Actual Status on Your Balance 49760
Am Dienstag, den 05. April 2016 wurde durch unbekannte Dritte die folgende E-Mail in englischer Sprache versendet:
Please find attached your actual statement for the period of 02/2016 to 03/2016.
Der E-Mail mit dem Betreff „Actual Status on Your Balance 49760“ von Melva Nutt ist ein ZIP-Archiv beigefügt (Benutzername_copy_111911.zip). Diese .zip – Datei enthält ein JavaScript (.js). Das JavaScript lädt aus dem Internet den Verschlüsselungs- und Erpressungstrojaner „TeslaCrypt“ nach.
Nach der Verschlüsselung wird sowohl per PNG-Bild, per Browser und per Textdatei eine entsprechende Meldung angezeigt:
7>=1″3&<0$03:/#/5<-„+-;, :+:++“ —– 7>=1″3&<0$03:/#/5<-„+-;, :+:++“
7>=1″3&<0$03:/#/5<-„+-;, :+:++“ ——- 7>=1″3&<0$03:/#/5<-„+-;, :+:++“NOT YOUR LANGUAGE? USE https://translate.google.com
What’s the matter with your files?
Your data was secured using a strong encryption with RSA4096.
Use the link down below to find additional information on the encryption keys using RSA-4096 https://en.wikipedia.org/wiki/RSA_(cryptosystem)What exactly that means?
7>=1″3&<0$03:/#/5<-„+-;, :+:++“ ——- 7>=1″3&<0$03:/#/5<-„+-;, :+:++“
It means that on a structural level your files have been transformed . You won’t be able to use , read , see or work with them anymore .
In other words they are useless , however , there is a possibility to restore them with our help .What exactly happened to your files ???
*** Two personal RSA-4096 keys were generated for your PC/Laptop; one key is public, another key is private.
*** All your data and files were encrypted by the means of the public key , which you received over the web .
*** In order to decrypt your data and gain access to your computer you need a private key and a decryption software, which can be found on one of our secret servers.7>=1″3&<0$03:/#/5<-„+-;, :+:++“ —– 7>=1″3&<0$03:/#/5<-„+-;, :+:++“
What should you do next ?
There are several options for you to consider :
*** You can wait for a while until the price of a private key will raise, so you will have to pay twice as much to access your files or
*** You can start getting BitCoins right now and get access to your data quite fast .
In case you have valuable files , we advise you to act fast as there is no other option rather
than paying in order to get back your data.In order to obtain specific instructions , please access your personal homepage by choosing one of the few addresses down below :
http:// as3ws.fopyirr[.]com/***
http:// o4dm3.leaama[.]at/***
http:// i5ndw.titlecorta[.]at/***If you can’t access your personal homepage or the addresses are not working, complete the following steps:
*** Download TOR Browser – http://www.torproject.org/projects/torbrowser.html.en
*** Install TOR Browser , open TOR Browser
*** Insert the following link in the address bar: xzjvzkgjxebzreap.onion/***7>=1″3&<0$03:/#/5<-„+-;, :+:++“
7>=1″3&<0$03:/#/5<-„+-;, :+:++“
7>=1″3&<0$03:/#/5<-„+-;, :+:++“***************IMPORTANT*****************INFORMATION********************
Your personal homepages
http:// as3ws.fopyirr[.]com/***
http:// o4dm3.leaama[.]at/***
http:// i5ndw.titlecorta[.]at/***Your personal homepage Tor-Browser xzjvzkgjxebzreap.onion/***
Your personal ID ***7>=1″3&<0$03:/#/5<-„+-;, :+:++“
7>=1″3&<0$03:/#/5<-„+-;, :+:++“
7>=1″3&<0$03:/#/5<-„+-;, :+:++“