Login

1van · 02-13-2024, 08:54 AM

Da ostane zabeleženo, ovo je najvežija (5. februar 2024) javna informacija o EPS: https://www.tanjug.rs/ekonomija/srbija/7...datke/vest

Quote:BEOGRAD - Hakerski napad na Elektrodistribuciju Srbije (EPS) nije ugrozio proizvodnju struje ni bezbednost podataka, već samo administrativne funkcije i zato je bilo kašnjenja u isporuci računa za struju za novembar, izjavila je danas ministarka rudarstva i energetike Dubravka Đedović Handanović.

1van

Rekao sam par reči za Insajder TV - Marker:

Vest: https://insajder.net/teme/markovic-bezbe...ps-u-video
Video: https://www.youtube.com/watch?v=B5yp7HBE...ajderVideo

1van · 02-18-2024, 03:58 PM

Da ne izgubimo i ovo: https://twitter.com/milos_rs_/status/175...1791413295

Filename: Racun_EPS_N1.jpeg Size: 138.55 KB 02-18-2024, 03:58 PM

VincaSec · (This post was last modified: 02-18-2024, 06:25 PM by VincaSec.)

Ovako izgleda ransomware notes Qilina (pruža informacije o plaćanju i pretnji, kako poslati uplatu i koliko treba da se plati, i šta se dešava ako ne platiš otkup)

README-RECOVER-[rand].txt

Quote:-- Qilin

Your network/system was encrypted.

Encrypted files have new extension.

-- Compromising and sensitive data

We have downloaded compromising and sensitive data from you system/network

If you refuse to communicate with us and we do not come to an agreement, your data will be published.

Data includes:

- Employees personal data, CVs, DL , SSN.

- Complete network map including credentials for local and remote services.

- Financial information including clients data, bills, budgets, annual reports, bank statements.

- Complete datagrams/schemas/drawings for manufacturing in solidworks format

- And more...

-- Warning

1) If you modify files - our decrypt software won't able to recover data

2) If you use third party software - you can damage/modify files (see item 1)

3) You need cipher key / our decrypt software to restore you files.

4) The police or authorities will not be able to help you get the cipher key. We encourage you to consider your decisions.

-- Recovery

1) Download tor browser: https://www.torproject.org/download/

2) Go to domain

3) Enter credentials-- Credentials

Extension: [snip]
Domain: e3v6tjarcltwc4hdkn6fxnpkzq42ul7swf5cfqw6jzvic4577vxsxhid(.)onion
login: [snip]
password:[snip]

DtMXQFOCos-RECOVER-README.txt

Quote:-- Agenda

Your network/system was encrypted.
Encrypted files have new extension.

-- Compromising and sensitive data

We have downloaded compromising and sensitive data from you system/network
If you refuse to communicate with us and we do not come to an agreementyour data will be published.
Data includes:
- Employees personal dataCVsDLSSN.
- Complete network map including credentials for local and remote services.
- Financial information including clients databillsbudgetsannual reportsbank statements.
- Complete datagrams/schemas/drawings for manufacturing in solidworks format
- And more...

-- Warning

1) If you modify files - our decrypt software won't able to recover data
2) If you use third party software - you can damage/modify files (see item 1)
3) You need cipher key / our decrypt software to restore you files.
4) The police or authorities will not be able to help you get the cipher key. We encourage you to consider your decisions.

-- Recovery

1) Download tor browser: https://www.torproject.org/download/
2) Go to domain
3) Enter credentials

-- Credentials

Extension: DtMXQFOCos
Domain: wlh3dpptx2gt7nsxcor37a3kiyaiy6qwhdv7o6nl6iuniu5ycze5ydid(.)onion
login: [snip]
password: [snip]

**milos_rs** · (This post was last modified: 02-22-2024, 10:57 PM by milos_rs.)

čisto da zabeležim da na Qillin stranici više nema spomena drugog dela podataka, i stavljen je novi tekst koji nije ranije bio na stranici dakle nisu samo vratili na staro nego je neko svesno promenio i napisao novo. I počistili su one komentare koji su razbijali stranicu

Filename: Screenshot_20240222_234924.png Size: 573.04 KB 02-22-2024, 10:50 PM

VincaSec · 02-23-2024, 10:21 AM

(02-22-2024, 10:53 PM)milos_rs Wrote: čisto da zabeležim da na Qillin stranici više nema spomena drugog dela podataka, i stavljen je novi tekst koji nije ranije bio na stranici dakle nisu samo vratili na staro nego je neko svesno promenio i napisao novo. I počistili su one komentare koji su razbijali stranicu

Znaci platili

1van · 02-25-2024, 09:58 AM

(02-22-2024, 10:53 PM)milos_rs Wrote: čisto da zabeležim da na Qillin stranici više nema spomena drugog dela podataka, i stavljen je novi tekst koji nije ranije bio na stranici dakle nisu samo vratili na staro nego je neko svesno promenio i napisao novo. I počistili su one komentare koji su razbijali stranicu

Dakle, sada kada neko pogleda misliće da EPS nije platio jer su im objavljeni podaci Smile

**milos_rs** · (This post was last modified: 03-19-2024, 04:26 PM by milos_rs.)

Desila se jedna zanimljiva promena

Filename: Screenshot_20240318_222448.png Size: 611.02 KB 03-18-2024, 09:25 PM

Stavili su Telegram link na dno svih stranica na sajtu

ALI samo na EPS stranici postoji poseban link u samom tekstu objave, i još ima dodatni link pored linka na kanal, gde piše "To view telegram posts you need to subscribe, button below", kao da je neka posebna poruka ostavljena za EPS na Telegram kanalu.

Filename: Screenshot_20240318_222750.png Size: 66.16 KB 03-18-2024, 09:28 PM

VincaSec · (This post was last modified: 03-19-2024, 07:09 PM by VincaSec.)

I da dodam da su objavili podatke EPS -a na telegramu i mogu da se skinu lako

Login
Username/Email:
Password:	Lost Password?
	Remember me