Toa 勒索軟件

Toa 勒索軟件說明

Toa Ransomware 以 Windows 系統為目標,並使用強大的加密算法鎖定其上的數據。受影響的用戶將發現自己無法訪問他們的任何文檔、圖片、照片、檔案、數據庫等。勒索軟件威脅的運營商利用加密數據向受害者勒索金錢。

按照在大多數勒索軟件威脅中觀察到的既定行為,Toa 還修改了它加密的文件的名稱。威脅通過將四個隨機字符的字符串附加到原始文件名來實現。此外,受害者將在被入侵設備的桌面上留下一個名為“read_it.txt”的文本文件。

該文件包含惡意軟件的贖金記錄。攻擊者表示,Toa Ransomware 已刪除加密文件的捲影副本並禁用 Windows 恢復。該說明指示受影響的用戶要從網絡犯罪分子那裡接收解密器,他們將需要支付正好 274 美元的贖金。但是,必須使用比特幣加密貨幣發送資金。

索要贖金的消息全文如下:

'Your Windows PC is infected with the Toa Ransomware. Without the key, files can't, and won't, be returned. However, you can get yourself out of this mess. By buying our decryptor software. you can return all of your infected files. The price for this software is $274 in USD. payment can be made in BTC only. If you don't know how to get Bitcoin, Google how. once payment is recevied, a email will contact you and send you the decrypter. If you dont get the decryptor, check your spam folder. Windows Recovery is disabled and all Shadow Copies are deleted as well as the backup catalog. Once you sent the Bitcoin, from the email that infected you, send them your Public Key.

Public Key:

BTC Adress: 0xDe3cbc738a2B57168FD5906B39941Ce8958dB044'