·»¼¶¿þ¾î¿¡ °¨¿µµÆ´Âµ¥...

   Á¶È¸ 5061   Ãßõ 0    

문득 이상한 파일이 있어 보니 8/2자 날짜로 저장돼 있는 KRAB-DECRYPT.txt 입니다. 아래 같은내용으로...

윈10, 카스퍼스키 깔려 있는데, D, E 드라이브 root에 아래 같은 파일이 존재하더군요. 근데, 저는 사실 아무 변화? 없이 두달 동안 잘 사용하고 있었습니다.

카스퍼가 막은 것인가요? 암튼 전산팀에 오늘에야 발견하고 신고 했더니... 잔말 말고 포맷하라고... 이미지 떠 놓은 것도 좀 비실비실한 상태였던 거라 이참에 포맷하려고 하느데, 검색해 보니 Fake 랜섬은 아니더군요.

혹시 이런 상황(불행 중 다행입니다만) 설명해 주실 분 계신지요.

고맙습니다.



-----------------KRAB-DECRYPT.txt 내용 -------------------------------------------------

---= GANDCRAB V4  =--- 

Attention! 

All your files, documents, photos, databases and other important files are encrypted and have the extension: .KRAB 

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.

The server with your key is in a closed network TOR. You can get there by the following ways:

----------------------------------------------------------------------------------------

| 0. Download Tor browser - https://www.torproject.org/ 

| 1. Install Tor browser 

| 2. Open Tor Browser 

| 3. Open link in TOR browser:   http://gandcrabmfe6mnef.onion/8abc99065aaf7930                        

| 4. Follow the instructions on this page 

----------------------------------------------------------------------------------------                    

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free. 

ATTENTION!

IN ORDER TO PREVENT DATA DAMAGE:

