2025 年 2 月 12 日
近期區網中心發現部分學校與醫院相繼遭遇勒索軟體攻擊。駭客透過入侵系統管理者的電腦進行橫向攻擊,隨後在內部網路中蔓延,感染其他主機並加密檔案,造成多台主機服務中斷及資料無法使用。
目前,已確認有遭遇名為 Crazy Hunter 的勒索軟體攻擊。已知的惡意程式檔案包括:bb.exe、crazyhunter.exe、crazyhunter.sys、zam64.sys、go3.exe 及 go.exe,特此提供各位參考。
為防範此類勒索軟體攻擊,強烈建議所有同仁定期備份資料,以避免重要資料遭到加密而無法恢復,確保工作順利進行。
Recently, the Regional Network Center has discovered that several schools and hospitals have been targeted by ransomware attacks. Hackers infiltrated the system administrators’ computers to conduct lateral attacks, which then spread through the internal network, infecting other machines and encrypting files. This resulted in the disruption of services on multiple machines and rendered the data inaccessible.
Currently, it has been confirmed that a ransomware attack named “Crazy Hunter” has occurred. Known malicious files include: bb.exe, crazyhunter.exe, crazyhunter.sys, zam64.sys, go3.exe, and go.exe. This is provided for your reference.
To prevent such ransomware attacks, it is strongly recommended that all colleagues regularly back up data to avoid important files being encrypted and becoming unrecoverable, ensuring smooth business operations.