KUZA 勒索软件
KUZA 勒索软件是一种威胁。KUZA 勒索软件会加密受害者文件并在其后附加“.Ripa”扩展名,有时还会添加网络罪犯的电子邮件地址。感染后,KUZA 勒索软件会向受害者发送名为“#Read-for-recovery.txt”的勒索信,要求受害者支付解密费用。KUZA 勒索软件属于臭名昭著的Proton 勒索软件家族。
KUZA 勒索软件的主要特征:
- 文件加密: KUZA 加密文件并添加“.Ripa”扩展名以及网络犯罪分子的联系电子邮件地址。
- 赎金信息:受害者收到一条名为“#Read-for-recovery.txt”的赎金信息,以发起联系以进行付款和解密。
- 联系方式:网络犯罪分子提供了两个用于通信的电子邮件地址:amir206amiri2065sa@gmail.com 和 amir206amiri2065sa@tutamail.com。
- 感染媒介: KUZA 勒索软件可以通过欺诈性广告、种子网站或包含宏的受感染电子邮件附件渗透到计算机。
防范 KUZA 勒索软件:
为了防范 KUZA 和类似的勒索软件威胁:
- 谨慎使用电子邮件附件:避免打开可疑附件,尤其是来自未知发件人的附件。
- 警惕种子和广告:不要下载来自不可靠来源的软件或点击广告。
- 实施安全软件:安装信誉良好的反恶意软件并更新它以检测和防止勒索软件攻击。
KUZA 勒索软件强调了采取有效的网络安全措施以减轻数据丢失和财务损失风险的迫切必要性。
KUZA 勒索软件的受害者将收到以下赎金信息:
'~~~ KUZA ~~~
>>> What happened?
We encrypted and stolen all of your files.
We use AES and ECC algorithms.
Nobody can recover your files without our decryption service.
>>> How to recover?
We are not a politically motivated group and we want nothing more than money.
If you pay, we will provide you with decryption software and destroy the stolen data.
>>> What guarantees?
You can send us an unimportant file less than 1 MG, We decrypt it as guarantee.
If we do not send you the decryption software or delete stolen data, no one will pay us in future so we will keep our promise.
>>> How to contact us?
Our email address: amir206amiri2065sa@gmail.com
In case of no answer within 24 hours, contact to this email: amir206amiri2065sa@tutamail.com
Write your personal ID in the subject of the email.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>> Your personal ID: - <<<<<
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> Warnings!
- Do not go to recovery companies, they are just middlemen who will make money off you and cheat you.
They secretly negotiate with us, buy decryption software and will sell it to you many times more expensive or they will simply scam you.
- Do not hesitate for a long time. The faster you pay, the lower the price.
- Do not delete or modify encrypted files, it will lead to problems with decryption of files.'