* DO NOT MODIFY ENCRYPTED FILES

* DO NOT CHANGE DATA BELOW

---BEGIN GANDCRAB KEY---

lAQAADLI/O+UWzuF/6P61/heX/T892OXUW50vUcITPyjFGx+ucXAK47mEVVWamsuGkcp/YXF55tnPOlF62JNZnKnOqDwgmkqvhMVe1zGMH9Z6xZX1mTyOaX6+FpL4ALsVB26EaZy48ClPh/hh3UvhDE2BwFH8MOhQ9aJGyQlAkloyYb7yexA08/X720mLMr3Jj91rPZGA0zHg58YwvlT8gtTh5S9auYrE+Z+k+siupgUoMqDhJomq+J4eBmOCWlY6/DOdOUj451C/7Nt62kStrVVduBdEIgMskR4nn8BMB/0NsBrpIiGgLyipPlOFByRm6VsuQWJ+Y3bv04vKpXQ/0dIpYYCNCi7WMLaevy8BE1/bpLz6ATR1hWzfuIw4L2qQL+NspM81LqFoizz3Y5ntrQ388tqSe4L8Do+eZ62LdkqjN4yaN17m3Gvj6IYxAgWL6ZSwco0FqNIHj0Kc691anbjfA67vAmMWbZ+C1Xyi+81EPQW+NevKe96CnQkb5U3X3S3LJMzNugva579C3wsegmuekJTYFBH0fvnrKc//SE2xh9mSTELzDiesLVBNNi8dDOQMjsPHw1I/QLKErUTv7l6GtV09nt43+qskkrJg5CN+JU8YuE9Inrg7I0qriUYPDXXKf6+KlxjW1olc6ALlsaSZMh23eAEUQRsG78RV/vSvbiHBZp0rUr4A5v6szLLqpN32tj1xBfSnMHotba/sZ3QGnAYY5GglXPqFbXRFKiClfzhZYuby7jaIJLp4n9RdPExAL6R88NlPiHOdnXpX8YZsMCA+itQZQOlwzT5Fzw26XKzNklvj/j0TV2sl37NnZTt2GGsRI3FQPWO1sDjBZJFAnPH+V5s1wlB7OD4CwAUQJKwjnk6XFuj2691FrsC21y0iZJGg4yWJxM9KxJlb3hhAlGw85yTYGtKwDW/n8VsLIcXeparZj22hCg6nEZtkqGmudK0hmPKbZKAzNG2WCBfm8Al/ZJpqJkc5px6COc2BgKVEfSoG11+iYYlG1SQrCVj7j3jGhYtz7iQaFeW00sKx1bX4JHDwu3ur8WImWjT8ZnAdOpJj2Qo9V+7YKWdhcBxJyOxTQ/EJUi5H+HwbTwpfGIH9GwvML8CD4LgAJ6YgWEa2zdErXHQF5oT5X4rETGrCrZ6x0LA53L0qvErCzfdUDd4wbOMX8q/nsslCks17N6LQ8QpFjyL4526NkXfFCWVFLkreqsKxjSXkm+eRIF4m1rtKX8VPuP1SJDvUplVcLd3DKlrKFWvDgcdKJPYlkOCBcb1ngxPR/sLit2DuZfz6RpRdPryz/3RvmYnTZwnRACJZHBnzoe+O5pQXo8Uwx2Rnf1nhNdc8dBWs9vJPcxllmR9YARIupxxbK6xPmQkj90h9ZPsHDROJDXR4H+Bfog7MxQzf8s/mNzXaWuraLphn6kZ/SJlgwjPjW5tjZMW+gOLm4RCmcsk/JWIy6Sp19Duj4Xo0Y25aqv5yp/zf7AQbuaBw/JIuSq3yDGw34f5OnAn+FEjcPYqmt+YC8rDQvqaAjVufZPDlQ0Z30wCl0mLV9i9EmmbC1V28E3UYXXnTXTZU7OAX6ihZMToUCO5I7x+r1rILRQgC53KoedmBN99w09IIsHVN2fJ5pEoTEXETnaEINezY0dTONnWb+zLNn2mDwovc3G1IOXjpfK2OLAXoeoT6PN2W5s8iaTjbKi48qYetzlLrRipvEx8dEPdC5wxmFtm9NZz8fORUBR/xY3RJUW6FgZSZ/fxqaNORyT2Iza9iRsfHWCgEv6e6nqQq3JxmbOesUur1ASOIic9UzKWblZ496JbcwhPhbZCm+SjlFW8leS3j6BVFuxKkl7zh4kYra0CfzvyXyyR4Pt0DKyNT6IO3GsQ6UIcin877+XRmeY7VXZadIDeCjvJidrEP6ldkyA8ThV5FijsW6ABqLotpAkX5tuhOuIGU5u1E+Vqud/wF2Ope/B+FWOBKRsCH3wXkXsNTNPEYhQw/S51rqdVhSXPHxBcQMUWHZdwXmNikCYi01tMzCDwVLbLkD3PGENsZPdtUrQnV6dDd7NEdHywbrdzdrt12C78JLpUjMw+M935nvI0AyycdXGYzYhq+uf7vWIuqhE1mPdg6vJGkqkn6GqezCpiORdCR1F6Vq+QMNb70edLBX1Yi9oOzoU7YeEwj2QWejd+9+sSq2zwIXayiOUIN5F5uLm9WjRyUksiVqce/bMTa/6VeZAOIacWBrufq+jVXyI=

