Model Boat Mayhem

Please login or register.

Login with username, password and session length.
Pages: [1]   Go Down

Author Topic: Windows security WannaCry ransomware  (Read 1519 times)

HawkEye

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 458
  • Location: North Kent
Windows security WannaCry ransomware
« on: May 20, 2017, 09:24:24 PM »

A quick summery regarding the recent WannaCry, WNCry, WanaCrypt0r, Wana Decrypt0r ransomware and it's varients for those using Microsoft Windoze.

Note, those of you using Windoze 10 were immune from the network exploit, but not from email / web infections.

Most is common sense but I'll state it anyway.

The first important thing to do is Check all Microsoft updates have been installed on your system,check anti-virus/anti-malware software is up to date,
Make sure you have backups of all your important data ,documents,photo's on to a device that can be removed from your computer or network and put away.
Do not open emails from unknown sources, take care in clicking links to other web sites.

The Wannacry malware that hit like a global mega-bomb, showed everyone how vulnerable we are to a global cyber attack. Billed as “one of the largest global ransomware attacks the cyber community has ever seen,” the infection started in London and then emerged almost instantly in Seattle, New York, and Tokyo. Within ten minutes, the coordinated attack became epidemic throughout the world, covering the better part of every continent but Antarctica. By the end of one day, the malware had infected over 200,000 computers in 150 nations, encrypting all their data and locking the users out. More at link - http://news.goldseek.com/GoldSeek/1495209107.php

For a brief history and how it's allegedly using tools from the NSA see this link - https://thehackernews.com/2017/05/how-to-wannacry-ransomware.html

An initial analysis of what it drops and how it proceeds can be found here - http://blog.talosintelligence.com/2017/05/wannacry.html

Next cyber-attack could be imminent, warn experts http://www.bbc.co.uk/news/uk-39911385

Phishing emails seen coming from alertatnb@serviciobancomer causing one source of infection.

Microsoft released a patch that stops the malware automatically spreading across networks it's posted here ( even for Windoze XP ) but if your 7/8/10 system is up to date then you already have it - http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

If the worst has happened, you see the screen below and you don't have backups do not pay the ransom,those that have still don't have access to their files, you can check these sites for possible decrypting keys, although at the time of writing none had keys for the current outbreak -

https://decrypter.emsisoft.com/

https://www.bleepingcomputer.com/download/windows/ransomware-decryptors/

https://noransom.kaspersky.com/

All links here checked safe to visit.

Tony

Linux Mint 18.1
Logged
I've never been so sure of something I wasn't sure of...

tr7v8

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 225
  • Location: Chatham
Re: Windows security WannaCry ransomware
« Reply #1 on: May 20, 2017, 10:37:56 PM »

More on this here:- https://www.theregister.co.uk/2017/05/19/wannacrypt_key_recovery_tool/
There is a lot more on the Register about this.
Logged
Jim

dreadnought72

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 1,898
  • Wood butcher with ten thumbs
  • Location: Airdrie, Scotland
Re: Windows security WannaCry ransomware
« Reply #2 on: May 21, 2017, 01:40:34 AM »

Tony, your insistence on misspelling 'Windows' due to an obvious dedication to Linux belittles your information somewhat.


Andy




Logged
Enjoying every minute sailing W9465 Mertensia

HawkEye

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 458
  • Location: North Kent
Re: Windows security WannaCry ransomware
« Reply #3 on: May 21, 2017, 07:40:56 AM »

Tony, your insistence on misspelling 'Windows' due to an obvious dedication to Linux belittles your information somewhat.
Andy
Purely light hearted, no malice intended towards windows users, this is a very serious issue for a lot of people and may still develop further depending on what other tools are implemented , dedication? - no I still use windows very occasionally.
Tony
Logged
I've never been so sure of something I wasn't sure of...

TheLongBuild

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 4,371
  • Build em, and play hard..
  • Location: Everywhere, But Nowhere !! But mainly in England....
    • Runcorn & District Scale Model Boats
Re: Windows security WannaCry ransomware
« Reply #4 on: May 21, 2017, 07:53:11 AM »

All links here checked safe to visit.
Isn't that what hackers, spammers always say  :-)

HawkEye

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 458
  • Location: North Kent
Re: Windows security WannaCry ransomware
« Reply #5 on: May 21, 2017, 07:56:45 AM »

All links here checked safe to visit.
Isn't that what hackers, spammers always say  :-)
Don't shoot the messenger, I'm only trying to save people's valuable data .
Logged
I've never been so sure of something I wasn't sure of...

Martin [Admin]

  • Administrator
  • Full Mayhemer
  • *****
  • Online Online
  • Posts: 20,230
  • Location: Peterborough, UK
    • Model Boat Mayhem
Re: Windows security WannaCry ransomware
« Reply #6 on: May 21, 2017, 08:05:07 AM »

Logged
"This is my firm opinion, but what do I know?!"    -   Mayhem FaceBook Group!

TheLongBuild

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 4,371
  • Build em, and play hard..
  • Location: Everywhere, But Nowhere !! But mainly in England....
    • Runcorn & District Scale Model Boats
Re: Windows security WannaCry ransomware
« Reply #7 on: May 21, 2017, 08:37:57 AM »

 %% %%
Don't shoot the messenger, I'm only trying to save people's valuable data .
I know, but its tradition that messengers always get shot..
 

HawkEye

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 458
  • Location: North Kent
Re: Windows security WannaCry ransomware
« Reply #8 on: May 21, 2017, 08:52:30 PM »

If anyone would like to pass a few minutes, the following links supply live cyber attack maps worldwide, these are not truly accurate as they tend to rely on honeypots and/or endpoints to collect their data but they give an idea of what's going on 24 hours a day every day, the one supplied by Kaspersky Labs is more like a video game.
Hopefully if more people become aware of the various threats then they will take more care with important data and general computer usage,I was contacted last week by a self employed individual who got infected with this ransomware on his home network through no fault of his own,he currently has no access to his business documents or early digital photo's of his wife and children and of course no backup.
I will add a bit of good news for a large percentage of users, the NAT in your average home router will protect you from most of the port scanning exploits that are bouncing around the net providing no one has been playing around with port forwarding .


An example image is supplied below for non link clickers -


http://map.norsecorp.com/#/
https://cybermap.kaspersky.com/
https://threatmap.fortiguard.com/
https://threatmap.checkpoint.com/ThreatPortal/livemap.html



Logged
I've never been so sure of something I wasn't sure of...
Pages: [1]   Go Up