BlackNevas勒索软件家族详情

【家族名】
Win32/Ransom.BlackNevas
[平台]   /   [主类型]  .  [家族名]
平台类型 :  Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师：暂不支持
在线解密：暂不支持
【被加密文件】
被加密文件后缀格式：.-encrypted
修改文件后缀为


【勒索提示信息】：
文件名：how_to_decrypt.txt
文件内容
--------------------------------------------------------------------------------------------------------------------------------------------------------------
ATTENTION!!!!
Your computer ID:  AHN BIOTECHNOLOGIE GMBH
ATTENTION to representatives AHN BIOTECHNOLOGIE GMBH!!!!
Your system has been tested for security and unfortunately your system was vulnerable.
We specialize in file encryption and industrial (economic or corporate) espionage.
We don't care about your files or what you do, nothing personal - it's just business.
We recommend contacting us as your confidential files have been stolen and will be
sold to interested parties unless you pay to remove them from our clouds and auction,
or decrypt your files.
Your computer ID:  AHN BIOTECHNOLOGIE GMBH
Please note that if:
- you ignore this message for 7 days, your decryption keys will be deleted;
- an attempt to change the name of an encrypted file will damage the encrypted file, making it impossible to decrypt;
- using third-party free or paid programs will damage the encrypted file, making it impossible to decrypt;
For more detailed information write to us: toxicavalon@toke.com
Telegram: https://t.me/BlackNevas
Reserve Email: suppcarter@uymail.com and murrock@consultant.com
Your computer ID:  AHN BIOTECHNOLOGIE GMBH
ATTENTION to representatives AHN BIOTECHNOLOGIE GMBH!!!!
If you ignore or refuse to cooperate, we will be forced to hand over your stolen data
to our partners for publication in a data leak blog and further sale at auctions.
To open .onion sites you need to download the TOR browser https://www.torproject.org/download/
or the multifunctional browser Brave https://brave.com/download/ new private window Tor.
Find your details on these sites of our partners:
http://kill432ltnkqvaqntbalnsgoj ... tq6fuvcztilyd.onion
https://hunters55rdxciehoqzwv7vg ... yid.onion/companies
http://z3wqggtxft7id3ibr7srivv5g ... nlhukdid.onion/blog
http://black3gnkizshuynieigw6ejg ... qpmq2vn2xf6yd.onion
http://embargobe3n5okxyzqphpmk3m ... tkk7hhi544jid.onion
http://k67ivvik3dikqi4gy4ua7xa6i ... eirfcsx4sgbid.onion
Your computer ID:  AHN BIOTECHNOLOGIE GMBH
--------------------------------------------------------------------------------------------------------------------------------------------------------------


【防护建议】
1.多台机器，不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性，并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制，并进行定期备份
4.定期检测系统和软件中的安全漏洞，及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括：
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件，并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件，如果已经被杀毒软件拦截查杀，不要添加信任继续运行。