·»¼¶¿þ¾î¿¡ °¨¿µµÆ´Âµ¥...

À¯È£ÁØ   
   Á¶È¸ 4679   Ãßõ 0    

문득 이상한 파일이 있어 보니 8/2자 날짜로 저장돼 있는 KRAB-DECRYPT.txt 입니다. 아래 같은내용으로...

윈10, 카스퍼스키 깔려 있는데, D, E 드라이브 root에 아래 같은 파일이 존재하더군요. 근데, 저는 사실 아무 변화? 없이 두달 동안 잘 사용하고 있었습니다.

카스퍼가 막은 것인가요? 암튼 전산팀에 오늘에야 발견하고 신고 했더니... 잔말 말고 포맷하라고... 이미지 떠 놓은 것도 좀 비실비실한 상태였던 거라 이참에 포맷하려고 하느데, 검색해 보니 Fake 랜섬은 아니더군요.

혹시 이런 상황(불행 중 다행입니다만) 설명해 주실 분 계신지요.

고맙습니다.



-----------------KRAB-DECRYPT.txt 내용 -------------------------------------------------

---= GANDCRAB V4  =--- 

Attention! 

All your files, documents, photos, databases and other important files are encrypted and have the extension: .KRAB 

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.

The server with your key is in a closed network TOR. You can get there by the following ways:

----------------------------------------------------------------------------------------

| 0. Download Tor browser - https://www.torproject.org/ 

| 1. Install Tor browser 

| 2. Open Tor Browser 

| 3. Open link in TOR browser:   http://gandcrabmfe6mnef.onion/8abc99065aaf7930                        

| 4. Follow the instructions on this page 

----------------------------------------------------------------------------------------                    

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free. 

ATTENTION!

IN ORDER TO PREVENT DATA DAMAGE:

* DO NOT MODIFY ENCRYPTED FILES

* DO NOT CHANGE DATA BELOW

---BEGIN GANDCRAB KEY---

lAQAADLI/O+UWzuF/6P61/heX/T892OXUW50vUcITPyjFGx+ucXAK47mEVVWamsuGkcp/YXF55tnPOlF62JNZnKnOqDwgmkqvhMVe1zGMH9Z6xZX1mTyOaX6+FpL4ALsVB26EaZy48ClPh/hh3UvhDE2BwFH8MOhQ9aJGyQlAkloyYb7yexA08/X720mLMr3Jj91rPZGA0zHg58YwvlT8gtTh5S9auYrE+Z+k+siupgUoMqDhJomq+J4eBmOCWlY6/DOdOUj451C/7Nt62kStrVVduBdEIgMskR4nn8BMB/0NsBrpIiGgLyipPlOFByRm6VsuQWJ+Y3bv04vKpXQ/0dIpYYCNCi7WMLaevy8BE1/bpLz6ATR1hWzfuIw4L2qQL+NspM81LqFoizz3Y5ntrQ388tqSe4L8Do+eZ62LdkqjN4yaN17m3Gvj6IYxAgWL6ZSwco0FqNIHj0Kc691anbjfA67vAmMWbZ+C1Xyi+81EPQW+NevKe96CnQkb5U3X3S3LJMzNugva579C3wsegmuekJTYFBH0fvnrKc//SE2xh9mSTELzDiesLVBNNi8dDOQMjsPHw1I/QLKErUTv7l6GtV09nt43+qskkrJg5CN+JU8YuE9Inrg7I0qriUYPDXXKf6+KlxjW1olc6ALlsaSZMh23eAEUQRsG78RV/vSvbiHBZp0rUr4A5v6szLLqpN32tj1xBfSnMHotba/sZ3QGnAYY5GglXPqFbXRFKiClfzhZYuby7jaIJLp4n9RdPExAL6R88NlPiHOdnXpX8YZsMCA+itQZQOlwzT5Fzw26XKzNklvj/j0TV2sl37NnZTt2GGsRI3FQPWO1sDjBZJFAnPH+V5s1wlB7OD4CwAUQJKwjnk6XFuj2691FrsC21y0iZJGg4yWJxM9KxJlb3hhAlGw85yTYGtKwDW/n8VsLIcXeparZj22hCg6nEZtkqGmudK0hmPKbZKAzNG2WCBfm8Al/ZJpqJkc5px6COc2BgKVEfSoG11+iYYlG1SQrCVj7j3jGhYtz7iQaFeW00sKx1bX4JHDwu3ur8WImWjT8ZnAdOpJj2Qo9V+7YKWdhcBxJyOxTQ/EJUi5H+HwbTwpfGIH9GwvML8CD4LgAJ6YgWEa2zdErXHQF5oT5X4rETGrCrZ6x0LA53L0qvErCzfdUDd4wbOMX8q/nsslCks17N6LQ8QpFjyL4526NkXfFCWVFLkreqsKxjSXkm+eRIF4m1rtKX8VPuP1SJDvUplVcLd3DKlrKFWvDgcdKJPYlkOCBcb1ngxPR/sLit2DuZfz6RpRdPryz/3RvmYnTZwnRACJZHBnzoe+O5pQXo8Uwx2Rnf1nhNdc8dBWs9vJPcxllmR9YARIupxxbK6xPmQkj90h9ZPsHDROJDXR4H+Bfog7MxQzf8s/mNzXaWuraLphn6kZ/SJlgwjPjW5tjZMW+gOLm4RCmcsk/JWIy6Sp19Duj4Xo0Y25aqv5yp/zf7AQbuaBw/JIuSq3yDGw34f5OnAn+FEjcPYqmt+YC8rDQvqaAjVufZPDlQ0Z30wCl0mLV9i9EmmbC1V28E3UYXXnTXTZU7OAX6ihZMToUCO5I7x+r1rILRQgC53KoedmBN99w09IIsHVN2fJ5pEoTEXETnaEINezY0dTONnWb+zLNn2mDwovc3G1IOXjpfK2OLAXoeoT6PN2W5s8iaTjbKi48qYetzlLrRipvEx8dEPdC5wxmFtm9NZz8fORUBR/xY3RJUW6FgZSZ/fxqaNORyT2Iza9iRsfHWCgEv6e6nqQq3JxmbOesUur1ASOIic9UzKWblZ496JbcwhPhbZCm+SjlFW8leS3j6BVFuxKkl7zh4kYra0CfzvyXyyR4Pt0DKyNT6IO3GsQ6UIcin877+XRmeY7VXZadIDeCjvJidrEP6ldkyA8ThV5FijsW6ABqLotpAkX5tuhOuIGU5u1E+Vqud/wF2Ope/B+FWOBKRsCH3wXkXsNTNPEYhQw/S51rqdVhSXPHxBcQMUWHZdwXmNikCYi01tMzCDwVLbLkD3PGENsZPdtUrQnV6dDd7NEdHywbrdzdrt12C78JLpUjMw+M935nvI0AyycdXGYzYhq+uf7vWIuqhE1mPdg6vJGkqkn6GqezCpiORdCR1F6Vq+QMNb70edLBX1Yi9oOzoU7YeEwj2QWejd+9+sSq2zwIXayiOUIN5F5uLm9WjRyUksiVqce/bMTa/6VeZAOIacWBrufq+jVXyI=

