Cryptowall malware

Biohazard

Biohazard

JF-Expert Member
Aug 21, 2011
2,197
1,467
Cryptowall.JPG
Crptowall 2.JPG
Crptowall 2.JPG
Cryptowall.JPG
Huyu ni mallware ambaye ana encrypt file system yako ya windows, Amekuwa produced February mwaka huu Na anakua downloaded from emails au prompt messages za ku update a certain software halafu ukurespond anaingia kwenye computer yako na ku encrypt file zako zote, Pia anapitia kwenye P2P kwa wale wa torrents nk. Na kame huwezi zifungua mpaka uzi decrypt kwa kutumia private key ambayo wanayo hawa jamaa.

Na hawawezi kukupa mpaka utoa pesa kwa hawa cyber criminals.

Jana imekuja message ya ku Update Java run time na hapo ndo nilikamatika mpaka sasa natafuta mbinu ya kuovercome hili tatizo. Jamaa walivyo makini hii malware haichi copy ya private key kwenye App data ya pc yako hata kidogo, Halafu wanafuta zile shadow volumes za kufanya restore. Cha ajabu Safe Mode nayo inagoma yani inastuck.

Message ya ya ku decrypt iko hivi, kwa ambaye amepata solution au amekumbwa na hili jambo na aka resccue files zake naomba aje na solution. Pia na mimi nitarejea na solution nikifanikiwa sababu ku format pc kwangu huwa ni jambo la mwisho kabisa kufikiria na nina miaka mingi sana nasikia kuformat.

Halafu wanatumia Tor browser ili kuficha identity yao.

View attachment 15
Crptowall 2.JPG
9094[/ATTACH]

Baada ya ku login unakutana na kitu kama hii.

Crptowall 2.JPG

Hii Hatari aisee
 
wana target mbovu sana hawa! mimi wakija kwangu naformat maana unaweza ukamaliza wiki mbili kutafuta ufumbuzi, badala wahangaike na taasisi zinazoeleweka..., kiufupi pendelea kuwa na backup mkuu. mimi nimekutana na majanga sana kama sio kuwa na backup nahisi computer ingeniuzi sana lakini hadi leo nina data hata za 2001 wakati naanza urafiki na computer. (Ni ushauri kwa wengi)
 
Never give up said:
wana target mbovu sana hawa! mimi wakija kwangu naformat maana unaweza ukamaliza wiki mbili kutafuta ufumbuzi, badala wahangaike na taasisi zinazoeleweka..., kiufupi pendelea kuwa na backup mkuu. mimi nimekutana na majanga sana kama sio kuwa na backup nahisi computer ingeniuzi sana lakini hadi leo nina data hata za 2001 wakati naanza urafiki na computer. (Ni ushauri kwa wengi)
Click to expand...

Yani akili imefreeze, Nimejikuta data za muhimu ndo zimezingua na hazizidi hata 500mb. Huu ni utamaduni mbovu wa kuku backup movies na mafile makubwa tunasahau vi file vya microsoft office, pdfs na jpg.

 
Biohazard said:
Yani akili imefreeze, Nimejikuta data za muhimu ndo zimezingua na hazizidi hata 500mb. Huu ni utamaduni mbovu wa kuku backup movies na mafile makubwa tunasahau vi file vya microsoft office, pdfs na jpg.
Click to expand...

Mkuu,
Kama unaweza kupata hii software, Hiren BootCD kisha uboot nayo, chagua Min XP utaweza kuziona hizo file. Jaribu kuzifungua uone kama zipo encripted. Kama zinafunguka zicopy kwenye external storage kisha fanya clean installation ya OS. Unaweza kutumia hata Ubuntu ukaboot kama Live CD.
 
naomba nisaidie namna ya kufanya backup mafile yangu katika pc yangu pls?
Biohazard said:
Huyu ni mallware ambaye ana encrypt file system yako ya windows, Amekuwa produced February mwaka huu Na anakua downloaded from emails au prompt messages za ku update a certain software halafu ukurespond anaingia kwenye computer yako na ku encrypt file zako zote, Pia anapitia kwenye P2P kwa wale wa torrents nk. Na kame huwezi zifungua mpaka uzi decrypt kwa kutumia private key ambayo wanayo hawa jamaa.

Na hawawezi kukupa mpaka utoa pesa kwa hawa cyber criminals.

Jana imekuja message ya ku Update Java run time na hapo ndo nilikamatika mpaka sasa natafuta mbinu ya kuovercome hili tatizo. Jamaa walivyo makini hii malware haichi copy ya private key kwenye App data ya pc yako hata kidogo, Halafu wanafuta zile shadow volumes za kufanya restore. Cha ajabu Safe Mode nayo inagoma yani inastuck.

