Last May's outbreak of WannaCry ransomware virus so that people still have palpitations, recently, its "brother" - a new type of ransomware virus AllCry suddenly appeared, it disguised as a PDF icon to confuse the majority of network administrators click, raided a large number of server equipment, and ransom worth nearly 30,000 yuan of bitcoin ransom.

However, Internet users need not worry too much, this time AllCry will not make the trapped people "cry" again. At present, 360 Security Guard not only can fully intercept and kill the virus, 360 "Decryption Master" has also been urgently integrated decryption tools, even if unfortunately hit can also be scanned and recovered documents with one click.

Figure: 360 Decryption Master function interface

AllCryThe name of the ransomware virus is similar toWannaCry Very similar.， But the two attacks are very different。 It disguises itself as a common software icon to lure trapped people into clicking， Behind the scenes, they're secretly executing encryption programs.， Change the file suffix tampering to“.allcry"， And take the opportunity to blackmail1 One bitcoin.（ approximately RMB30000 primary） ransom。

Figure: After being infected with Allcry ransomware, the host screen will actively pop up the ransomware interface

The AllCry attack was targeted very specifically, mainly at large numbers of valuable servers. When the ransomware virus runs, it detects more than a dozen processes that are important components of the server and forcibly ends those running processes to prevent the associated files from being taken up and causing the ransomware virus encryption to fail.

After an urgent analysis of the AllCry virus sample, the 360 security research team found that the virus encryption process uses a symmetric algorithm to process the key, which means that the encryption algorithm is possible to be brute-force cracked. By reversing the encryption mechanism, 360 "Decryption Master" urgently launched the decryption tool, so that trapped people can scan and decrypt all the trapped documents with one click.

Photo: 360 Decryption Master scans and decrypts AllCry encrypted documents with one click

If you search for "File Decryption" in the latest version of 360 Security Guard, you can open 360 Decryption Master, select the path containing the encrypted files in the pop-up window, and then click Scan Now to complete the decryption. 360 Decryptor, as the world's largest and most effective ransomware recovery tool, can currently crack ransomware viruses up to nearly 100 kinds.

The AllCry ransomware virus has not yet seen widespread spread in China, but it has a tendency to take advantage of WannaCry's deterrent power to make waves. Zhou Hongyi, founder and CEO of 360 Group, has said that the outbreak of WannaCry has opened the curtain on the era of great security, and that cyber attacks will become more and more frequent, and cybercrime will also show explosive growth. The successive outbreaks of ransomware variants such as Petya and BadRabbit after WannaCry have also confirmed exactly this.

It's been more than six months since the WannaCry incident, but the majority of Internet users should still beware of the lingering effects of the ransomware virus. In addition to personal computers, servers are increasingly becoming the hardest hit by all kinds of new virus attacks because their data files are more sensitive and important, and the willingness to pay ransom for infection is stronger. In addition to setting strong passwords, patching vulnerabilities regularly, and closing high-risk ports, both individual users and network administrators should try to keep security software turned on to fully defend against all types of ransomware and variants.

Recommended>>
1、Your First Progressive Web Application 5
2、Big data has become a highlight of the provincial institutional reform eight provinces have set up big data bureau
3、Google Plugin Tampermonkey primary
4、Five Beasts of SpringCloud Distributed Development
5、Boston Dynamics Manufacturings Terror Anxiety SpotMini Robots Rule the World

已发送

发送中