Sections of the site
Editor's Choice:
- BIOS beeps when turning on PC
- How to delete a page in a contact?
- How to delete a deleted VKontakte page?
- ENIAC - the very first computer in the world
- VKontakte was blocked at work, how can I get around it?
- How to delete a VKontakte page from your phone
- Methods to format a hard drive using BIOS
- How to log into Odnoklassniki if the site is blocked?
- How to permanently delete a page in contact?
- How to bypass VK and Odnoklassniki blocking in Ukraine
Advertising
Mass infection with WannaCry ransomware - @ [email protected] |
As reported by Russian media, the work of departments of the Ministry of Internal Affairs in several regions of Russia has been disrupted due to a ransomware that has infected many computers and threatens to destroy all data. In addition, the communications operator Megafon was attacked.
WannaCry encrypts files and documents with the following extensions by adding .WCRY to the end of the file name:
WannaCry attack around the worldAttacks were recorded in more than 100 countries. Russia, Ukraine and India are experiencing the greatest problems. Reports of virus infection are coming from the UK, USA, China, Spain, and Italy. It is noted that the hacker attack affected hospitals and telecommunications companies around the world. An interactive map of the spread of the WannaCrypt threat is available on the Internet. How does infection occur?As users say, the virus gets onto their computers without any action on their part and spreads uncontrollably across networks. On the Kaspersky Lab forum they point out that even an enabled antivirus does not guarantee security. It is reported that the WannaCry ransomware attack (Wana Decryptor) occurs through the Microsoft Security Bulletin MS17-010 vulnerability. Then a rootkit was installed on the infected system, using which the attackers launched an encryption program. All Kaspersky Lab solutions detect this rootkit as MEM:Trojan.Win64.EquationDrug.gen. The infection supposedly occurred a few days earlier, but the virus only manifested itself after it had encrypted all the files on the computer. How to remove WanaDecryptorYou will be able to remove the threat using an antivirus; most antivirus programs will already detect the threat. Common definitions:
If you have already launched the threat on your computer and your files have been encrypted, decrypting the files is almost impossible, since exploiting the vulnerability launches a network encryptor. However, several options for decryption tools are already available:
Microsoft: Install Windows updates Microsoft said that users with the company's free antivirus and Windows System Update enabled will be protected from WannaCryptor attacks. Updates dated March 14 fix the system vulnerability through which the ransomware Trojan is distributed. Today detection was added to the Microsoft Security Essentials/Windows Defender antivirus databases to protect against a new malware known as Ransom:Win32.WannaCrypt.
Experts note that the easiest way to protect yourself from an attack is to close port 445.
If necessary, open the port back:
Note: Port 445 is used by Windows for file sharing. Closing this port does not prevent the PC from connecting to other remote resources, but other PCs will not be able to connect to the system. |
Read: |
---|
Popular:
Temporary email for 10 minutes? |
New
- How to delete a page in a contact?
- How to delete a deleted VKontakte page?
- ENIAC - the very first computer in the world
- VKontakte was blocked at work, how can I get around it?
- How to delete a VKontakte page from your phone
- Methods to format a hard drive using BIOS
- How to log into Odnoklassniki if the site is blocked?
- How to permanently delete a page in contact?
- How to bypass VK and Odnoklassniki blocking in Ukraine
- Formatting via BIOS