Message ya ya ku decrypt iko hivi, kwa ambaye amepata solution au amekumbwa na hili jambo na aka resccue files zake naomba aje na solution. Pia na mimi nitarejea na solution nikifanikiwa sababu ku format pc kwangu huwa ni jambo la mwisho kabisa kufikiria na nina miaka mingi sana nasikia kuformat.

Halafu wanatumia Tor browser ili kuficha identity yao.

View attachment 159094

Baada ya ku login unakutana na kitu kama hii.

View attachment 159095

Hii Hatari aisee
Click to expand...
 
ladyfurahia said:
naomba nisaidie namna ya kufanya backup mafile yangu katika pc yangu pls?
Click to expand...

Backup ambayo ni nzuri na haihitaji skills, ni kuhamisha files zako za muhimu kutoka katika computer unayotumia kwenda kwenye storage nyingine ambayo ni nje na computa yako.

Mfano: External Hard disk, Flash disk au Cloud Storage(Google drive,Skydrive,Dropbox nk ila na recommend Google drive kwa picha na office work.)

Copy files zako unazoona ni za muhimu kwenda kwenye mfumo wowote ambao unapenda.

BAckup 2 ni ile ya kufanya kwa operating system na files zake endapo system ita collapse basi unaweza kuirudisha kwa kutumia ile image ya backup uliyofanya ambayo pia inakua ndani ya computa hiyo hiyo. Hii ni very risky sababu hard disk ya computer ikifa pia umepoteza kumbu kumbu. Pia virus kama huyo juu aliye ni attack ameweza kuzuia nisifanye restore kutoka kwenye backup hiyo ya computer.

My advice tumia option one iko very safe halafu ukitumia option one usizunguke ama usitembee na hiyo device yako ya backup kama utatumia external hard disk au flash sababu ukiibiwa bag yako ya computa pia unakua umepoteza na backup copy yako.

Pia nashauri kazi za ofisini ufanye kwa google drive ambayo ni rahisi kutumia na ni backup ya ukweli sana kwa official documents.
 
Maboso said:
Mkuu,
Kama unaweza kupata hii software, Hiren BootCD kisha uboot nayo, chagua Min XP utaweza kuziona hizo file. Jaribu kuzifungua uone kama zipo encripted. Kama zinafunguka zicopy kwenye external storage kisha fanya clean installation ya OS. Unaweza kutumia hata Ubuntu ukaboot kama Live CD.
Click to expand...


Mkuu nashukuru ngoja nichek na hiyo kitu, kama ita work out itakua poa sana aisee, nitarejea kukupa feedback ila hawa jamaa wajinga sana wanahangaika na masikini badala ya kutarget matajiri.
 
aasante mkuu ngoja nifanyie kazi sasa be blessed kwa kunielekeza
Biohazard said:
Backup ambayo ni nzuri na haihitaji skills, ni kuhamisha files zako za muhimu kutoka katika computer unayotumia kwenda kwenye storage nyingine ambayo ni nje na computa yako.

Mfano: External Hard disk, Flash disk au Cloud Storage(Google drive,Skydrive,Dropbox nk ila na recommend Google drive kwa picha na office work.)

Copy files zako unazoona ni za muhimu kwenda kwenye mfumo wowote ambao unapenda.

BAckup 2 ni ile ya kufanya kwa operating system na files zake endapo system ita collapse basi unaweza kuirudisha kwa kutumia ile image ya backup uliyofanya ambayo pia inakua ndani ya computa hiyo hiyo. Hii ni very risky sababu hard disk ya computer ikifa pia umepoteza kumbu kumbu. Pia virus kama huyo juu aliye ni attack ameweza kuzuia nisifanye restore kutoka kwenye backup hiyo ya computer.

My advice tumia option one iko very safe halafu ukitumia option one usizunguke ama usitembee na hiyo device yako ya backup kama utatumia external hard disk au flash sababu ukiibiwa bag yako ya computa pia unakua umepoteza na backup copy yako.

Pia nashauri kazi za ofisini ufanye kwa google drive ambayo ni rahisi kutumia na ni backup ya ukweli sana kwa official documents.
Click to expand...
 
Cryptowall 3.JPG
Cryptowall 4.JPG
Cryptowall 3.JPG
Cryptowall 4.JPG
Never give up said:
wana target mbovu sana hawa! mimi wakija kwangu naformat maana unaweza ukamaliza wiki mbili kutafuta ufumbuzi, badala wahangaike na taasisi zinazoeleweka..., kiufupi pendelea kuwa na backup mkuu. mimi nimekutana na majanga sana kama sio kuwa na backup nahisi computer ingeniuzi sana lakini hadi leo nina data hata za 2001 wakati naanza urafiki na computer. (Ni ushauri kwa wengi)
Click to expand...

