您当前的位置:主页 > 勒索病毒最新动态 >

近日不少客户服务器中了DECP后缀勒索病毒,数据可以恢复吗?

2020-07-24 10:52 勒索病毒终结者

  近段时间力创数据接到好些用户的咨询,他们所在公司的服务器都感染了勒索病毒,中招后,服务器上的所有文件都被加密锁定,没办法正常打开使用,而且文件名也被篡改,添加了入侵者的邮箱和DECP后缀,如下图所示:
DECP后缀勒索病毒

  一客户所在公司服务器中了DECP后缀勒索病毒后的文件夹。

  DECP后缀勒索病毒的入侵者会在客户每一个文件夹内留下一个名为#DECP_README#的rtf,例举一位中毒客户的文件内内容如下:

  HOW TO RECOVER YOUR FILES?

  WE HAVE TO INFORM YOU THAT ALL YOUR FILES WERE ENCRYPTED!

  PLEASE BE SURE THAT YOUR FILES ARE NOT BROKEN!

  Your files were encrypted with AES-128+RSA-2048 crypto algorithms.

  * Please note that there is no way to decrypt your files without unique decryption key and special software. Your unique decryption key is securely stored on our server.

  * Please note that all the attempts to recover your files by yourself or using third party tools will result only in irrevocable loss of your data!

  * Please note that you can recover files only with your unique decryption key, which stored on our server.

  HOW TO RECOVER FILES?

  Please write us to the e-mail, we will send you instruction how to recover your data.

  Our main e-mail: deccrypasia@yahoo.com

  Our secondary e-mail: deccrypasia@protonmail.com

  Our secondary e-mail: deccrypasia@aol.com

  Please write to our main e-mail. If you will not receive answer in 24 hours, please write to our secondary e-mails! Please always check SPAM folder!

  * Write on English or use professional translator

  In subject line write your personal ID: xxxxxxxxxxxx

  For your assurance you can attach up to 3 small encrypted files to your message. We will decrypt and send you decrypted files for free.

  * Please note that files must not contain any valuable information and their total size must be less than 5Mb.

  Please don't worry, we can help you to RESTORE your server to original

  state and decrypt all your files quickly and safely!

  OUR HELP!

  You have to pay for our help in Bitcoin Cryptocurrency.

  Immidiately after payment we will send you (by e-mail) automatic decryption tool and your unique decryption key. You just have to start decryption tool on your server and all files will be automatically decrypted. All original file names will be restored too.

  Jwy2yl4o

  服务器中了DECP后缀勒索病毒数据可以恢复吗?中了DECP后缀勒索病毒的服务器内所有的文件均被加密,无法使用,可能会影响企业的正常业务运作,给企业带来无法估计的损失。如若发现中招,力创数据建议第一时间隔离中招的主机;其次加访问控制策略,把3389端口换为其它端口(或只允许VPN登录),关闭139、445、135等不必要的端口;修改登录密码为复杂密码。同时力创数据温馨提醒大家,一定要做好勒索病毒的防御工作,下载安装正版杀毒软件,关闭不必要的端口,关闭不必要的文件共享,避免使用弱口令密码,对没有互联需求的服务器/工作站内部访问设置相应控制,对重要文件和数据(数据库等数据)进行定期非本地物理备份,加强人员安全意识培训等。

如有疑问,马上在线咨询 点击在线咨询

相关阅读

勒索病毒最新动态

  • 免费服务热线:

    周一至周日 8:00-22:00

    13265855616

  • 微信扫描

    即可开始对话

    勒索病毒解密客服二维码
勒索病毒文件恢复,密钥破解,后续防御
数据恢复热线:13265855616