Multi-License Discount Quote
Pangkalan Data Ancaman Ransomware Perisian Tebusan Tunai

Perisian Tebusan Tunai

Menjelang Mezo pada Ransomware
Terjemahkan ke
بهاس ملايو

Dalam era digital, kepentingan melindungi peranti dan data anda tidak boleh dilebih-lebihkan. Ancaman siber, terutamanya perisian tebusan, telah menjadi semakin canggih, menimbulkan risiko serius kepada individu dan organisasi. Satu ancaman yang muncul ialah Cash Ransomware, perisian mengancam yang direka untuk menyulitkan fail pada peranti yang dijangkiti dan menuntut bayaran untuk pelepasannya. Memahami ancaman ini dan melaksanakan amalan keselamatan yang teguh adalah penting untuk melindungi aset digital anda.

Apakah itu Cash Ransomware?

Cash Ransomware ialah jenis perisian hasad khusus yang dikenali untuk menyulitkan data pada peranti yang terjejas dan menuntut wang tebusan untuk penyahsulitan. Perisian tebusan ini dikaitkan dengan pelaku ancaman yang sama di sebalik Cash RAT (Remote Access Trojan) dan MintStealer, yang menunjukkan kumpulan penjenayah siber yang teratur dan berterusan.

Bagaimana Perisian Tebusan Tunai Beroperasi

Setelah diaktifkan pada peranti yang terjejas, Cash Ransomware menyulitkan fail dan menambahkan sambungan '.CashRansomware' pada setiap fail yang terjejas. Contohnya, '1.doc' menjadi '1.doc.CashRansomware' dan '2.pdf' dinamakan semula '2.pdf.CashRansomware.' Berikutan proses penyulitan, perisian tebusan mencipta tiga nota tebusan yang berbeza: kertas dinding desktop baharu, tetingkap timbul dan fail HTML bernama 'Cash Ransomware.html.'

Tuntutan dan Amaran Tebusan

Nota tebusan, walaupun tidak sama, menyampaikan maklumat kritikal yang sama:

  • Pemberitahuan penyulitan fail.
  • Permintaan tebusan sebanyak 80 USD dalam mata wang kripto Monero (XMR).
  • Amaran terhadap memulakan semula peranti atau menjalankan program anti perisian hasad boleh menyebabkan fail tidak boleh disulitkan.
  • Arahan untuk mengelak daripada memutuskan sambungan daripada rangkaian untuk memastikan rundingan dan pemulihan.

Nota tersebut juga menyatakan bahawa fail telah disulitkan menggunakan algoritma kriptografi lanjutan: XChaCha20, Poly1305, dan AES-256-GCM. Walau bagaimanapun, pakar keselamatan siber memberi amaran bahawa membayar wang tebusan tidak menjamin pemulihan data, kerana penjenayah siber selalunya tidak memberikan kunci penyahsulitan walaupun selepas pembayaran.

Amalan Keselamatan Terbaik untuk Mencegah Serangan Ransomware

Mencegah ransomware, termasuk Cash Ransomware, memerlukan pendekatan proaktif terhadap keselamatan siber. Berikut ialah beberapa amalan terbaik yang harus dilaksanakan oleh pengguna untuk meningkatkan pertahanan mereka terhadap perisian tebusan dan ancaman perisian hasad yang lain:

  • Sandaran Biasa : Sandarkan sebarang data penting ke pemacu luaran atau storan awan secara kerap. Pastikan sandaran tidak disambungkan secara berterusan ke rangkaian untuk mengelakkannya daripada terjejas semasa serangan.
  • Gunakan Perisian Anti-Hasad Teguh : Pasang dan kekalkan perisian anti-perisian hasad terkini. Dayakan pengimbasan masa nyata dan kemas kini automatik untuk melindungi daripada ancaman terkini.
  • Kekalkan Kemas Kini Perisian : Pastikan sistem pengendalian, aplikasi dan perisian sentiasa dikemas kini dengan kemas kini dan tampung terkini yang tersedia. Ini meminimumkan kelemahan yang boleh dieksploitasi oleh ransomware.
  • Amalkan Tabiat Penyemakan Imbas Selamat dan E-mel : Berhati-hati apabila mengakses pautan atau memuat turun lampiran daripada sumber yang tidak diketahui. E-mel pancingan data ialah vektor terkenal untuk pengedaran perisian tebusan.
  • Sediakan Kata Laluan Teguh dan Pengesahan Berbilang Faktor : Gunakan kata laluan yang rumit dan unik untuk akaun yang berbeza dan dayakan Pengesahan Berbilang Faktor (MFA) di mana mungkin untuk menambah lapisan keselamatan tambahan.
  • Lumpuhkan Makro dalam Fail Pejabat : Lumpuhkan makro dalam fail Microsoft Office yang diterima daripada sumber yang tidak dipercayai, kerana ini boleh digunakan untuk melaksanakan perisian tebusan.
  • Didik Diri Anda dan Orang Lain : Kekal terdidik tentang ancaman siber terkini dan mendidik keluarga, rakan dan rakan sekerja anda tentang amalan dalam talian yang selamat dan bahaya perisian tebusan.

    • Peningkatan ancaman perisian tebusan seperti Cash Ransomware menyerlahkan keperluan kritikal untuk kewaspadaan dan langkah keselamatan siber yang teguh. Dengan memahami sifat ancaman ini dan melaksanakan amalan keselamatan terbaik, pengguna boleh mengurangkan peluang menjadi mangsa serangan perisian tebusan dengan ketara Ingat, pencegahan sentiasa lebih baik daripada mengubati, dan pendekatan proaktif terhadap keselamatan siber ialah pertahanan terbaik anda terhadap ancaman digital.