Maboso said:
Mkuu,
Kama unaweza kupata hii software, Hiren BootCD kisha uboot nayo, chagua Min XP utaweza kuziona hizo file. Jaribu kuzifungua uone kama zipo encripted. Kama zinafunguka zicopy kwenye external storage kisha fanya clean installation ya OS. Unaweza kutumia hata Ubuntu ukaboot kama Live CD.
Click to expand...

FEEDBACK

Hawa jamaa watu wa ajabu sana,pamoja na kuomba pesa mingi niliamua kuwasiliana nao kwa kutumia support link waliyoweka kama unavyoona kwenye page yao. Coz kuanzia 1 april waliboresha mdudu wao ikawa hata ile key ya decryption inayobaki kwenye temp folder yani APPdata inatoweka pia na inakua uploaded back to them kwa hiyo lazima uwarudie na bila ile key huwezi recover files ila virus nilikwisha mtoa. Hapo nikaona kazi ipo

Nikawaambia najua mnatuma script zenu randomly so nyingine zinakuja kwa watu masikini tu, so kama mnataka matajiri nitawatumia sites zao halafu mpambane na wenye pesa zao. NAwaomba mnitumie ile key sababu sina uwezo hata kidogo sababu naishi Tanzania kama IP adrees inavyoonyesha tena Africa.

Wakajibu hivi
Cryptowall 3.JPG

Nilivyorudi kwa page yao nikakuta wametuma zip file kama inavyoonekana hapa

Cryptowall 4.JPG

Sikuamini Aiseee, Muda huu najaribu kufanya decryption nione.
 
Biohazard said:




FEEDBACK

Hawa jamaa watu wa ajabu sana,pamoja na kuomba pesa mingi niliamua kuwasiliana nao kwa kutumia support link waliyoweka kama unavyoona kwenye page yao. Coz kuanzia 1 april waliboresha mdudu wao ikawa hata ile key ya decryption inayobaki kwenye temp folder yani APPdata inatoweka pia na inakua uploaded back to them kwa hiyo lazima uwarudie na bila ile key huwezi recover files ila virus nilikwisha mtoa. Hapo nikaona kazi ipo

Nikawaambia najua mnatuma script zenu randomly so nyingine zinakuja kwa watu masikini tu, so kama mnataka matajiri nitawatumia sites zao halafu mpambane na wenye pesa zao. NAwaomba mnitumie ile key sababu sina uwezo hata kidogo sababu naishi Tanzania kama IP adrees inavyoonyesha tena Africa.

Wakajibu hivi
View attachment 159517

Nilivyorudi kwa page yao nikakuta wametuma zip file kama inavyoonekana hapa

View attachment 159518

Sikuamini Aiseee, Muda huu najaribu kufanya decryption nione.
Click to expand...


Kuna mmoja wanamwita RANSOM MALWARE nae ana work similar na huyo !
Ukiwa online unashangaa ame encrypt files zako zote !

Tena yule ndo liboko ! Anafanya count down kadri unavyozidi kuchelewa kuwalipa kwa muda flani ! Basi keys hutozipata tena !

Solution ya huyu ni kutumia ! Hitman Pro ana react kabla hujawa affected !

Na kuna mwingine saizi ana target porns watchers wanaotumia Android ! Kuangalia angalia porns online ! Yeye ana disable home button na anafanya files encryption !
 
Cryptowall 5.JPG
Application yao waliyotuma ina fanya decryption na file zimeanza kufunguka

Cryptowall 5.JPG
 
Never give up said:
Biohazard hapo mzee umewapatia, :peace:
Click to expand...

Wajinga sana hawa watu, yani watasubiri sana hizo website na emails za madoni wa mjini hapa. Ila kuna wehu wakinizingua nawatumia hawa jamaa wawape displine.

Halafu hizo bitcoins ni deal sana kwa developers hata mie nilikua nahangaika sana kuzipata, na kadri siku zinavyozidi kwenda biitcoins zinakuwa very expensive.
 
snipa said:
Kuna mmoja wanamwita RANSOM MALWARE nae ana work similar na huyo !
Ukiwa online unashangaa ame encrypt files zako zote !

Tena yule ndo liboko ! Anafanya count down kadri unavyozidi kuchelewa kuwalipa kwa muda flani ! Basi keys hutozipata tena !

Solution ya huyu ni kutumia ! Hitman Pro ana react kabla hujawa affected !

