·»¼¶¿þ¾î¿¡ °¨¿µµÆ´Âµ¥...

   Á¶È¸ 5063   Ãßõ 0    

문득 이상한 파일이 있어 보니 8/2자 날짜로 저장돼 있는 KRAB-DECRYPT.txt 입니다. 아래 같은내용으로...

윈10, 카스퍼스키 깔려 있는데, D, E 드라이브 root에 아래 같은 파일이 존재하더군요. 근데, 저는 사실 아무 변화? 없이 두달 동안 잘 사용하고 있었습니다.

카스퍼가 막은 것인가요? 암튼 전산팀에 오늘에야 발견하고 신고 했더니... 잔말 말고 포맷하라고... 이미지 떠 놓은 것도 좀 비실비실한 상태였던 거라 이참에 포맷하려고 하느데, 검색해 보니 Fake 랜섬은 아니더군요.

혹시 이런 상황(불행 중 다행입니다만) 설명해 주실 분 계신지요.

고맙습니다.



-----------------KRAB-DECRYPT.txt 내용 -------------------------------------------------

---= GANDCRAB V4  =--- 

Attention! 

All your files, documents, photos, databases and other important files are encrypted and have the extension: .KRAB 

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.

The server with your key is in a closed network TOR. You can get there by the following ways:

----------------------------------------------------------------------------------------

| 0. Download Tor browser - https://www.torproject.org/ 

| 1. Install Tor browser 

| 2. Open Tor Browser 

| 3. Open link in TOR browser:   http://gandcrabmfe6mnef.onion/8abc99065aaf7930                        

| 4. Follow the instructions on this page 

----------------------------------------------------------------------------------------                    

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free. 

ATTENTION!

IN ORDER TO PREVENT DATA DAMAGE:

* DO NOT MODIFY ENCRYPTED FILES

* DO NOT CHANGE DATA BELOW

---BEGIN GANDCRAB KEY---

lAQAADLI/O+UWzuF/6P61/heX/T892OXUW50vUcITPyjFGx+ucXAK47mEVVWamsuGkcp/YXF55tnPOlF62JNZnKnOqDwgmkqvhMVe1zGMH9Z6xZX1mTyOaX6+FpL4ALsVB26EaZy48ClPh/hh3UvhDE2BwFH8MOhQ9aJGyQlAkloyYb7yexA08/X720mLMr3Jj91rPZGA0zHg58YwvlT8gtTh5S9auYrE+Z+k+siupgUoMqDhJomq+J4eBmOCWlY6/DOdOUj451C/7Nt62kStrVVduBdEIgMskR4nn8BMB/0NsBrpIiGgLyipPlOFByRm6VsuQWJ+Y3bv04vKpXQ/0dIpYYCNCi7WMLaevy8BE1/bpLz6ATR1hWzfuIw4L2qQL+NspM81LqFoizz3Y5ntrQ388tqSe4L8Do+eZ62LdkqjN4yaN17m3Gvj6IYxAgWL6ZSwco0FqNIHj0Kc691anbjfA67vAmMWbZ+C1Xyi+81EPQW+NevKe96CnQkb5U3X3S3LJMzNugva579C3wsegmuekJTYFBH0fvnrKc//SE2xh9mSTELzDiesLVBNNi8dDOQMjsPHw1I/QLKErUTv7l6GtV09nt43+qskkrJg5CN+JU8YuE9Inrg7I0qriUYPDXXKf6+KlxjW1olc6ALlsaSZMh23eAEUQRsG78RV/vSvbiHBZp0rUr4A5v6szLLqpN32tj1xBfSnMHotba/sZ3QGnAYY5GglXPqFbXRFKiClfzhZYuby7jaIJLp4n9RdPExAL6R88NlPiHOdnXpX8YZsMCA+itQZQOlwzT5Fzw26XKzNklvj/j0TV2sl37NnZTt2GGsRI3FQPWO1sDjBZJFAnPH+V5s1wlB7OD4CwAUQJKwjnk6XFuj2691FrsC21y0iZJGg4yWJxM9KxJlb3hhAlGw85yTYGtKwDW/n8VsLIcXeparZj22hCg6nEZtkqGmudK0hmPKbZKAzNG2WCBfm8Al/ZJpqJkc5px6COc2BgKVEfSoG11+iYYlG1SQrCVj7j3jGhYtz7iQaFeW00sKx1bX4JHDwu3ur8WImWjT8ZnAdOpJj2Qo9V+7YKWdhcBxJyOxTQ/EJUi5H+HwbTwpfGIH9GwvML8CD4LgAJ6YgWEa2zdErXHQF5oT5X4rETGrCrZ6x0LA53L0qvErCzfdUDd4wbOMX8q/nsslCks17N6LQ8QpFjyL4526NkXfFCWVFLkreqsKxjSXkm+eRIF4m1rtKX8VPuP1SJDvUplVcLd3DKlrKFWvDgcdKJPYlkOCBcb1ngxPR/sLit2DuZfz6RpRdPryz/3RvmYnTZwnRACJZHBnzoe+O5pQXo8Uwx2Rnf1nhNdc8dBWs9vJPcxllmR9YARIupxxbK6xPmQkj90h9ZPsHDROJDXR4H+Bfog7MxQzf8s/mNzXaWuraLphn6kZ/SJlgwjPjW5tjZMW+gOLm4RCmcsk/JWIy6Sp19Duj4Xo0Y25aqv5yp/zf7AQbuaBw/JIuSq3yDGw34f5OnAn+FEjcPYqmt+YC8rDQvqaAjVufZPDlQ0Z30wCl0mLV9i9EmmbC1V28E3UYXXnTXTZU7OAX6ihZMToUCO5I7x+r1rILRQgC53KoedmBN99w09IIsHVN2fJ5pEoTEXETnaEINezY0dTONnWb+zLNn2mDwovc3G1IOXjpfK2OLAXoeoT6PN2W5s8iaTjbKi48qYetzlLrRipvEx8dEPdC5wxmFtm9NZz8fORUBR/xY3RJUW6FgZSZ/fxqaNORyT2Iza9iRsfHWCgEv6e6nqQq3JxmbOesUur1ASOIic9UzKWblZ496JbcwhPhbZCm+SjlFW8leS3j6BVFuxKkl7zh4kYra0CfzvyXyyR4Pt0DKyNT6IO3GsQ6UIcin877+XRmeY7VXZadIDeCjvJidrEP6ldkyA8ThV5FijsW6ABqLotpAkX5tuhOuIGU5u1E+Vqud/wF2Ope/B+FWOBKRsCH3wXkXsNTNPEYhQw/S51rqdVhSXPHxBcQMUWHZdwXmNikCYi01tMzCDwVLbLkD3PGENsZPdtUrQnV6dDd7NEdHywbrdzdrt12C78JLpUjMw+M935nvI0AyycdXGYzYhq+uf7vWIuqhE1mPdg6vJGkqkn6GqezCpiORdCR1F6Vq+QMNb70edLBX1Yi9oOzoU7YeEwj2QWejd+9+sSq2zwIXayiOUIN5F5uLm9WjRyUksiVqce/bMTa/6VeZAOIacWBrufq+jVXyI=

