Abuse to Bitcoin address
3Q3YX3TnLJu3SuAn1JTuadQJG72ZcA3a7U

Ransomware

Abuser: Unknown

After accidentally leaving the firewall down on an old server, we found that most of the files had been wiped out and there was a ransom note at /root/READ_ME_TO_DECRYPT.html Here's what the ransom note file said: <pre> We have encrypted, secured and backed up your files and databases in a safe place! Your Server Identification is: <b>64e625eb0216ab127e176f9e1ec1efbc</b> To get your files and databases back, you have to pay with <font color=red><b>1 Bitcoin</b></font> within 48 hours. If not, we will share and/or sell your files and databases to the public. You have to send <font color=red><b>1 Bitcoin</b></font> to this Bitcoin address <font color=red><b>3Q3YX3TnLJu3SuAn1JTuadQJG72ZcA3a7U</b></font> After you send Bitcoin, Please include information such as Server Identification and Bitcoin transaction ID to this email address <b>[email protected]</b> We will send link and tutorial to get your files and databases to your email address. </pre>

United States, 2020-08-04 22:14:37

Ransomware

Abuser: Don't know

Same as other

United States, 2020-08-06 01:23:55

Ransomware

Abuser: [email protected]

We have secured and backed up your files and databases in a safe place! To get your files and databases back, you have to pay 1 Bitcoin within 48 hours. If not, we will share and/or sell your files and databases to the public. Please pay to this Bitcoin address 3Q3YX3TnLJu3SuAn1JTuadQJG72ZcA3a7U. After sending Bitcoin, please send the transaction ID and your server IP address to this email address [email protected] We will send link and tutorial to get your files and databases to your email address. Please remember, this is just a warning. If you don't pay, I'll attack your servers whenever I want.

United Kingdom, 2020-09-12 15:42:02

Ransomware

Abuser: [email protected]

We have secured and backed up your files and databases in a safe place! To get your files and databases back, you have to pay 1 Bitcoin within 48 hours. If not, we will share and/or sell your files and databases to the public. Please pay to this Bitcoin address 3Q3YX3TnLJu3SuAn1JTuadQJG72ZcA3a7U. After sending Bitcoin, please send the transaction ID and your server IP address to this email address [email protected] We will send link and tutorial to get your files and databases to your email address. Also, we will tell you how do we get access to your server. So you can patch vulnerabilities on your server.

Republic of Lithuania, 2020-09-14 13:21:02

Ransomware

Abuser: [email protected]

We have secured and backed up your files and databases in a safe place! To get your files and databases back, you have to pay 1 Bitcoin within 48 hours. If not, we will share and/or sell your files and databases to the public. Please pay to this Bitcoin address 3Q3YX3TnLJu3SuAn1JTuadQJG72ZcA3a7U. After sending Bitcoin, please send the transaction ID and your server IP address to this email address [email protected] We will send link and tutorial to get your files and databases to your email address. Also, we will tell you how do we get access to your server. So you can patch vulnerabilities on your server.

Germany, 2020-09-14 16:34:12

Ransomware

Abuser: [email protected]

We have secured and backed up your files and databases in a safe place! To get your files and <==== I sent the money I wanted, but the data and files are not returned. Abuser is not answer. Don't send money. Reduce damage

South Korea, 2020-09-15 23:12:18