Model Boat Mayhem
Mess Deck: General Section => Chit-Chat => Topic started by: HawkEye on May 20, 2017, 09:24:24 pm
-
A quick summery regarding the recent WannaCry, WNCry, WanaCrypt0r, Wana Decrypt0r ransomware and it's varients for those using Microsoft Windoze.
Note, those of you using Windoze 10 were immune from the network exploit, but not from email / web infections.
Most is common sense but I'll state it anyway.
The first important thing to do is Check all Microsoft updates have been installed on your system,check anti-virus/anti-malware software is up to date,
Make sure you have backups of all your important data ,documents,photo's on to a device that can be removed from your computer or network and put away.
Do not open emails from unknown sources, take care in clicking links to other web sites.
The Wannacry malware that hit like a global mega-bomb, showed everyone how vulnerable we are to a global cyber attack. Billed as “one of the largest global ransomware attacks the cyber community has ever seen,” the infection started in London and then emerged almost instantly in Seattle, New York, and Tokyo. Within ten minutes, the coordinated attack became epidemic throughout the world, covering the better part of every continent but Antarctica. By the end of one day, the malware had infected over 200,000 computers in 150 nations, encrypting all their data and locking the users out. More at link - http://news.goldseek.com/GoldSeek/1495209107.php
For a brief history and how it's allegedly using tools from the NSA see this link - https://thehackernews.com/2017/05/how-to-wannacry-ransomware.html
An initial analysis of what it drops and how it proceeds can be found here - http://blog.talosintelligence.com/2017/05/wannacry.html
Next cyber-attack could be imminent, warn experts http://www.bbc.co.uk/news/uk-39911385
Phishing emails seen coming from alertatnb@serviciobancomer causing one source of infection.
Microsoft released a patch that stops the malware automatically spreading across networks it's posted here ( even for Windoze XP ) but if your 7/8/10 system is up to date then you already have it - http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
If the worst has happened, you see the screen below and you don't have backups do not pay the ransom,those that have still don't have access to their files, you can check these sites for possible decrypting keys, although at the time of writing none had keys for the current outbreak -
https://decrypter.emsisoft.com/
https://www.bleepingcomputer.com/download/windows/ransomware-decryptors/
https://noransom.kaspersky.com/
All links here checked safe to visit.
Tony
Linux Mint 18.1
-
More on this here:- https://www.theregister.co.uk/2017/05/19/wannacrypt_key_recovery_tool/
There is a lot more on the Register about this.
-
Tony, your insistence on misspelling 'Windows' due to an obvious dedication to Linux belittles your information somewhat.
Andy
-
Tony, your insistence on misspelling 'Windows' due to an obvious dedication to Linux belittles your information somewhat.
Andy
Purely light hearted, no malice intended towards windows users, this is a very serious issue for a lot of people and may still develop further depending on what other tools are implemented , dedication? - no I still use windows very occasionally.
Tony
-
All links here checked safe to visit.
Isn't that what hackers, spammers always say :-)
-
All links here checked safe to visit.
Isn't that what hackers, spammers always say :-)
Don't shoot the messenger, I'm only trying to save people's valuable data .
-
Windows updates:
NB: 'Windows update' is not foolproof, you need to check to what date it's been updated, i.e. has it updated in the last few days..... not 2015! You need to check update date for yourself!
https://support.microsoft.com/en-gb/help/4013550/windows-protect-your-pc-from-ransomware
https://technet.microsoft.com/library/security/ms17-010.aspx
https://support.microsoft.com/en-gb/help/12373/windows-update-faq
https://support.microsoft.com/en-gb/help/10164
https://www.lifewire.com/how-to-check-for-install-windows-updates-2624596
-
%% %%
Don't shoot the messenger, I'm only trying to save people's valuable data .
I know, but its tradition that messengers always get shot..
-
If anyone would like to pass a few minutes, the following links supply live cyber attack maps worldwide, these are not truly accurate as they tend to rely on honeypots and/or endpoints to collect their data but they give an idea of what's going on 24 hours a day every day, the one supplied by Kaspersky Labs is more like a video game.
Hopefully if more people become aware of the various threats then they will take more care with important data and general computer usage,I was contacted last week by a self employed individual who got infected with this ransomware on his home network through no fault of his own,he currently has no access to his business documents or early digital photo's of his wife and children and of course no backup.
I will add a bit of good news for a large percentage of users, the NAT in your average home router will protect you from most of the port scanning exploits that are bouncing around the net providing no one has been playing around with port forwarding .
An example image is supplied below for non link clickers -
http://map.norsecorp.com/#/
https://cybermap.kaspersky.com/
https://threatmap.fortiguard.com/
https://threatmap.checkpoint.com/ThreatPortal/livemap.html