Pay the ransom to the kidnappers on the Internet is a kind of experience? -Coins, dark network, Trojan-IT information
All of your documents, photos, files, databases and other important files have been encrypted. Only this procedure can decrypt the files, do not attempt to use anti-virus software or any tool to attempt to recover the files, otherwise you will never be able to recover all of the files!
This passage is likely to be your boot welcome, if you accidentally download something grotesque.
This is a recent popular abroad, "the game"-"blackmail Trojans." It now appears that the horse has learned Chinese, your visit to China.
This is a cruel "game" because it and you're playing for real. In other words, when you see this message when your important files have really been hacking is highly encrypted. And you are likely to want to really follow the hacker to do to recover the beloved "pornographic" If you do not have to drive them ...
You see, we caught a Trojan unlucky, over more than 70,000 files on his computer is hack encryption, roughly the size of total 20G. So, how much of this has nice Japanese teacher.
"Ransomware Trojans interface shows the number of files that have been encrypted and you"
If you saw the movie, must know traditional extortion processes, that is: " your goose in our hands today at 10 o'clock in the evening, put up 100,000 dollars to the corner the second trash! Dare to alarm, we will kill her. ”
But in the Internet world, demanding your hackers probably are in faraway Colombia, they can be no time to fly to China to turn trash. In order to pay the ransom, you need a name for the "currency" of things. Bitcoin is a widely used virtual currency, and real currency exchange rate parity. Due to the unique coins of the works, it is perfect to hide the identity of the payer and the payee information. For the kidnappers, bitcoin is heaven.
However, the manner of payment of a ransom, an ordinary Chinese, 1000 times harder than put your money in the trash.
To coins to pay, you need to connect dark screen,
To connect dark screen, you need to use dark Web browsers,
To use a dark Web browsers, you need to have climbed over the wall.
So the question comes.
Do you know where to buy coins? Can you use coins to pay? Do you know what is dark NET? Do you know how to use the dark Web browsers? Do you know how to scale the wall? Do you know how to set up a proxy for the Tor browser?
If you want to be a kidnapper, the first being a good science writer. It seems these days, kidnapped at least need a computer science degree.
Interface in extortion, kidnappers patiently teach victims how to download a dark Web browsers (Tor), and "crash tireless" recommends that users search for "Tor Browser".
The next step, "over the wall". Apparently, the kidnappers knew the difficulty of climbing over the wall, and even suggests that the victims seeking "professionals" help. (Which professionals will over the wall? Stand up me! )
We are guided by the spirit of seeking truth from facts, seeking the "professionals" help requested by the kidnappers crossed the mountains, had successfully connected the kidnappers set dark network of primary stations. (Don't ask how I did it, I don't know anything of the kind. ) Then the kidnappers want to trick it? Fire to me!
▲ "Dark Web page of the kidnappers, there is net poker on top of Lei Feng Liu"
View is a Web page, Web design a dark dark, gives an impulse to want to pay. The law can't touch "inception", the kidnappers finally tore the mask of popular science author, open price: to unlock the encrypted file, you need to pay 1 coins!
Nani, 1 bitcoin? Does not sound like your well, now a sesame seed to two dollars was OK. According to instructions from the kidnappers, was delighted to enter to buy the coins "coin of fire net", but found that an alarming fact.
? "Fire net currency exchange rates currency"
I'm sorry? 1 coins to nearly 3000 renminbi? Who provides it? Business allow it? Tax agree yet? Is there any law? Do you were kidnapped? Oh yes, you did well in Anambra.
By now, we open the computer, Oh I'm sorry was locked, then find a stick, get even get on the floor.
What is in your 20G file? Of course if only Japanese teacher seems not worth 3000 pieces to change. However, if there is you for the company's 10,000-word plan? If you and your ex-girlfriend's "precious memories"? If you have been rejected numerous times but the prized fantasy novel?
Is cruel because the kidnappers, he allows you to view the more than 70,000 specific names of multiple files, in a broad array of files, you are likely to find people who could not bear to let go of memories. If you don't pay the ransom, these beautiful files will disappear along with over the years, honest body begin to move the mouse you payment (inner rage OS:3000 ... Is not three months salary? I put up! )。
▲ "Kidnappers screenshot of teach victims how to buy coins tutorial"
Rest easy, kidnapper verifies your coins to the account, it will send back a series of key you entered into the key to unlock the program, began the process of automatically unlock. With the advancing unlock progress bar, you have seen one of our Grandpa Mao rising into the sky, a precious memories and falling Earth.