---END GANDCRAB KEY---


---BEGIN PC DATA---

wfKD6iudumBkmpL8IRr4U+Z2TYDF8D3t3jxjOpv1xlYovOuWNx4WYYldz5ZdTphRsXYR7mdWq7faTHWH5R5YBLDzo9Mu7+n6TUGEDBbiCpJj89LFMP/fmBOoBJAGLoqj/Px82WjxHJK0ip6hCUS4AqkAxrZKOPCX8LmabVUkcnQybcSWqsC4YYlYBKSExt8pE45r28KAR1KIZBdV4APFuUncZiJ92P2MZ0OQMJQPkYpNLF2TNJxXmtEoWXZvP+o/CfqF1shzlzbajcJAFXgll55nRd1rCDYxfQ7cDMQr7n1+SmjFHw+tkbsta9iVqcCnrbr95/tivLExkSfBsuL9/yI2HOtuGt1YaFqVBmXt/BGIEZob/idP4ra4Yqa1Y8ZyYYzy2SmikpQSTWYqblO5JIcJ8pE5wIQoAxPBnKw+Cu5JAOef2WFig6FrWw3jxHhKuQ6fZlrpfREi3vTLM+ar1wIZN3QTRlWKfznV1lPgcH8NmVffniz2QU5nm7Ivlsiw63IKVYrpeDf8fAgcCMBpPwBN+38+QwTCr6YtEuHtKkipBYBMapH1HpMOdL/KRdAPool+V7zu5LPJzMH9PXYCh8kz7exNRfttXf/Ybj/WouJkXppeRdRS9CphT1Kp2tFgkGnbLVMzkAsBfmD5HmFciTgEzbIBT7jbCwFzKdv/zDNsdHM3u24NfaiU43JgLfS8Uh0YXfIDE9YvjSbfmwqIwmcu1sV4mOTgkIqgOnBtESt+DiZI4BsYYF0C8rwBZhQyr8sbO8ilfU/VrqtOlo8nQ+7Dgu6+4+vlvy373JlhOvnU5+g1lMo=

---END PC DATA---

ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
¾îµð¼­ °¨¿°µÇ¾ú´ÂÁö ¸ð¸£°ÚÀ¸³ª ÆÀ¿¡¼­ ½ÃÅ°´Âµ¥·Î ÇÏ½Ã¸é µË´Ï´Ù.
¼³¸íÀÌ ÇÊ¿ä¾øÀ»ÅÙµ¥¿ä. º»ÀÎ ºÎÁÖÀÇ - °¨¿°, ³¡.
DDDIE 2018-10
ÇÏÁö¸¸ ÆÀÀÌ ½ÃÅ°´Â´ë·Î Çß´Ù°í Çؼ­ º¹±¸µÈ´Ù´Â º¸ÀåÀº ¾ø½À´Ï´Ù.
À¯È£ÁØ 2018-10
±×ÃÝ, Á¦ ºÎÁÖÀÇÀε¥... ¾ÏÆ° ¸ðµç ÆÄÀÏÀÌ ¸ÖÂÄÇÏ´Ï... ºÒÇàÁß ´ÙÇà. »¡¸® Æ÷¸ä...
ºñ¼ýÇÑ °æÇèÀÌ Àִµ¥, Áö³­ 4¿ù ¾î´À³¯ ¹®µæ µÚ´Ê°Ô ¹ß°ßÇÏ¿´½À´Ï´Ù.
Æú´õ ¸¶´Ù CRAB-DECRYPT.txt ÆÄÀϵéÀ» ½É¾îµÎ¾ú´Âµ¥, ÆÄÀϵ鿡 ´ëÇÑ ¾Ïȣȭ´Â ÁøÇàµÇÁö ¾Ê¾Ò½À´Ï´Ù.
ÆÄÀϵéÀ» ¾Ïȣȭ ÇÏ´Â ·£¼¶À̾ú´Ù¸é ÀÌ¹Ì ¾Ïȣȭ ¿Ï·áµÇ¾úÀ» ÅÍÀε¥, ¸ÖÂÄÇÏ¿´½À´Ï´Ù.
»ç¿ëÇÏ´Â ¹é½ÅÀº V3¿Í AntiLansumWare ÀÔ´Ï´Ù.