---END GANDCRAB KEY---


---BEGIN PC DATA---

wfKD6iudumBkmpL8IRr4U+Z2TYDF8D3t3jxjOpv1xlYovOuWNx4WYYldz5ZdTphRsXYR7mdWq7faTHWH5R5YBLDzo9Mu7+n6TUGEDBbiCpJj89LFMP/fmBOoBJAGLoqj/Px82WjxHJK0ip6hCUS4AqkAxrZKOPCX8LmabVUkcnQybcSWqsC4YYlYBKSExt8pE45r28KAR1KIZBdV4APFuUncZiJ92P2MZ0OQMJQPkYpNLF2TNJxXmtEoWXZvP+o/CfqF1shzlzbajcJAFXgll55nRd1rCDYxfQ7cDMQr7n1+SmjFHw+tkbsta9iVqcCnrbr95/tivLExkSfBsuL9/yI2HOtuGt1YaFqVBmXt/BGIEZob/idP4ra4Yqa1Y8ZyYYzy2SmikpQSTWYqblO5JIcJ8pE5wIQoAxPBnKw+Cu5JAOef2WFig6FrWw3jxHhKuQ6fZlrpfREi3vTLM+ar1wIZN3QTRlWKfznV1lPgcH8NmVffniz2QU5nm7Ivlsiw63IKVYrpeDf8fAgcCMBpPwBN+38+QwTCr6YtEuHtKkipBYBMapH1HpMOdL/KRdAPool+V7zu5LPJzMH9PXYCh8kz7exNRfttXf/Ybj/WouJkXppeRdRS9CphT1Kp2tFgkGnbLVMzkAsBfmD5HmFciTgEzbIBT7jbCwFzKdv/zDNsdHM3u24NfaiU43JgLfS8Uh0YXfIDE9YvjSbfmwqIwmcu1sV4mOTgkIqgOnBtESt+DiZI4BsYYF0C8rwBZhQyr8sbO8ilfU/VrqtOlo8nQ+7Dgu6+4+vlvy373JlhOvnU5+g1lMo=

---END PC DATA---

ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
¾îµð¼­ °¨¿°µÇ¾ú´ÂÁö ¸ð¸£°ÚÀ¸³ª ÆÀ¿¡¼­ ½ÃÅ°´Âµ¥·Î ÇÏ½Ã¸é µË´Ï´Ù.
¼³¸íÀÌ ÇÊ¿ä¾øÀ»ÅÙµ¥¿ä. º»ÀÎ ºÎÁÖÀÇ - °¨¿°, ³¡.
DDDIE 2018-10
ÇÏÁö¸¸ ÆÀÀÌ ½ÃÅ°´Â´ë·Î Çß´Ù°í Çؼ­ º¹±¸µÈ´Ù´Â º¸ÀåÀº ¾ø½À´Ï´Ù.
À¯È£ÁØ 2018-10
±×ÃÝ, Á¦ ºÎÁÖÀÇÀε¥... ¾ÏÆ° ¸ðµç ÆÄÀÏÀÌ ¸ÖÂÄÇÏ´Ï... ºÒÇàÁß ´ÙÇà. »¡¸® Æ÷¸ä...
ºñ¼ýÇÑ °æÇèÀÌ Àִµ¥, Áö³­ 4¿ù ¾î´À³¯ ¹®µæ µÚ´Ê°Ô ¹ß°ßÇÏ¿´½À´Ï´Ù.
Æú´õ ¸¶´Ù CRAB-DECRYPT.txt ÆÄÀϵéÀ» ½É¾îµÎ¾ú´Âµ¥, ÆÄÀϵ鿡 ´ëÇÑ ¾Ïȣȭ´Â ÁøÇàµÇÁö ¾Ê¾Ò½À´Ï´Ù.
ÆÄÀϵéÀ» ¾Ïȣȭ ÇÏ´Â ·£¼¶À̾ú´Ù¸é ÀÌ¹Ì ¾Ïȣȭ ¿Ï·áµÇ¾úÀ» ÅÍÀε¥, ¸ÖÂÄÇÏ¿´½À´Ï´Ù.
»ç¿ëÇÏ´Â ¹é½ÅÀº V3¿Í AntiLansumWare ÀÔ´Ï´Ù.