And so on, seems to be what's wrong?
Kidnappers in the movie as if they had never successfully received a ransom! Shouldn't we be using their intellect, tangle a guy hacking, ultimately successful shredded the kidnappers, rescued baby files?
With eager anticipation, we spoke to a security expert, said:
Samples in the study of emergency against the Trojans. But according to previous studies, this Trojan is likely to be a typical computer lock Trojans, the makers of these Trojans may use such as RSA encryption, encrypt file to the victim. Because RSA encryption is a very safe encryption method, many banks are adopting this method of encryption to protect the safety of customers, there is almost no way to crack the encryption methods locking files.
? "Use scanning software to detect hackers lock hard drive, showing a pack of" horror ""
Thought of good song here: fairy tales are deceptive ... Due to the dark anonymity networks and coins outstanding, even the FBI can accurately detect criminals hiding in the dark network, so "hand-pull the kidnappers planned" or something, or should be on the back burner.
However the world is not entirely hopeless. Sitting in front of your computer reading this you obviously hasn't been this Trojan infection. Security experts told me that if it does happen, there are many ways to prevent:
Don't click on attachments;
Not on the low credibility of website software;
Don't take to others through a network disk, QQ and other ways to share files;
Using security protection software installed on the computer, and in a usable state.
Believe after the analysis of the Trojans, major security vendors will be the first time samples added Trojan virus, once such Trojan-infected users computer is detected, in a pre-emptive strike before it attacks to bring under control. For now, this blackmail Trojans haven't much in our midst spread.
Yes, there is one thing that is very important, it is this: do backup your important information as soon as possible. Of course, because you understand the reasons, some "important information" cannot be uploaded to the cloud. This time, you will need a large, removable hard drive.
Anyway, good luck with that.
在网上给绑匪交赎金是一种怎样的体验? - 比特币,暗网,
木马 - IT资讯
你的所有文档,照片,工作文件,数据库以及其它重要文件都已经被加密。只有本程序可以解密这些文件,不要尝试使用杀毒软件或者任何工具尝试恢复文件,否则你的所有文件将永远无法恢复!
这段话有可能成为你的开机欢迎词,如果你不小心下载了奇形怪状的东西。
这就是最近在国外风靡的“小游戏”——“勒索木马”。现在看来,这只马已经学会了中文,驾临大天朝。
这是一个残酷的“游戏”,因为它和你玩真的。也就是说,当你看到这条信息的时候,你的重要文件真的已经被黑客进行了高度加密。而且你很可能要真的按照黑客的指示去做才能恢复心爱的“艳照们”,如果你没有把它们传到网盘的话。。。
你看,我们活捉了一个中了木马的倒霉蛋,他电脑上的70000多个文件都被黑客加密,总大小差不多20G。所以,这里面得有多少漂亮的日语老师啊。
【勒索木马的界面显示你已经被加密的文件个数和大小】
如果你看过电影,一定知道传统的敲诈流程,那就是:“你的女鹅在我们手上,今天晚上十点,把十万块钱放到街角第二个垃圾桶里!胆敢报警,我们就撕票。”
但是在互联网世界,勒索你的黑客有可能身处遥远的哥伦比亚,他们可没有功夫飞到中国来翻垃圾桶。要想支付赎金,你需要一种名为“比特币”的东西。比特币是一种广泛使用的虚拟货币,和现实的货币存在汇率比价。由于比特币独特的运作原理,它可以非常完美地隐藏付款人和收款人的身份信息。对于绑匪来说,比特币简直就是天堂。
然而,这种支付赎金的方式,对一个普通中国人来说,要比把钱塞进垃圾桶难一千倍。
要想支付比特币,你需要连接暗网,
要想连接暗网,你需要使用暗网浏览器,
要想使用暗网浏览器,你需要翻过一堵墙。
所以,问题来了。
你知道从哪里购买比特币吗?你会用比特币付款吗?你知道什么是暗网吗?你知道怎么使用暗网浏览器吗?你知道怎么翻墙吗?你知道怎么为Tor浏览器设置代理吗?
要想做一个好的绑匪,先要做一个好的科普作家。看起来,这年头干绑票都至少需要计算机硕士文凭。
在勒索界面,绑匪耐心细致地教导受害者如何下载一个暗网浏览器(Tor),并且“毁人不倦”地建议用户搜索“Tor浏览器使用”。
下一步,就到了“翻墙”阶段。显然,绑匪深知翻墙的难度,甚至直接建议受害者寻求“专业人员”的帮助。(哪个专业人员会翻墙?站出来我看看!)
