AI摘要:公司的文件服务器被黑,每个文件夹内都有一封威胁信,要求付款才能解密文件。然而,由于公司有备份文件,很快就恢复了。此外,赛门铁克披露了黑客团队Carderbee针对中国香港及亚洲区域的供应链攻击,而该公司恰好使用了一款由中国公司开发的保护和加密文档的软件。
Powered by AISummary.
公司的文件服务器被黑了,打开SMB共享的文件夹,每个文件夹内都有一个txt格式的威胁信,内容如下
Your files are encrypted and can not be used
We have downloaded your confidential data and are ready to publish it on our blog
To return your files in work condition you need decryption tool
Follow the instructions to decrypt all your data
Do not try to change or restore files yourself, this will break them
If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB
How to get decryption tool:
1) Download and install TOR browser by this link: https://www.torproject.org/download/
2) If TOR blocked in your country and you can\'t access to the link then use any VPN software
3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin
4) Copy your private ID in the input field. Your Private key: 0A189E8A094DC2AF016F5B41
5) You will see payment information and we can make free test decryption here
6)After payment, you will receive a tool for decrypting files, and we will delete the data that was taken from you
Our blog of leaked companies:
wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion
If you are unable to contact us through the site, then you can email us: [email protected]
Waiting for a response via mail can be several days. Do not use it if you have not tried contacting through the site.也是老套路了,加密所有文件,付款后才能解密,这种方式只对那种没有备份文件的公司才有些用处,我公司大概是有备份的,很快就恢复了
23.08.28补充
今天看见条新闻,赛门铁克披露了黑客团队Carderbee针对中国香港及部分亚洲区域的供应链攻击,此次攻击是通过Cobra DocGuard执行的,而这款软件是由一家名为亿赛通的中国公司开发的,作用是保护和加密文档,很不幸,我公司就使用了这款软件