Na kuna mwingine saizi ana target porns watchers wanaotumia Android ! Kuangalia angalia porns online ! Yeye ana disable home button na anafanya files encryption !
Click to expand...

It is exactly the same bro, maana ya RANSOM it means you have to pay money to get your files back or to get back to the state where your pc used to be. So huyu pia ni Ransom Malware.

Kikubwa ni kuhakikisha hizi prompt messages za ku update java cjui adobe nk ni kuwa nazo makini, kama imetoa messsage ya kuprompt ni bora uifunge halafu fungua real program halafu uanzishe update huko ndani ya prog. Pia emails za kutaka kudownload attachments from DHL na UPS ni very risky.

ila hawa wadudu wana variaties ambazo wanatoa kila ant mallware wanavyobana loopholes. Mfano hawa jamaa wa ant malwares wanapata tabu sana kugundua njia ya kudhibiti, huku wateja wao wanakua wameshaumia na files hazirudi.

Zamani before April 2014, ilikua rahisi kurudisha files sababu secret key ilikua inabaki kwenye computa ya victim, ila baada ya wao kutengeneza spicie mpya hawaachi hata nyoya.

Na pia wameingie kweli kwenye androids sasa wale wa magemu gemu au ka adverts kametokea wao wana download wataumia sana.

 
Biohazard said:
It is exactly the same bro, maana ya RANSOM it means you have to pay money to get your files back or to get back to the state where your pc used to be. So huyu pia ni Ransom Malware.

Kikubwa ni kuhakikisha hizi prompt messages za ku update java cjui adobe nk ni kuwa nazo makini, kama imetoa messsage ya kuprompt ni bora uifunge halafu fungua real program halafu uanzishe update huko ndani ya prog. Pia emails za kutaka kudownload attachments from DHL na UPS ni very risky.

ila hawa wadudu wana variaties ambazo wanatoa kila ant mallware wanavyobana loopholes. Mfano hawa jamaa wa ant malwares wanapata tabu sana kugundua njia ya kudhibiti, huku wateja wao wanakua wameshaumia na files hazirudi.

Zamani before April 2014, ilikua rahisi kurudisha files sababu secret key ilikua inabaki kwenye computa ya victim, ila baada ya wao kutengeneza spicie mpya hawaachi hata nyoya.

Na pia wameingie kweli kwenye androids sasa wale wa magemu gemu au ka adverts kametokea wao wana download wataumia sana.
Click to expand...

Duuh!Nikupongeze tu kwa experience nzuri ya hivi...
Ila kuna mdau amewahi kuleta thrrad humu kuwa hii JAVA sio nzuri...title yake ilikua "why US wants to BAN the use of JAVA" nafikiri ukitumia key words utapata ujue kwamba pamoja kua JAVA ni muhimu kwa java developers ila ina madhara yake kama hayo...
 
njunwa wamavoko said:
Duuh!Nikupongeze tu kwa experience nzuri ya hivi...
Ila kuna mdau amewahi kuleta thrrad humu kuwa hii JAVA sio nzuri...title yake ilikua "why US wants to BAN the use of JAVA" nafikiri ukitumia key words utapata ujue kwamba pamoja kua JAVA ni muhimu kwa java developers ila ina madhara yake kama hayo...
Click to expand...

Yani hiyo script haifai katika script zote duniani, sababu ni app tosha ukilinganisha na html. Yani mie ilikuja message ya ku update java nilivyokubali nikaenda kulala sababu huwa sizimi computa asubuhi nikakuta balaaa hatari. YAni nashukuru hawa jamaa dizaini kama huwa wana huruma fulani, sababu sijui kwann wameamini haraka na kutuma hiyo zip file. Maybe sababu ya ip inaonyesha huyu jamaa anaishi dunia ya tatu.

Nimesoma sana RSA 2048 encryption ni noma yani kama huna key ni lazima utupe files hizo.

Anyway ni jambo la kumshukuru Mungu kupata key with Zero cost sababu jamaa wapo kazini na wamejipanga.
 
Mie nimepata tatizo hilo kwenye PC moja imebidi niachane nayo.Mafile yote yamepotea lakini backup ndo imenisaidia.
 
mimi natumia macbook pro

je ninaweza backup kwa kutumia external yangu na kisha external nikaendelea kutumia kuhifadhia vitu vingine
 
simango said:
mimi natumia macbook pro

je ninaweza backup kwa kutumia external yangu na kisha external nikaendelea kutumia kuhifadhia vitu vingine
Click to expand...
macbook haikubali ku write kwenye file system za Windows.. so ukitaka ku backup inabidi ubadilishe file system iwe ya mac
 
You must log in or register to reply here.

Similar Discussions

Back
Top Bottom
Forums
New posts
Post thread
Back