Hunt 勒索軟體鎖定受害者係統

在檢查新檔案樣本時，我們的研究團隊發現了一個名為 Hunt 的惡意軟體，該軟體屬於 Dharma 勒索軟體組織。該軟體旨在加密本地和網路共享文件，旨在勒索付款以換取解密。

在我們對測試平台的評估中，Hunt 加密了檔案並更改了檔案名稱。原始檔案名稱附加了獨特的識別碼、網路犯罪分子的電子郵件地址和「.hunt」副檔名。例如，名為「1.jpg」的檔案被轉換為「1.jpg.id-9ECFA84E.[bughunt@keemail.me].hunt」。

在加密過程之後，勒索軟體透過彈出視窗和標有「info-hunt.txt」的文字檔案呈現勒索訊息。該文字文件僅通知受害者其文件已加密，並建議他們聯繫肇事者進行恢復。同時，彈出視窗提供了有關勒索軟體感染的更多詳細信息，這意味著需要支付贖金才能恢復資料。

在遵守這些要求之前，受害者最多可以對三個檔案進行解密測試，這些檔案大小不超過 5 MB，且不包含關鍵或有價值的內容。本通知也詳細說明了向第三方尋求協助的相關風險。

完整的狩獵贖金票據

亨特製作的贖金字條全文如下：

All your files have been encrypted!

Don't worry, you can return all your files!
If you want to restore them, write to the mail: bughunt@keemail.me YOUR ID -
If you have not answered by mail within 12 hours, write to us by another mail:bughunt@airmail.cc

We strongly recommend that you do not use the services of intermediaries and first check the prices and conditions directly with us
The use of intermediaries may involve risks such as:
Overcharging: Intermediaries may charge inflated prices, resulting in improper additional costs to you.

Unjustified debit: There is a risk that your money may be stolen by intermediaries for personal use and they may claim that we did it.

Rejection of the transaction and termination of communication: Intermediaries may refuse to cooperate for personal reasons, which may result in termination of communication and make it difficult to resolve issues.

We understand that data loss can be a critical issue, and we are proud to provide you with encrypted data recovery services. We strive to provide you with the highest level of confidence in our abilities and offer the following guarantees:
Recovery demo: We provide the ability to decrypt up to three files up to 5 MB in size on a demo basis.

Please note that these files should not contain important and critical data.

Demo recovery is intended to demonstrate our skills and capabilities.

Guaranteed Quality: We promise that when we undertake your data recovery, we will work with the utmost professionalism and attention to detail to ensure the best possible results.

We use advanced technology and techniques to maximize the likelihood of a successful recovery.

Transparent communication: Our team is always available to answer your questions and provide you with up-to-date information about the data recovery process.

We appreciate your participation and feedback.

Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.

如何主動保護您的資料免受勒索軟體侵害？

您可以採取一些主動措施來保護您的資料免受勒索軟體的侵害：

定期更新軟體：確保您的所有作業系統、應用程式和安全軟體均已安裝最新修補程式和更新。過時軟體中的漏洞經常被勒索軟體攻擊者利用。

使用防毒和反惡意軟體軟體：在您的所有裝置上安裝信譽良好的防毒和反惡意軟體程式並保持更新。這些工具可以偵測並防止勒索軟體感染。

實施安全最佳實務：實施強密碼策略，盡可能啟用多重驗證，並將使用者權限限制為僅必要的權限。此外，請考慮實施網路分段以限制勒索軟體在網路中的傳播。

定期備份資料：定期將重要文件和資料備份到外部儲存設備或基於雲端的備份服務。確保您的備份保持離線狀態並與網路斷開連接，以防止它們被勒索軟體加密。

實作電子郵件和網頁過濾：使用電子郵件和網頁過濾解決方案來阻止可能包含勒索軟體或其他惡意軟體的惡意附件、連結和網站。

監控網路流量：監控網路流量是否有可能表示勒索軟體感染的異常活動。入侵偵測和防禦系統可以幫助偵測並阻止勒索軟體，防止其造成損害。