成功案例

勒索病毒数据恢复

南京某旅游公司erp数据库中勒索病毒,sqlserver数据库无法打开,文件后缀为GDCB

经过南京兆柏数据恢复工程师的分析,通过客户老的备份文件成功数据客户数据库,数据库正常打开。

月28日,后缀GDCB病毒解密服务器被Bitdefender破解,目前可以免费恢复数据。而在3月6日今天,正瑛科技获得病毒最新变种。最新变种会在感染计算机后加密特定格式的文件,会在文件名添加上CRAB后缀,并在每个文件夹下生成CRAB-DECRYPT.txt说明信息。病毒传播方式及原理请查阅我司另外技术文件,注意预防此最新变种。

CRAB-DECRYPT内容如下:

---= GANDCRAB =---

Attention!

All your files documents, photos, databases and other important files are encrypted and have the extension: .GDCB

The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files.

The server with your key is in a closed network TOR. You can get there by the following ways:

1. Download Tor browser - https://www.torproject.org/

2. Install Tor browser

3. Open Tor Browser

4. Open link in tor browser: http://gdcbmuveqjsli57x.onion/234d6f08ca0902eb

5. Follow the instructions on this page

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.

If you can't download TOR and use it, or in your country TOR blocked, read it:

1. Visit https://tox.chat/download.html

2. Download and install qTOX on your PC.

3. Open it, click "New Profile" and create profile.

4. Search our contact - 6C5AD4057E594E090E0C987B3089F74335DA75F04B7403E0575663C26134956917D193B195A5

5. In message please write your ID and wait our answer: 234d6f08ca0902eb



相关文章