OpenWrt Chaos Calmer 15.05.1 r49389中勒索病毒

OPENWRT SERVER被勒索病毒入侵,加密哂幾TB野資料盡失
估唔到咁簡單既LINUX都有人研發病毒

OpenWrt
主机型号        Intel(R) Celeron(R) CPU 1037U @ 1.80GHz
固件版本        OpenWrt Chaos Calmer 15.05.1 r49389 / LuCI for-15.05 branch (git-17.136.58961-13aa5ff)
内核版本        3.18.45
本地时间        Mon Jul 3 22:13:07 2017
运行时间        12d 2h 35m 8s


Using username "root".


BusyBox v1.23.2 (2017-06-01 00:38:55 CST) built-in shell (ash)

****************************************!WARNING!*******************************            *******
******************************YOUR SERVER ARE INFECTED**************************            *******
*******ALL YOUR DATABASES, SITES AND USERS HOME DIRECTORIES HAVE BEEN ENCRYPTED*            *******

================================================================================            =======
YOUR UUID IS : 1231239812983687127382xhdjh2j3jk2kj19871bjdbkja1kj2kj1g1298129Zz5            67f
================================================================================            =======


If you want to restore your files, send your UUID to e-mail: wyman.alesha@mail.r            u
You have to pay for decryption in Bitcoins. The price depends on how fast you wr            ite to
us. After payment we will send you the decryption tool that will decrypt all you            r files.

FREE DECRYPTION AS GUARANTEE
Before paying you can send to us up to 1 files for free decryption.
Please note that files must NOT contain valuable information
and their total size must be less than 1Mb

********************************************************************************            *******
********************************************************************************            *******
****************************************!WARNING!*******************************            *******
root@OpenWrt:~#

唔係呀?我個ftp都係ooenwrt,有無風險?

TOP

我開左Samba,SSH,FTP
SAMBA HKBN已封PORT
最有可能係SSH 或 FTP
真係要留意

TOP

有無呢D勒索軟體或者其他病毒都要定時做backup,隨時預備total loss

TOP

有無呢D勒索軟體或者其他病毒都要定時做backup,隨時預備total loss
solexkey 發表於 2017-7-3 22:32



好彩上個月3號BACKUP左

TOP

TOP

本帖最後由 solexkey 於 2017-7-3 22:46 編輯
好彩上個月3號BACKUP左
gl5900as 發表於 2017-7-3 22:36



Touchwood我到而家都未動用過 D backup, 有時間都要試吓 d restore

TOP

Samba 永遠都唔應該擺出街

TOP

正常都唔會放samba出街

TOP

OPENWRT SERVER被勒索病毒入侵,加密哂幾TB野資料盡失
估唔到咁簡單既LINUX都有人研發病毒

OpenWrt
主机型 ...
gl5900as 發表於 2017-7-3 22:15



    C Hing 你係受害者?

TOP