我们本着实事求是的精神,寻求了“专业人员”的帮助,按照绑匪的要求跨越了千山万水,竟然成功连接上了绑匪设在暗网的主站。(别问我是怎么做到的,我什么都不知道。)那么,绑匪究竟要使出什么花招呢?向我开炮吧!
▲【绑匪的暗网网页,还有雷锋网在上面的火钳刘明】
映入眼帘的是一个网页,网页设计漆黑幽暗,带给人一种想要付钱的冲动。在这个法律都无法触及的“盗梦空间”,绑匪终于撕下了科普作者的面具,开出了价码:要解锁被加密的文件,你需要支付1个比特币!
纳尼,1个比特币?听起来并不贵嘛,现在一个烧饼都要两块钱了好不好。我们根据绑匪的指示,欣喜地进入了购买比特币的“火币网”,却发现了一个令人震惊的事实。
▲【火币网比特币汇率】
什么?1个比特币要将近3000块人民币?谁规定的?工商允许了吗?税务同意了吗?还有没有王法?你们是在绑票吗?哦对,你们就是在绑票。
事到如今,我们还是打开电脑,哦不好意思被锁了,那就找一个木棍,在地板上算算帐吧。
你的20G文件里到底有什么呢?当然如果只有日语老师,似乎并不值得你用3000块来换。但是,如果里面有你给公司做的一万字的策划呢?如果里面有你和前女友的“珍贵回忆”呢?如果里面有你创作的被退稿无数次但是视若珍宝的玄幻小说呢?
绑匪的残忍之处在于,他允许你查看这70000多个文件的具体名称,在浩如烟海的文件中,你很可能会找到那些不忍割舍的回忆。想到如果不付赎金,这些美好的文件就会随着过往的岁月一起烟消云散,你诚实的身体开始移动鼠标准备付款(内心暴怒的OS:3000块。。。不就是三个月工资吗?老子忍了!)。
▲【绑匪教被害人如何购买比特币的教程截图】
其余的事情变得很简单,绑匪验证你的比特币到账,就会发回一串密钥,你把密钥输入到解锁程序中,就开始了自动解锁过程。随着解锁的进度条不断推进,你仿佛看到了一张张毛爷爷升上天空,一段段珍贵的回忆又飘落人间。
等等,好像有哪里不对?
电影里的绑匪好像从来没有顺利收到赎金啊!难道我们不可以运用自己的智慧,纠结一帮身怀绝技的黑客,最终成功手撕绑匪,救回亲爱的文件吗?
带着这样热切的期盼,我们采访了一位安全专家,他表示:
针对这个木马的样本还在紧急研究中。不过根据以往的研究,这个木马很可能是典型的电脑密锁类木马,这类木马的制造者可能会采用例如RSA加密等方式对受害者的文件进行加密。由于RSA加密方式是一种非常安全的加密手段,很多银行都采用这种加密方式保护客户的安全,所以目前几乎没有办法破解被这类加密方法锁定的文件。
▲【使用扫描软件探测被黑客锁定的硬盘,呈现出一派“惨状”】
这里想到了光良的那首歌:童话里都是骗人的。。。由于暗网和比特币优秀的匿名性,连FBI都无法准确探测到藏身于暗网的犯罪分子,所以“手撕绑匪计划”什么的,还是应该先放一放。
然而这个世界并不是完全绝望的。因为坐在电脑前看这篇文章的你,显然还没有被这个木马感染。安全专家告诉笔者,只要事情还没有发生,就有很多种方法来防患于未然:
不要随意点击邮件附件;
不要在可信度不高的网站下载软件;
不要轻信别人通过网盘、QQ群等方式分享的文件;
在电脑上安装使用安全类防护软件,并保持在可用状态。
相信在对木马加以分析以后,各大安全厂商都会在第一时间把木马样本加入病毒库,一旦检测到这类木马感染了用户的电脑,在它发作之前就会先发制人把木马控制住。目前看来,这个敲诈木马还没有在我们中间大肆流传。
对了,有一件事非常重要,那就是:赶快把你的重要资料做好备份。当然,因为你懂的原因,有些“重要资料”是无法上传到云端的。这个时候,你需要一个超大的移动硬盘。
总之,祝你好运。