DumbStackz 勒索軟體可加密大多數檔案類型

我們的研究團隊在檢查新的惡意檔案樣本時發現了 DumbStackz。該惡意軟體源自 Chaos 勒索軟體，旨在加密檔案並要求付費才能解密。

在我們的系統上進行測試後，該勒索軟體成功加密了文件，並在其文件名中附加了「.DumbStackz」副檔名。例如，對於所有加密文件，“1.jpg”變為“1.jpg.DumbStackz”，“2.png”變為“2.png.DumbStackz”，依此類推。

加密後，DumbStackz 更改了桌面壁紙，並在名為「read_it.txt」的文字檔案中產生了勒索字條。來自 DumbStackz 的訊息告知受害者文件已加密，並要求受害者支付 0.001 BTC（比特幣加密貨幣）的贖金。截至撰寫本文時，這大約相當於 60 美元，請記住兌換率可能會發生變化。

勒索信向受害者保證，一旦付款，將提供解密工具。如果在兩天內未能遵守這些要求，將導致受影響的文件被刪除。

DumbStackz 勒索信威脅資料遺失

DumbStackz勒索信全文如下：

Sht well your files are locked. Lmao, well, sorry to say you won't be able to get them back without paying a fee. Unless you don't care about your files, I would encourage you to pay. The fee will cost you 0.001 bitcoin. Making this sht affordable. Sorry to cause you stress. Now, if you want to make this quick and simple, let's cut to the chase.

Step 1: Buy the bitcoin. Unless you own bitcoin, you will obviously need to buy it. Well, where the f*ck do I buy bitcoin?? You may be asking yourself that question. Luckily, there are many places to buy bitcoin. Such as apps like Coinbase, Crypto.com, Changelly Kraken, etc. There are also crypto ATMs to find one near you, go to coinflip.tech and enter a zip code. Or find others.

Step 2: Create a Bitcoin wallet. If you are on a mobile device, I recommend downloading Cake Wallet or Trust Wallet. They are wallets that hold many different crypto currencies. Such as Bitcoin. And if you are using a Windows computer, you can use the Wassabi wallet. It is a great and fast wallet to set up. From there, you can send the address you are sending the 0.001 bitcoin to, which is below this line. Or scan the QR code that is shown in my wallpaper. (My Bitcoin Address): 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV

Step 3. Once you have sent the bitcoin successfully and it confirms through the blockchain, don't hesitate to contact me. I will provide you with the password to recover all of your files. It is another piece of software, so please disable virus and threat protection to allow it to decrypt successfully. Contact Me Once Paid: whosdumb_stackz@proton.me (This is an email, so you will need to write to me by email.)

Your files will be automatically deleted after 2 days from when this ransomware was installed. Do not try after 2 days because you will just be losing your money for nothing. Attempting to reset the computer will also delete all of your files, which you can try if you want.

PAY EXACTLY 0.001 BITCOIN OR YOUR FILES WILL NOT BE RELEASED TO YOU. IF ONE OF MY WORKERS IS THE ONE WHO GAVE YOU THIS RANSOMWARE, THEY WILL WAIT FOR THE PAYMENT TO GO THROUGH, AND THEY WILL GIVE YOU THE DECRYPTER. DO NOT TRY NEGOTIATING, OR ME OR MY WORKERS WILL BLOCK YOU. THE AMOUNT WILL NEED TO BE 0.001 BITCOIN, EVEN WITH THE FEES. MAKE SURE TO GET SOME EXTRA BITCOIN FOR EASY PAYMENT.

Again, if you have any issues or concerns, please contact me at whosdumb_stackz@proton.me (This is an email, so you will need to write to me by email.)

Bitcoin Address Again: 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV

DumbStackz 等勒索軟體通常如何在線上傳播？

像 DumbStackz 這樣的勒索軟體通常透過各種線上媒介傳播，包括：

網路釣魚電子郵件：攻擊者經常使用網路釣魚電子郵件來分發勒索軟體。這些電子郵件可能包含惡意附件或鏈接，點擊這些附件或鏈接後，會將勒索軟體下載到受害者的系統上並執行。

惡意網站：造訪受感染或惡意網站可能會導致偷渡式下載，勒索軟體會在受害者不知情或未經同意的情況下自動下載並安裝到受害者的裝置上。

漏洞利用工具包：勒索軟體可以透過漏洞利用工具包進行分發，這些工具包利用軟體中的漏洞將惡意軟體傳送到受害者的系統上。這些漏洞可能存在於過時的軟體或瀏覽器中。

遠端桌面協定 (RDP) 攻擊：攻擊者可能會利用遠端桌面協定 (RDP) 的弱憑證或預設憑證來獲得對系統的未經授權的存取並部署勒索軟體。

惡意廣告：合法網站上的惡意廣告（惡意廣告）可以將使用者重新導向到託管勒索軟體的網站或啟動勒索軟體自動下載到受害者的裝置上。

檔案共享網路：勒索軟體可以透過檔案共享網路和點對點 (P2P) 檔案共享應用程式進行傳播，用戶在不知情的情況下下載受感染的檔案。

社會工程策略：攻擊者可能會使用社會工程策略來誘騙使用者下載並執行勒索軟體，例如冒充合法軟體更新或技術支援人員。