C µå¶óÀ̹ö´Â °í½ºÆ® À̹ÌÁö¸¦ Ç®¾î¼­ º¹¿øÇß°í, µ¥ÀÌŸ µå¶óÀ̹ö¿¡´Â ¹«´Ü ¼³Ä¡µÈ ÆÄÀϵéÀ» °Ë»öÇؼ­ ¸ðÁ¶¸® »èÁ¦ÇÏ¿´½À´Ï´Ù.
µ¥ÀÌŸ ÆÄÀÏÀ» ¹é¾÷ ÇصРº°µµ µð½ºÅ©´Â ÀÖ¾úÁö¸¸, ±äÀå »óŸ¦ À¯ÁöÇϸ鼭 °è¼Ó »ç¿ëÇغôµ¥, ´õ ÀÌ»óÀÇ º°´Ù¸¥  ¿À·ù´Â ¹ß»ýÄ¡ ¾Ê¾Ò½À´Ï´Ù.
³ª Ȧ·Î ÀÛ¾÷Çϴ ȯ°æÀ̶ó À§ÇèÇÑ ¸ðÇèÀ» °¨ÇàÇغ» °ÍÀÌÁö¸¸, ´Ù¸¥ »ç¿ëÀÚµé°ú °°ÀÌ ÀÛ¾÷Çϴ ȯ°æÀ̶ó¸é ±ú²ýÇÏ°Ô Æ÷¸ËÇÏ´Â °ÍÀÌ ÇÊ¿äÇϸ®¶ó »ý°¢ÇÕ´Ï´Ù.

CRAB-DECRYPT.txt ÆÄÀÏÀÇ ³»¿ëÀÔ´Ï´Ù.

---= GANDCRAB V2.1 =---



Attention!

All your files documents, photos, databases and other important files are encrypted and have the extension: .CRAB

The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files.


The server with your key is in a closed network TOR. You can get there by the following ways:

0. Download Tor browser - https://www.torproject.org/

1. Install Tor browser

2. Open Tor Browser

3. Open link in TOR browser: http://gandcrab2pie73et.onion/fbb50603be68046e                       

4. Follow the instructions on this page


If Tor/Tor browser is locked in your country or you can not install it, open one of the following links in your regular browser:
                             
0. https://gandcrab2pie73et.onion.rip/fbb50603be68046e                       
1. https://gandcrab2pie73et.onion.plus/fbb50603be68046e                       
2. https://gandcrab2pie73et.onion.to/fbb50603be68046e                       

ATTENTION! Use regular browser only to contact us. Buy decryptor only through TOR browser link or Jabber Bot!
                       

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.


The alternative way to contact us is to use Jabber messanger. Read how to:
0. Download Psi-Plus Jabber Client: https://psi-im.org/download/
1. Register new account: http://sj.ms/register.php
    0) Enter "username": fbb50603be68046e                       
    1) Enter "password": your password
2. Add new account in Psi
3. Add and write Jabber ID: ransomware@sj.ms any message
4. Follow instruction bot

It is a bot! It's fully automated artificial system without human control!
To contact us use TOR links. We can provide you all required proofs of decryption availibility anytime. We are open to conversations.
You can read instructions how to install and use jabber here http://www.sfu.ca/jabber/Psi_Jabber_PC.pdf

DANGEROUS!

Do not try to modify files or use your own private key - this will result in the loss of your data forever!


óÀ½À¸·Î (238,445)
Á¦¸ñ
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-19   94   ¹Ú¸í±ÙTN
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-19   437   ±èµ¿¿µ³²
2CPU : °¡»óÈ­ 10-19   7888   Çϴûö²Þ
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-19   184   ±è¹Î¼º
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-19   278   ±è¹Î¼º
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-19   56   ¹Î»çÀå
2CPU : °ßÀû 10-19   182   EYESSHOT
2CPU : ÆǸŠ10-19   518   Åë½Åº¸¾È
2CPU : ÆǸŠ10-18   420   cb400
Ä©.... (14)
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-18   272   PCMaster
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-18   396   ²Þµ¹ÀÌÄ£±¸
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-18   168   NeOpLE
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 10-18   77   ÀüÁ÷P¿¬±¸¿ø
2CPU : ÆǸŠ10-18   511   ¸ð½º¿ùµå
2CPU : ÆǸŠ10-18   235   ±¤ÁÖµ¿Å°È£Å×