C µå¶óÀ̹ö´Â °í½ºÆ® À̹ÌÁö¸¦ Ç®¾î¼­ º¹¿øÇß°í, µ¥ÀÌŸ µå¶óÀ̹ö¿¡´Â ¹«´Ü ¼³Ä¡µÈ ÆÄÀϵéÀ» °Ë»öÇؼ­ ¸ðÁ¶¸® »èÁ¦ÇÏ¿´½À´Ï´Ù.
µ¥ÀÌŸ ÆÄÀÏÀ» ¹é¾÷ ÇصРº°µµ µð½ºÅ©´Â ÀÖ¾úÁö¸¸, ±äÀå »óŸ¦ À¯ÁöÇϸ鼭 °è¼Ó »ç¿ëÇغôµ¥, ´õ ÀÌ»óÀÇ º°´Ù¸¥  ¿À·ù´Â ¹ß»ýÄ¡ ¾Ê¾Ò½À´Ï´Ù.
³ª Ȧ·Î ÀÛ¾÷Çϴ ȯ°æÀ̶ó À§ÇèÇÑ ¸ðÇèÀ» °¨ÇàÇغ» °ÍÀÌÁö¸¸, ´Ù¸¥ »ç¿ëÀÚµé°ú °°ÀÌ ÀÛ¾÷Çϴ ȯ°æÀ̶ó¸é ±ú²ýÇÏ°Ô Æ÷¸ËÇÏ´Â °ÍÀÌ ÇÊ¿äÇϸ®¶ó »ý°¢ÇÕ´Ï´Ù.

CRAB-DECRYPT.txt ÆÄÀÏÀÇ ³»¿ëÀÔ´Ï´Ù.

---= GANDCRAB V2.1 =---



Attention!

All your files documents, photos, databases and other important files are encrypted and have the extension: .CRAB

The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files.


The server with your key is in a closed network TOR. You can get there by the following ways:

0. Download Tor browser - https://www.torproject.org/

1. Install Tor browser

2. Open Tor Browser

3. Open link in TOR browser: http://gandcrab2pie73et.onion/fbb50603be68046e                       

4. Follow the instructions on this page


If Tor/Tor browser is locked in your country or you can not install it, open one of the following links in your regular browser:
                             
0. https://gandcrab2pie73et.onion.rip/fbb50603be68046e                       
1. https://gandcrab2pie73et.onion.plus/fbb50603be68046e                       
2. https://gandcrab2pie73et.onion.to/fbb50603be68046e                       

ATTENTION! Use regular browser only to contact us. Buy decryptor only through TOR browser link or Jabber Bot!
                       

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.


The alternative way to contact us is to use Jabber messanger. Read how to:
0. Download Psi-Plus Jabber Client: https://psi-im.org/download/
1. Register new account: http://sj.ms/register.php
    0) Enter "username": fbb50603be68046e                       
    1) Enter "password": your password
2. Add new account in Psi
3. Add and write Jabber ID: ransomware@sj.ms any message
4. Follow instruction bot

It is a bot! It's fully automated artificial system without human control!
To contact us use TOR links. We can provide you all required proofs of decryption availibility anytime. We are open to conversations.
You can read instructions how to install and use jabber here http://www.sfu.ca/jabber/Psi_Jabber_PC.pdf

DANGEROUS!

Do not try to modify files or use your own private key - this will result in the loss of your data forever!


QnA
Á¦¸ñPage 2853/5683
2015-12   1491575   ¹é¸Þ°¡
2014-05   4955063   Á¤ÀºÁØ1
2005-11   5034   Á¤¹ü
2016-07   5034   À¯³ª
2008-09   5034   À±È£¿ë
2018-02   5034   ±è°Ç¿ì
2008-12   5034   ¹Ú¿µ¼±
2016-04   5034   ¸Þ·Ð
2008-08   5034   ±è¼®±Ç
2017-12   5034   ¹ÙºÎÆÃÀÌ
2013-09   5034   ÇØÇǹö±×
2007-11   5034   ½ÅÀǽÄ
2016-06   5034   wdm42
2007-08   5034   ¹®º´Ã¤
2014-02   5034   »ßµ¹À̽½ÇÄÀÌ
2006-02   5034   ÀÌ¿µÀÍ
2013-03   5034   À嵿°Ç2014
2016-12   5034   NeOpLE
2016-02   5034   ÃÏ¿ÀÀå
2006-01   5034   ±è»óÀÏ
2019-03   5034   ±èÁöö
2018-07   5034   ÀϷиӽºÅ©