线存储设备上。
勒索软件感染方法
勒索软件可以通过各种方式渗透到系统中。标准方法包括带有恶意附件或链接的网络钓鱼电子邮件和恶意在线广告。网络犯罪分子还会利用过时软件或操作系统中的漏洞。其他感染媒介包括盗版软件、破解工具、受感染的 USB 驱动器、来自对等 (P2P) 网络的下载、非官方网站和第三方下载器。技术支持诈骗是另一种用于分发恶意软件的策略。
防范勒索软件
为防止勒索软件感染,请从官方网站或应用商店等可靠来源下载应用程序和文件。避免使用盗版软件或破解工具。谨慎对待包含可疑链接或附件的电子邮件。不要与可疑网站的广告、弹出窗口或下载按钮互动。定期更新您的操作系统和已安装的应用程序,并扫描您的计算机以查找威胁。使用信誉良好的安全软件可以增强您对此类威胁的防护。