---END GANDCRAB KEY---


---BEGIN PC DATA---

wfKD6iudumBkmpL8IRr4U+Z2TYDF8D3t3jxjOpv1xlYovOuWNx4WYYldz5ZdTphRsXYR7mdWq7faTHWH5R5YBLDzo9Mu7+n6TUGEDBbiCpJj89LFMP/fmBOoBJAGLoqj/Px82WjxHJK0ip6hCUS4AqkAxrZKOPCX8LmabVUkcnQybcSWqsC4YYlYBKSExt8pE45r28KAR1KIZBdV4APFuUncZiJ92P2MZ0OQMJQPkYpNLF2TNJxXmtEoWXZvP+o/CfqF1shzlzbajcJAFXgll55nRd1rCDYxfQ7cDMQr7n1+SmjFHw+tkbsta9iVqcCnrbr95/tivLExkSfBsuL9/yI2HOtuGt1YaFqVBmXt/BGIEZob/idP4ra4Yqa1Y8ZyYYzy2SmikpQSTWYqblO5JIcJ8pE5wIQoAxPBnKw+Cu5JAOef2WFig6FrWw3jxHhKuQ6fZlrpfREi3vTLM+ar1wIZN3QTRlWKfznV1lPgcH8NmVffniz2QU5nm7Ivlsiw63IKVYrpeDf8fAgcCMBpPwBN+38+QwTCr6YtEuHtKkipBYBMapH1HpMOdL/KRdAPool+V7zu5LPJzMH9PXYCh8kz7exNRfttXf/Ybj/WouJkXppeRdRS9CphT1Kp2tFgkGnbLVMzkAsBfmD5HmFciTgEzbIBT7jbCwFzKdv/zDNsdHM3u24NfaiU43JgLfS8Uh0YXfIDE9YvjSbfmwqIwmcu1sV4mOTgkIqgOnBtESt+DiZI4BsYYF0C8rwBZhQyr8sbO8ilfU/VrqtOlo8nQ+7Dgu6+4+vlvy373JlhOvnU5+g1lMo=

---END PC DATA---
ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
¾îµð¼­ °¨¿°µÇ¾ú´ÂÁö ¸ð¸£°ÚÀ¸³ª ÆÀ¿¡¼­ ½ÃÅ°´Âµ¥·Î ÇÏ½Ã¸é µË´Ï´Ù.
¼³¸íÀÌ ÇÊ¿ä¾øÀ»ÅÙµ¥¿ä. º»ÀÎ ºÎÁÖÀÇ - °¨¿°, ³¡.
DDDIE 2018-10
ÇÏÁö¸¸ ÆÀÀÌ ½ÃÅ°´Â´ë·Î Çß´Ù°í Çؼ­ º¹±¸µÈ´Ù´Â º¸ÀåÀº ¾ø½À´Ï´Ù.
À¯È£ÁØ 2018-10
±×ÃÝ, Á¦ ºÎÁÖÀÇÀε¥... ¾ÏÆ° ¸ðµç ÆÄÀÏÀÌ ¸ÖÂÄÇÏ´Ï... ºÒÇàÁß ´ÙÇà. »¡¸® Æ÷¸ä...
ºñ¼ýÇÑ °æÇèÀÌ Àִµ¥, Áö³­ 4¿ù ¾î´À³¯ ¹®µæ µÚ´Ê°Ô ¹ß°ßÇÏ¿´½À´Ï´Ù.
Æú´õ ¸¶´Ù CRAB-DECRYPT.txt ÆÄÀϵéÀ» ½É¾îµÎ¾ú´Âµ¥, ÆÄÀϵ鿡 ´ëÇÑ ¾Ïȣȭ´Â ÁøÇàµÇÁö ¾Ê¾Ò½À´Ï´Ù.
ÆÄÀϵéÀ» ¾Ïȣȭ ÇÏ´Â ·£¼¶À̾ú´Ù¸é ÀÌ¹Ì ¾Ïȣȭ ¿Ï·áµÇ¾úÀ» ÅÍÀε¥, ¸ÖÂÄÇÏ¿´½À´Ï´Ù.
»ç¿ëÇÏ´Â ¹é½ÅÀº V3¿Í AntiLansumWare ÀÔ´Ï´Ù.

