Sections of the site
Editor's Choice:
- Cloning iPhones: reasons and existing analogues
- How to set and set up a reminder on iPhone How to set a reminder on iPhone 8
- How to enter a military personnel’s personal account without registration - instructions
- Military serviceman's office personal entrance without registration, by personal number
- Personal computer device
- How to turn off the camera on a laptop How to enable or disable voice control history
- How to determine which sound card is installed on your computer
- Blacklist for Android
- How to find drivers for a computer with a custom configuration
- How to completely remove Avast from your computer?
Advertising
How to protect your computer from wanna cry. How to protect yourself from the WannaCry ransomware attack. |
The Wanna Cry virus is a new type of hacker attack, a malicious ransomware program that has shocked PC and Internet users around the world. How does the Wanna Cry virus work, is it possible to protect yourself from it, and if so, how? Wanna Cry virus, description– type of malware belonging to the category RansomWare, ransomware. When hitting HDD victims, Wanna Cry acts according to the script of its “colleagues”, such as TrojanRansom.Win32.zip, encrypting all personal data of all known extensions. When trying to view a file, the user sees on the screen a requirement to pay the nth amount of money, supposedly after which the attacker will send instructions for unlocking. Often, extortion of money is carried out using SMS replenishment of a specially created account, but recently an anonymous payment service has been used for this. BitCoin. Wanna Cry virus - how it works. Wanna Cry is a program called WanaCrypt0r 2.0, which exclusively attacks PCs running Windows. The program uses a “hole” in the system to penetrate - Microsoft Security Bulletin MS17-010, the existence of which was previously unknown. On this moment It is not known for certain how hackers discovered the MS17-010 vulnerability. There is a version about sabotage by anti-virus software manufacturers to maintain demand, but, of course, no one writes off the intelligence of the hackers themselves. Sadly, the Wanna Cry virus is spread in the simplest way – through email. Once you open a spam email, the encryptor is launched and the encrypted files are then almost impossible to recover. Wanna Cry virus - how to protect yourself, treatment. WanaCrypt0r 2.0 uses vulnerabilities in network Windows services. It is known that Microsoft has already released a “patch” - just run the update Windows Update before latest version. It is worth noting that only users who have purchased licensed version Windows - when you try to update a pirated version, the system simply does not will be tested. It is also necessary to remember that Windows XP is no longer updated, as, of course, are earlier versions. You can protect yourself from Wanna Cry by following a few simple rules:
According to media reports, antivirus software manufacturers will release updates to combat Wanna Cry, so updating your antivirus should not be put on hold.
The WannaCry virus thundered throughout the world on May 12, on this day a number of medical institutions in the UK announced that their networks had been infected, the Spanish telecommunications company and the Russian Ministry of Internal Affairs reported repelling a hacker attack. WannaCry (the common people have already nicknamed it Wona's Edge) belongs to the category of ransomware viruses (cryptors), which, when it gets onto a PC, encrypts user files with a cryptographic algorithm, subsequently making it impossible to read these files. Currently, the following popular file extensions are known to be subject to WannaCry encryption:
WannaCry - how the virus spreadsEarlier, we mentioned this method of spreading viruses in an article about, so nothing new. On Mailbox the user receives a letter with a “harmless” attachment - it can be a picture, video, song, but instead of the standard extension for these formats, the attachment will have an executable file extension - exe. When such a file is opened and launched, the system is “infected” and, through a vulnerability, a virus is directly loaded into OS Windows, encrypting user data. This may not be the only method of spreading WannaCry; you can become a victim by downloading “infected” files from in social networks, torrent trackers and other sites. WannaCry – how to protect yourself from the ransomware virus1. Install the patch for Microsoft Windows. On May 14, Microsoft released an emergency patch for the following versions - Vista, 7, 8.1, 10, Windows Server. You can install this patch simply by running a system update through the Windows Update service. 2. Using anti-virus software with up-to-date databases. Well-known security software developers, such as Kaspersky, Dr.Web, have already released an update for their products containing information about WannaCry, thereby protecting their users. 3. Save important data to a separate medium. If your computer does not support it yet, you can save the most important files to a separate medium (flash drive, disk). With this approach, even if you become a victim, you will save the most valuable files from encryption. At the moment these are all known effective ways protection against WannaCry. WannaCry decryptor, where to download and is it possible to remove the virus?Ransomware viruses belong to the category of the most “nasty” viruses, because... in most cases, user files are encrypted with a 128bit or 256bit key. The worst thing is that in each case the key is unique and decrypting each one requires enormous computing power, which makes it almost impossible to treat “ordinary” users. But what if you become a victim of WannaCry and need a decryptor? 1. Contact the Kaspersky Lab support forum - https://forum.kaspersky.com/ with a description of the problem. The forum is staffed by both company representatives and volunteers who actively help solve problems. 2. As in the case of the well-known CryptXXX encryptor, a universal solution was found for decrypting files that have been encrypted. No more than a week has passed since WannaCry was discovered, and specialists from antivirus laboratories have not yet managed to find such a solution for it. 3. The cardinal solution will be - complete removal OS from a computer followed by clean install new. In this situation, all user files and data are completely lost, along with the removal of WannaCry. A wave of a new virus has swept across the world - WannaCry ransomware(other names Wana Decrypt0r, Wana Decryptor, WanaCrypt0r), which encrypts documents on a computer and extorts 300-600 USD for decoding them. How can you tell if your computer is infected? What should you do to avoid becoming a victim? And what to do to recover? After installing the updates, you will need to reboot your computer. How to recover from the Wana Decrypt0r ransomware virus?When antivirus utility, detects a virus, she will either remove it immediately, or ask you whether to treat it or not? The answer is to treat. How to recover files encrypted by Wana Decryptor?We cannot report anything reassuring at the moment. No file decryption tool has yet been created. For now, all that remains is to wait until the decryptor is developed. According to Brian Krebs, a computer security expert, at the moment the criminals have received only 26,000 USD, that is, only about 58 people agreed to pay the ransom to the extortionists. No one knows whether they restored their documents. How to stop the spread of a virus online?In the case of WannaCry, the solution to the problem may be to block port 445 on the Firewall, through which the infection occurs. Thank you for contacting Ideco. We hope that you have indicated enough contact information, and our staff will be able to contact you as soon as possible. Consent to the processing of personal dataThe user, by registering on the site, gives his consent to Aydeko LLC, located at 620144, Ekaterinburg, st. Kulibina 2, office 500, to process your personal data under the following conditions:
