Network blackmail is very close to me (we)

1. The code was prepared on weekends, but the start-up was abnormal and development was blocked.

This weekend morning, I opened my dim sleepy eyes, turned on the computer, started the development tools, and started the program as usual... Huh? what? What's the situation? The database connection failed, the database could not be found?

2. Simple error report and step-by-step analysis

OK, open it with the connection tool, let me go, where is my business library?

Take a closer look at "PLEASE_READ_ME_VVV", which foreigner wrote me a letter in my database. This is the first time I have encountered this method. Surprised! ! !

It's humorous. I opened it and found a "WARNING" warning form, and found an unreadable letter.

Translate it on Youdao Dictionary, your sister, I'm so angry.

3. Determine the cause and get a glimpse of it

One of my Alibaba Cloud development databases has been blackmailed. The content of the blackmail is as follows: "To restore the lost database, please send 0.03 Bitcoin (BTC) to our Bitcoin address 15ofg8jwqpbajykfgfgm9bwn2lpdz4oyt, and contact us via email to let you know Server IP or domain name and proof of payment. Your database has been downloaded and backed up to our server. We now have a backup: Test1. Any email without your server IP address or domain name and proof of payment will be ignored. If we If your payment is not received within the next 10 days, we will delete your backup."

Fourth, the old routine, Baidu look at the market, I am definitely not the first cannon fodder

An article sees the market, and there is nothing wrong with guessing, but I didn't know it before. Such extortion occurred as early as 2015, known as the RansomWeb attack. This proves two things. Hackers can attack you a long time ago. It's just a question of "thinking or not, doing or not". Also, there must be a reason why you were attacked, that is, you did not follow the safety regulations. The principle of "being beaten if you fall behind" remains unchanged.

Five, a fear in the heart, a bitter smile

First of all, I have been busy recently and haven't developed it for a long time. When I found the email, it had been more than 10 days. Even if I paid the coin and surrendered, it was probably impossible. I guess it was deleted by this group of foreign hackers. The key point is that I will not, after all, there is a local backup.

Second, this is a database for personal development exercises. There is no important information or personal information. Of course, there is also a database for personal blogs (not much content). If you really lose it, you can still bear the loss.

Six, summary

When you think it is far away from you, maybe he is approaching you quietly. Only when you have really experienced it will you really feel it.

In the network security environment, some people (hackers) have been infringing on personal property, and some people (security experts/hongke) have been protecting our personal property. As citizens of this Internet world, think about:

  1. Can our property be checked and paid online?
  2. Are the photos on our mobile phones transferred to the cloud disk?
  3. How many files on our computer are also on the cloud?
  4. Has our privacy been exposed on the Internet?

So, as ordinary Internet citizens, what can we do:

  1. Manage personal accounts and passwords on the Internet platform;
  2. Increase the complexity of the password as far as possible according to the specification;
  3. Timely backup important information;
  4. According to personal needs, control what personal information can and cannot go online;

Finally, I make another sincere appeal:

  • I hope that the Internet platform can give individuals the right to cancel their accounts and delete information, so that we can choose you or leave you;
  • I hope that some cloud disk and cloud document operating companies can give users the right to batch backup and batch export, and do not limit the network speed, size, or membership level.