Recently, 360 Security Center captured the latest variant of Satan ransomware and monitored that it has begun to spread in the wild. The new version of Satan has been updated to v4.2. After the attack is launched successfully, the file will be encrypted and the file suffix will be “sicck”. The amount of the extortion is one bitcoin. This is the activity of Satan ransomware after two months of silence. However, the majority of users do not have to worry too much, 360 Total Security have taken the lead in supporting the killing of Satan new variants, “Ransomware Decryption Tool” can also achieve decryption.
Satan ransomware firstly appeared in January 2017. At the time, a security researcher posted a new type of ransomware on RafS that was distributed on Twitter. This ransomware allows anyone to create their own customized version of Satan ransomware on their websites by signing up for an account.
The new version of Satan ransomware discovered this time is still targeted at Windows servers. When Satan successfully hacked into the server, it used the server as a zombie server and then scanned and tried to invade other computers on the network that had vulnerabilities. Moreover, the new version of “Satan” also uses two new system vulnerabilities to spread, so that users can’t prevent it.
At present, 360 security researchers have been able to successfully decrypt the new version of Satan ransomware sample and its encryption algorithm. Therefore, security experts also remind users that you can download and install 360 Total Security and other security software, intercept dangerous links in time, and kill virus Trojans. If users are attacked unfortunately, they can use the 360 Ransomware Decryption Tool to recover the files without paying ransom. At present, 360 Ransomware Decryption Tool can crack nearly 100 kinds of ransomware, and is the world’s largest and most effective ransomware recovery tool.
Recommendation
However, our security experts still want to remind server administrators to be cautious. In addition to Satan ransomware, they should always be on guard against other ransomware attacks. Server administrators are advised to do the following things to deal with this kind of attacks:
1. Fix the vulnerability in time. Server administrators should not only fix system vulnerabilities, but also fix vulnerabilities in various application platforms installed in servers such as web applications and databases, and pay attention to vendor security updates.
2. Avoid using the same password and simple password. Not only does the server require a high-intensity login password, the Web management backend, database, etc. also need a strong password, and should be configured with a login policy to prevent blast attacks.
3. Use 360 Total Security with vulnerability protection and login protection for protection, and can effectively defend against exploits and ransomware attacks.