@!web-article-pic.avif
【勒索提示信息】:
文件名:Look at this instruction.txt
文件内容 :
Your network systems were attacked and encrypted. Contact us in order to restore your data. Don't make any changes in your file structure: touch no files, don't try to recover by yourself, that may lead to it's complete loss.
To contact us you have to download "tox" messenger: https://qtox.github.io/
Add user with the following ID to get your instructions:
A4B3B0845DA242A64BF17E0DB4278EDF85855739667D3E2AE8B89D5439015F07E81D12D767FC
Alternative way: swikipedia@onionmail.org
Your ID: oWsb0im5nw
You should know that we have been downloading data from your network for a significant time before the attack: financial, client, business, post, technical and personal files.
In 10 days - it will be posted at our site http://bianlianlbc5an4kgnay3opde ... m3dnbz3uaunad.onion with links send to your clients, partners, competitors and news agencies, that will lead to a negative impact on your company: potential financial, business and reputational loses.
【数据泄露网站】
家族:BianLian
被加密文件后缀:bianlian
黑客邮箱/Url:swikipedia@onionmail.org
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。 作者:360闲聊站 https://www.bilibili.com/read/cv18169534/?from=search&spm_id_from=333.337.0.0 出处:bilibili