Bitcoin virus micro blog
Publish: 2021-04-24 00:39:18
1.
The virus in the "bitcoin virus" incident is known as "ransomware". By encrypting the files in the victim's computer, you can't open them completely to ask for ransom. This is a virus attack launched by lawless elements by using "eternal blue" leaked from NSA hacker's weapon library. It does not need any operation of users. As long as it is turned on and connected to the Internet, lawless elements can implant blackmail software into computers and servers
What's more terrible is that this is just the beginning. Now this blackmail virus has spread to all over the world, including many colleges and universities in China. You can see many students on the Internet showing pictures of their computers being attacked. I have to say that hackers are really well intentioned, even in simplified Chinese
2. 1. Reload the system, but the infected files cannot be recovered< Prevent file loss and virus invasion:
(1) data backup and recovery measures are the important work to recover the loss in the event of blackmail, so it is necessary to make remote backup of important file data in time to prevent losses caused by virus infection
(2) make sure the firewall is on
(3) don't open unknown email or link easily.
(1) data backup and recovery measures are the important work to recover the loss in the event of blackmail, so it is necessary to make remote backup of important file data in time to prevent losses caused by virus infection
(2) make sure the firewall is on
(3) don't open unknown email or link easily.
3. 1、 Prepare a U-disk or mobile hard disk. Before going to work on Monday, you can download 360 security guard [offline disaster relief version] under the safe network environment at home. 2. After arriving at the company, first unplug the network cable of the office computer, turn off the wireless network switch, and then turn on the computer. 3. Insert the prepared U-disk or mobile hard disk into the office computer, and install 360 security guard [offline disaster relief version]. 4 The NSA Arsenal immune tool of 360 security guard [offline disaster relief version] will run automatically, and detect whether there is a vulnerability in your computer. 5. Please wait patiently ring the process of repairing the vulnerability, which generally takes 3-5 minutes. After the repair is successful, you will be prompted by a pop-up window. Please [restart computer] so that the repair operation will take effect completely. 7、 After restarting the computer, you can run the NSA defense tool again through the desktop shortcut [blackmail virus relief] to ensure that your system has been repaired.
4. Try Tencent mobile phone housekeeper protection and killing
turn on Tencent mobile phone housekeeper security protection (or in-depth killing, turn on settings stubborn Trojan horse killing)
it is one of the initiators of mobile payment security joint protection plan, and the payment security protection is more comprehensive ~
mobile phone security software can scan the payment environment for you in the background to ensure that there is no mistake in payment
Tencent mobile housekeeper provides mobile payment vulnerability detection, and will prompt users to download and install patches to fix the vulnerability; "Payment safe" will be created to conct security detection on various online shopping payment applications, and find out malicious applications such as forgery and drug hiding~
turn on Tencent mobile phone housekeeper security protection (or in-depth killing, turn on settings stubborn Trojan horse killing)
it is one of the initiators of mobile payment security joint protection plan, and the payment security protection is more comprehensive ~
mobile phone security software can scan the payment environment for you in the background to ensure that there is no mistake in payment
Tencent mobile housekeeper provides mobile payment vulnerability detection, and will prompt users to download and install patches to fix the vulnerability; "Payment safe" will be created to conct security detection on various online shopping payment applications, and find out malicious applications such as forgery and drug hiding~
5. In the bitcoin virus, 360 antivirus is useless, and even some paid antivirus software can not be used
bitcoin virus (bitcoin Trojan horse) "bitcoin blackmailer" was popular abroad in 2014, and was found in China in early 15 years. This kind of Trojan will encrypt 114 kinds of files in the infected computer, such as docx, PDF, xlsx, JPG and so on, making it unable to open normally, and pop up windows to "blackmail" the victim, requiring the victim to pay 3 bitcoin as "ransom". According to the recent bitcoin price found by the reporter from the Internet, 3 bitcoin is almost 5000 yuan or 6000 yuan. This kind of Trojan horse is generally spread through English mail. The name of the Trojan horse program is usually in English, which means "order", "proct details", etc., and uses fax or form icon, which is very confusing. The recipient easily mistakenly thinks that it is a working file and clicks to run the Trojan horse program.
bitcoin virus (bitcoin Trojan horse) "bitcoin blackmailer" was popular abroad in 2014, and was found in China in early 15 years. This kind of Trojan will encrypt 114 kinds of files in the infected computer, such as docx, PDF, xlsx, JPG and so on, making it unable to open normally, and pop up windows to "blackmail" the victim, requiring the victim to pay 3 bitcoin as "ransom". According to the recent bitcoin price found by the reporter from the Internet, 3 bitcoin is almost 5000 yuan or 6000 yuan. This kind of Trojan horse is generally spread through English mail. The name of the Trojan horse program is usually in English, which means "order", "proct details", etc., and uses fax or form icon, which is very confusing. The recipient easily mistakenly thinks that it is a working file and clicks to run the Trojan horse program.
6. 1. You can install a computer manager on your computer, and then open the toolbox to find the document Guardian
3. Through this function, there is a file recovery function to recover the files deleted or encrypted by blackmail virus
3. Through this function, there is a file recovery function to recover the files deleted or encrypted by blackmail virus
7. 1. Don't give money. Even if you hand it in, you may not be able to recover the data
2. 3. Install anti extortion protection tools, do not visit the website, do not open suspicious mail and files
4. Turn off the computer, including TCP and UDP protocol ports 135 and 445. Pay special attention to win7 system, do not use campus network, nor CMCC
5. If you still can't understand it, cut off the network
[how to prevent bitcoin blackmailer virus] some suggestions on Security:
backup important personal data. Pay attention to personal computer security maintenance, regularly update system patches, safe and reliable antivirus software.
2. 3. Install anti extortion protection tools, do not visit the website, do not open suspicious mail and files
4. Turn off the computer, including TCP and UDP protocol ports 135 and 445. Pay special attention to win7 system, do not use campus network, nor CMCC
5. If you still can't understand it, cut off the network
[how to prevent bitcoin blackmailer virus] some suggestions on Security:
backup important personal data. Pay attention to personal computer security maintenance, regularly update system patches, safe and reliable antivirus software.
8. Direct use of anti-virus software can directly kill the virus, but the file is encrypted, the algorithm can not crack, can only recognize the bad luck
9. To check whether the computer has hidden a virus,
please enter the following URL and see the following feedback information, It means that your computer has no virus ~
http://www..com/
(feedback)
please look at the virus code
the logic of the code is as follows:
visit the domain name, if the domain name exists, then exit everything; otherwise, if the domain name does not exist, then continue to attack
so as long as the domain name exists, It's safe~
please enter the following URL and see the following feedback information, It means that your computer has no virus ~
http://www..com/
(feedback)
please look at the virus code
the logic of the code is as follows:
visit the domain name, if the domain name exists, then exit everything; otherwise, if the domain name does not exist, then continue to attack
so as long as the domain name exists, It's safe~
Hot content