C µå¶óÀ̹ö´Â °í½ºÆ® À̹ÌÁö¸¦ Ç®¾î¼­ º¹¿øÇß°í, µ¥ÀÌŸ µå¶óÀ̹ö¿¡´Â ¹«´Ü ¼³Ä¡µÈ ÆÄÀϵéÀ» °Ë»öÇؼ­ ¸ðÁ¶¸® »èÁ¦ÇÏ¿´½À´Ï´Ù.
µ¥ÀÌŸ ÆÄÀÏÀ» ¹é¾÷ ÇصРº°µµ µð½ºÅ©´Â ÀÖ¾úÁö¸¸, ±äÀå »óŸ¦ À¯ÁöÇϸ鼭 °è¼Ó »ç¿ëÇغôµ¥, ´õ ÀÌ»óÀÇ º°´Ù¸¥  ¿À·ù´Â ¹ß»ýÄ¡ ¾Ê¾Ò½À´Ï´Ù.
³ª Ȧ·Î ÀÛ¾÷Çϴ ȯ°æÀ̶ó À§ÇèÇÑ ¸ðÇèÀ» °¨ÇàÇغ» °ÍÀÌÁö¸¸, ´Ù¸¥ »ç¿ëÀÚµé°ú °°ÀÌ ÀÛ¾÷Çϴ ȯ°æÀ̶ó¸é ±ú²ýÇÏ°Ô Æ÷¸ËÇÏ´Â °ÍÀÌ ÇÊ¿äÇϸ®¶ó »ý°¢ÇÕ´Ï´Ù.

CRAB-DECRYPT.txt ÆÄÀÏÀÇ ³»¿ëÀÔ´Ï´Ù.

---= GANDCRAB V2.1 =---



Attention!

All your files documents, photos, databases and other important files are encrypted and have the extension: .CRAB

The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files.


The server with your key is in a closed network TOR. You can get there by the following ways:

0. Download Tor browser - https://www.torproject.org/

1. Install Tor browser

2. Open Tor Browser

3. Open link in TOR browser: http://gandcrab2pie73et.onion/fbb50603be68046e                       

4. Follow the instructions on this page


If Tor/Tor browser is locked in your country or you can not install it, open one of the following links in your regular browser:
                             
0. https://gandcrab2pie73et.onion.rip/fbb50603be68046e                       
1. https://gandcrab2pie73et.onion.plus/fbb50603be68046e                       
2. https://gandcrab2pie73et.onion.to/fbb50603be68046e                       

ATTENTION! Use regular browser only to contact us. Buy decryptor only through TOR browser link or Jabber Bot!
                       

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.


The alternative way to contact us is to use Jabber messanger. Read how to:
0. Download Psi-Plus Jabber Client: https://psi-im.org/download/
1. Register new account: http://sj.ms/register.php
    0) Enter "username": fbb50603be68046e                       
    1) Enter "password": your password
2. Add new account in Psi
3. Add and write Jabber ID: ransomware@sj.ms any message
4. Follow instruction bot

It is a bot! It's fully automated artificial system without human control!
To contact us use TOR links. We can provide you all required proofs of decryption availibility anytime. We are open to conversations.
You can read instructions how to install and use jabber here http://www.sfu.ca/jabber/Psi_Jabber_PC.pdf

DANGEROUS!

Do not try to modify files or use your own private key - this will result in the loss of your data forever!
·Î±×ÀÎ ÇÏ½Ã¸é ´ñ±ÛÀ» ³²±æ ¼ö ÀÖ½À´Ï´Ù


QnA
¾²±â
Á¦¸ñPage 2/5586
2015-12   1025556   ¹é¸Þ°¡
2014-05   4472162   Á¤ÀºÁØ1
04-17   351   ´Ã¸¼À½
04-17   299   ±¸Â÷´Ï
04-17   275   chotws
04-17   321   2CPUÃÖÁÖÈñ
04-17   292   Á¦°¥±âõ
04-17   250   ¾î¼®
04-17   210   ¶Ñ¶Ñ±è´ë¿ø
04-17   222   ¹Ì´ã
04-17   258   ¹Î°æ¿­
04-17   449   zhyoon
04-17   294   Rich
04-16   323   PC¹è¿ì¹Ì
04-16   391   ¶Ñ¾Ó
04-16   325   Sakura24
04-16   370   dragoune
04-16   401   fLog
04-16   439   sasaz
04-16   287   ȸ¿ø
04-16   268   Æ®·»µå
04-16   308   ´ÙÀâ¾Æ
¸ñ·Ï
¾²±â