Shulou(Shulou.com)06/01 Report--

Suffix .hack blackmail virus

Virus encrypted file characteristics: .id -. [email address] .HACK

Example of feature: UFDATA.MDF.id- 820C74B1.[ mr.hacker @ tutanota.com] .Hack

Characteristic virus mailbox: mr.hacker@tutanota.com

Blackmail virus classification: Dharma series

Suffix .bat ransomware suffix .acute blackmail virus

Virus encrypted file characteristics: .id -. [email address] .bat .id -. [email address] .acute

Example of features: UFDATA.MDF.id- 820C74B1 [madmaxxx8 @ protonmail.com] .bat UFDATA.MDF.id [CC898EC4-1096] .lockhelp @ qq.com] .acute

Characteristic virus mailbox: decryptyourdata@qq.com madmaxxx8@protonmail.com sprt@keemail.me lockhelp@qq.com

Blackmail virus classification: Dharma series

Suffix .kjh ransomware suffix .COPAN ransomware suffix .0day blackmail virus suffix .BSC blackmail virus suffix

Virus encrypted file characteristics: .id -. [email address] .kjh .id -. [email address] .COPAN .id -. [email address] .0day virus encrypted file characteristics: .id -. [email address] .BSC

Example of features: UFDATA.MDF.id- 820C74B1.[ datareturn @ protonmail.com] .kjh UFDATA.MDF.id- 820C74B1.[ acva @ foxmail.com] .Copan UFDATA.MDF.id- 820C74B1.[ my0day @ aol.com] .0day UFDATA.MDF.id- M135271F.[ basecrypt @ aol.com] .BSC

Characteristic virus mailbox: datareturn@protonmail.com acva@foxmail.com my0day@aol.com Basecrypt@aol.com

Blackmail virus classification: Dharma series

Suffix wtfsupport@airmail.cc blackmail virus

Characteristics of virus encrypted files: .wtfsupport@airmail.cc

Example of feature: UFDATA.MDF.wtfsupport@airmail.cc

Characteristic virus mailbox: wtfsupport@airmail.cc wtfsupport@cock.li

Suffix diller13 blackmail virus suffix binicaoma blackmail virus

Characteristics of virus encrypted files: .diller13 .binicaoma

Example of feature: UFDATA.MDF.diller13 UFDATA.MDF.binicaoma

Blackmail message text: how_to_back_files.html

Blackmail virus classification: GlobeImposter series

Suffix. {dresdent@protonmail.com} DDT blackmail virus

Characteristics of virus encrypted files:. {email address} DDT

Example of features: UFDATA.MDF. {dresdent@protonmail.com} DDT

Characteristic virus mailbox: dresdent@protonmail.com

Blackmail virus classification: GlobeImposter series

Suffix lcphr blackmail virus

Characteristics of virus encrypted files: .lcphr

Example of feature: UFDATA.MDF.lcphr

Blackmail message text: LooCipher-DECRYPT.txt

Blackmail virus classification: LooCipher

Suffix .heroset blackmail virus suffix .muslat blackmail virus suffix .gerosan blackmail virus

Characteristics of virus encrypted files: .heroset .muslat .gerosan

Example of feature: UfErpAct.Lst.heroset UfErpAct.Lst.muslat UfErpAct.Lst.gerosan

Characteristic virus mailbox: gorentos@bitmessage.ch vengisto@firemail.cc

Blackmail message text: _ readme.txt

Blackmail virus classification: STOP series

Suffix .orion blackmail virus

Characteristics of virus encrypted files: .orion

Example of feature: UFDATA.MDF.orion

Blackmail message text: Orion-DECRYPT.txt

Characteristic virus mailbox: foxnitro@tutanota.com foxnitro@aol.com foxnitro@protonmail.com

Suffix. [LOCKED] blackmail virus

Characteristics of virus encrypted files:. [LOCKED]

Feature example: UFDATA.MDF. [locked]

Blackmail message text: [LOCKED]-DECRYPT.txt

Suffix .poop blackmail virus

Characteristics of virus encrypted files: .poop

Example of feature: UFDATA.MDF.poop

Blackmail message text: SYSTEM HACKED AND FILES ENCRYPTED

Blackmail virus classification: HiddenTear series

Suffix .euclid blackmail virus

Characteristics of virus encrypted files: .euclid

Example of feature: UFDATA.MDF.euclid

Blackmail message text: how to recover.txt

Security protection itself is a dynamic confrontation process, on the basis of security reinforcement measures, in daily work, it is also necessary to strengthen the management of the use process of the system and the real-time monitoring of network security status: the computer does not use storage devices such as U disk and mobile hard disk of unknown origin; it does not access the public network; at the same time, the internal network of the organization does not run the access of devices of unknown origin. Security inspection and assessment should be carried out regularly, security weaknesses should be found in time, security loopholes and deficiencies in security management mechanism should be repaired in time, and the security of the system should be maintained at a relatively high level at all times.

How to protect yourself from the blackmail virus?

Consumers, small businesses and businesses must implement multi-layer defense mechanisms when dealing with extortion viruses.

1. Efficient data backup: organizations must adopt regular data backup and recovery plans for all critical data they store. The backup should be tested, and the backup data must be stored on a separate device, preferably offline.

two。 Regular patch updates: application and operating system patches must be up-to-date and tested to avoid any potential vulnerabilities. Efficient patch management reduces the likelihood of * through the weak links available.

3. Restrict the use of elevated privileges: organizations should follow a restricted permissions model for user access to reduce their chances of installing and running unwanted software or applications.

4. Antivirus update: the system must have the latest antivirus software installed and must scan all downloaded files through it.

5. Implement application whitelist: organizations must follow the application whitelist process to prevent systems and networks from being infected by malicious or unauthorized applications.

6. Create user awareness: users are the weakest link in network security, and it is very important to train them through appropriate training. Security professionals must keep abreast of the latest trends in this area and need to introduce spam and phishing to users.

7. Email protection: organizations must pay close attention to their emails. They should block emails from attachments from suspicious sources.

8. Endpoint protection: organizations must protect endpoints by preventing malicious files from running.

9. Cultivate good security practices: organizations must maintain good security habits and practices when browsing Web, and must protect data through appropriate control

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.