    Nota tebusan yang dibentangkan dalam tetingkap timbul:

    'Cash RANSOMWARE

    YOUR FILES
    ARE ENCRYPTED
    BY CASH RANSOMWARE

    What happend?

    Dear , We regret to inform you that your files have been compromised by the insidious Cash Ransomware program. This ruthless malware has infiltrated your system, encrypting your precious data and holding it hostage until its demands are met. Below are the chilling details of this dire situation:

    Rapid scanning of your storage drives has been executed, leaving no corner untouched by the malicious claws of Cash Ransomware.
    Utilizing the advanced XChaCha20 encryption algorithm, your files have been ensnared with unbreakable tags and a deadly combination of Poly1305 or AES-256-GCM, meticulously chosen by the ransomware's constructors to ensure maximum devastation.
    To further fortify its grip on your data, Cash Ransomware employs a hybrid bulletproof encryption technique, rendering any attempts at decryption futile against its impenetrable defenses.
    Files bearing specific extensions have been singled out for priority encryption, ensuring that your most critical data is held captive, intensifying the fear and desperation of your predicament.
    As a final blow to any hopes of recovery, Cash Ransomware deploys a double-key encryption mechanism, thwarting any attempts at deception or circumvention, leaving you no recourse but to comply with its demands.
    In light of this harrowing situation, we implore you to refrain from taking any actions that may exacerbate the damage and worsen your plight:

    Do not download antivirus software: Any attempts to combat Cash Ransomware with conventional means will only serve to alert its creators, potentially triggering further encryption or irreversible data loss.
    Do not disconnect from the network: Isolation will not shield you from the relentless reach of Cash Ransomware; instead, it may hinder potential avenues of negotiation or resolution.
    Do not reboot your systems: Restarting your devices could disrupt ongoing encryption processes, rendering your files irretrievable and sealing your fate in the clutches of this merciless malware.
    We understand the gravity of your situation and stand ready to assist you in navigating this crisis. However, time is of the essence, and decisive action is imperative to mitigate the extent of the damage inflicted by Cash Ransomware.

    How to decrypt my files?

    Your files are heavily encrypted, and none can be decrypted without the decryption key.
    To obtain the decryption key, you need to make a payment to the specified amount to the XMR / Monero wallet.
    Once you've made the payment, you should contact the attackers via email or Telegram to receive the decryption key.
    After receiving the decryption key, you need to input it into the decryption panel in Cash.
    Once you hit the decryption button, your files will be decrypted.'

    Nota tebusan dihantar sebagai fail HTML:

    'ATTENTION!'ATTENTION!

    YOUR FILES ARE ENCRYPTED BY Cash RANSOMWARE

    Dear user, We regret to inform you that your files have been compromised by the insidious XChaCha20 encryption algorithm, your files have been ensnared with unbreakable tags and a deadly combination of Poly1305 or AES-256-GCM, meticulously chosen by the ransomware's constructors to ensure maximum devastation.
    To further fortify its grip on your data, Cash Ransomware employs a hybrid bulletproof encryption technique, rendering any attempts at decryption futile against its impenetrable defenses.
    Files bearing specific extensions have been singled out for priority encryption, ensuring that your most critical data is held captive, intensifying the fear and desperation of your predicament.
    As a final blow to any hopes of recovery, Cash Ransomware deploys a double-key encryption mechanism, thwarting any attempts at deception or circumvention, leaving you no recourse but to comply with its demands.
    In light of this harrowing situation, we implore you to refrain from taking any actions that may exacerbate the damage and worsen your plight:

    Do not download antivirus software: Any attempts to combat Cash Ransomware with conventional means will only serve to alert its creators, potentially triggering further encryption or irreversible data loss.
    Do not disconnect from the network: Isolation will not shield you from the relentless reach of Cash Ransomware; instead, it may hinder potential avenues of negotiation or resolution.
    Do not reboot your systems: Restarting your devices could disrupt ongoing encryption processes, rendering your files irretrievable and sealing your fate in the clutches of this merciless malware.

    We understand the gravity of your situation and stand ready to assist you in navigating this crisis. However, time is of the essence, and decisive action is imperative to mitigate the extent of the damage inflicted by Cash Ransomware.

    85kCbkZzeaeiSx8h47yFjwUJ8u41FqgbpFbqGp5C93Rpa9eU 7pcYdp5Y7LNSrHkEVmTYa4oCuLeNnHGxVBLH78Uo2XEkXpZ
    Copy Monero

    dolores@bpe.cash
    Copy Email

    80$
    Copy Amount'

    Mesej ditunjukkan kepada mangsa sebagai imej latar belakang desktop:

    'CASH RANSOMWARE'All computer got infected by Cash Ransomware.
    All your personal files are encrypted
    Using an unique and advanced encryption algorithm.'All computer got infected by Cash Ransomware.
    All your personal files are encrypted
    Using an unique and advanced encryption algorithm.

    If you need your computer or your files
    Please kindly follow steps on the software.
    You can contact people that infected that
    Computer by sending an email
    Please check the Ransomware to get the email.

    Avoid to install an anti-virus, installing a anti-virus
    Will delete the Ransomware without decrypting files.
    Please note that we won't be able to help you
    If you're trying to bypass our system.

    CASHRANSOMWARE'

    Trending

    Paling banyak dilihat

    Memuatkan...