License agreementon granting rights to test use of the Software Complex “Internet Gateway Ideco ICS 6”License of LLC "Ideko" for the right to use the computer program " Software package"Internet gateway Ideco ICS 6" (hereinafter referred to as the "Program"):
Global hacker attack has currently affected many computers in Russia and abroad, including the networks of large telecommunications companies, law enforcement agencies and medical institutions. Our technology partners from Kaspersky Lab recorded 45 thousand hacking attempts in 74 countries yesterday, May 12. About the virusThe ransomware program spreading online is called WannaCry (aka Wana Decryptor, WanaCrypt0r and Wana Decrypt0r). Unlike other programs of this type, this encryptor combines the functions of virus, Trojan software and network worms. As penetration mechanisms, it uses email (this mechanism allows it to overcome protective firewalls), as well as the network vulnerability of the SMB protocol published on March 14 of this year: Microsoft Security Bulletin MS17-010. This vulnerability allows the virus to spread within an infected network and infect the maximum number of vulnerable devices. Microsoft does not automatically distribute security updates for Windows XP and Windows 2003, so users using outdated software are most vulnerable. When infecting a device, the virus encrypts all user data on the hard drive and demands a ransom for decrypting it. Ideco ICS is based on the Linux kernel, all ports are on external interfaces are closed by default, so it is protected from attacks that exploit network vulnerabilities similar to those exploited by this virus. NAT technology also reliably protects everything network devices from external connections. Among the options for spreading the virus: email, possibly infected websites and flash drives, and the virus can also be brought by employees along with laptops used on other networks. All mechanisms of virus spread have not yet been studied and can be supplemented by attackers to strengthen the attack in the near future. Setting up Ideco ICSEndpoint protection
If you are using Windows as an Internet gatewayWe do not recommend using any Windows versions on servers connected directly to the Internet. Recently, information has been published about a large number of vulnerabilities, not all of which are closed by existing OS data security updates. Infection of an Internet gateway directly by a virus like WannaCry can lead to infection of all network hosts, loss of commercial information, as well as the participation of the network, as part of a botnet, in attacks on other resources, which may include government ones. Software that uses Windows as a platform also cannot provide the required level of security, because the system kernel will still be vulnerable. If you use software such as Kerio Winroute, we recommend migrating to more secure and modern solutions as soon as possible. The Ideco ICS security gateway is convenient in that it can be used not only as a software and hardware complex, but also installed directly on an existing server or can be deployed as virtual machine on the hypervisor. Yesterday, May 12, computers running operating systems Windows around the world have suffered the biggest attack in recent memory. We are talking about one belonging to the Ransomware class, that is, malicious ransomware that encrypts user files and demands a ransom to restore access to them. In this case, we are talking about amounts from $300 to $600, which the victim must transfer to a specific wallet in bitcoins. The size of the ransom depends on the time that has passed since the infection - after a certain interval it increases. According to « Kaspersky Lab » , WannaCry was most widespread in Russia To avoid joining the ranks of those whose computers are infected, it is necessary to understand how the malware penetrates the system. According to Kaspersky Lab, the attack occurs using a vulnerability in the SMB protocol, which allows you to remotely launch program code. It is based on the EternalBlue exploit, created within the walls of the US National Security Agency (NSA) and made publicly available by hackers. Microsoft introduced a fix for the EternalBlue issue in bulletin MS17-010 dated March 14, 2017, so the first and foremost measure to protect against WannaCry should be to install this security update for Windows. It is precisely the fact that many users and system administrators have not yet done so, and served as the reason for such a large-scale attack, the damage from which has yet to be assessed. True, the update is designed for those versions of Windows for which support has not yet ceased. But Microsoft has also released patches for legacy operating systems such as Windows XP, Windows 8 and Windows Server 2003. You can download them from this page. It is also recommended to be vigilant regarding mailings that arrive via email and other channels, use an updated antivirus in monitoring mode, and, if possible, check the system for threats. If MEM:Trojan.Win64.EquationDrug.gen activity is detected and eliminated, reboot the system and then make sure that MS17-010 is installed. Currently, eight names of the virus are known:
Virus « owns » many languages We must not forget about regular backup important data. Please note that WannaCry targets the following categories of files:
|
Read: |
---|
Popular:
New
- How to set and set up a reminder on iPhone How to set a reminder on iPhone 8
- How to enter a military personnel’s personal account without registration - instructions
- Military serviceman's office personal entrance without registration, by personal number
- Personal computer device
- How to turn off the camera on a laptop How to enable or disable voice control history
- How to determine which sound card is installed on your computer
- Blacklist for Android
- How to find drivers for a computer with a custom configuration
- How to completely remove Avast from your computer?
- Converting GPT to MBR - changing disk layout