LostInfo 勒索软件
保护您的设备免受恶意软件威胁对于维护数据完整性和个人安全至关重要。勒索软件(例如最近发现的 LostInfo 勒索软件)通过加密数据并索要赎金来解密,构成了重大威胁。
目录
LostInfo 勒索软件概述
LostInfo 是网络安全研究人员发现的一种勒索软件。该恶意软件会加密受害者系统上的数据,并在感染后更改文件名。原始文件名附加了一个唯一 ID 和扩展名“.lostinfo”。例如,名为“1.jpg”的文件在加密后将显示为“1.jpg.{06420628-F5F4-ECED-BAAA-BCC19668745C}.lostinfo”。加密过程完成后,LostInfo 会生成一封名为“README.TXT”的勒索信。
LostInfo 勒索病毒的勒索信
“README.TXT”文件告知受害者他们的文件已被加密。它强调攻击者提供的解密过程的质量和可靠性,并阻止他们寻求第三方帮助。赎金通知要求支付未指定的数据恢复费用,如果在 12 小时内联系,可享受 50% 的折扣。它还威胁说,如果不支付赎金,就会与其他网络犯罪分子分享受害者的私人和财务数据。
支付赎金的后果
研究人员强调,没有攻击者的帮助,解密通常是不可行的。然而,支付赎金并不能确保攻击者会提供必要的解密工具。网络犯罪分子通常会在不履行承诺的情况下收下钱,因此建议不要通过支付赎金来支持他们的非法活动。
删除 LostInfo 勒索软件
从受感染的系统中清除 LostInfo 勒索软件将阻止其进一步加密数据。不幸的是,这并不能恢复已被破坏的文件。因此,必须专注于预防和立即响应,而不是依赖解密的希望。
预防勒索软件感染的安全措施
为了保护您的设备免受 LostInfo 等勒索软件感染,请考虑实施以下安全措施:
- 定期备份:在外部设备或云存储上定期保存数据备份,以确保您无需支付赎金即可恢复文件。
- 反恶意软件:使用信誉良好的反恶意软件程序来检测和防止勒索软件攻击。
通过遵守这些预防措施,用户可以显著缩小成为 LostInfo 等勒索软件攻击的受害者的风险,确保他们的数据安全且设备受到保护。
LostInfo 勒索软件释放的勒索信如下:
'I'll try to be brief: 1. It is beneficial for us that your files are decrypted no less than you, we don't want to harm you, we just want to get a ransom for our work.
Its only takes for us at list 20 minutes after payment to completely decrypt you,
to its original state, it's very simple for us!
3.If you contact decryption companies, you are automatically exposed to publicity,also, these companies do not care about your files at all, they only think about their own benefit!
4.They also contact the police. Again, only you suffer from this treatment!We have developed a scheme for your secure decryption without any problems, unlike the above companies,
who just as definitely come to us to decipher you and simply make a profit from you as intermediaries, preventing a quick resolution of this issue!In case of refusal to pay, we transfer all your personal data such as (emails, link to panel, payment documents , certificates , personal information of you staff, SQL,ERP,MIS,LIS,financial information for other hacker groups) and they will come to you again for sure!
We will also publicize this attack using social networks and other media, which will significantly affect your reputation!
If you contact us no more than 12 hours after the attack, the price is only 50% of the price afterwards!
Do not under any circumstances try to decrypt the files yourself; you will simply break them!
Download the (Session) messenger (hxxps://getsession.org) in messenger :ID"0585ae8a3c3a688c78cf2e2b2b7df760630377f29c0b36d999862861bdbf93380d"
MAIL:lostinfo@skiff.com'
