Infection live with WANNA CRY Ransomware and methods of protection

Infection live with WANNA CRY Ransomware and methods of protection
Infection live with WANNA CRY Ransomware and methods of protection
The destructive infection in recent years is a computer which is called Ransomware WannaCry.

Where did WannaCry?

Where he did not know exactly, but we know it was built on the stage of spyware tools subtracted from NSA (SRI Americans) that the NSA used them for espionage. The tools were based on some vulnerabilities in Windows that NSA has not reported to Microsoft, were stolen and put on the Dark Web, where some ideas put them to work.

Actually very suspicious!

Credit for image
WannaCry has affected almost all the American continent.

How does a Ransomware?

1. get infected
2. The files are encrypted ICI
3. You have to pay if you want to decrypt them
If you have two individual and three mooring selfiuri via PC, no big problem, but if you're a big company and across your database is encrypted, then ... .Oops - it's WannaCry.

What says the message displayed WannaCry?

In short, says 300 dollars to pay if we want to decrypt files unless ... .adio.
There was even a time limit, 7 days, then you can not decrypt the files.
After three days the redemption amount is increased from the 300 600 dollars as moneylenders.
Below is the message in Romanian!

How do we protect the ransomware?

1. You update to Windows. (important)
2. Back up important data on an external hard drive that you will be disconnected after backup. (very important)
3. Use a security solution against ramsomware's
4. Do not install pirated software.
5. Do not visit suspicious sites.
6. Do not click on any attachments from email.

Related tutorials:
How does a PC infected with crypto Trojan LOCKY
Removing ransomware infections type with Malwarebytes
CryptoLocker such as disinfecting prevent and recover files as infected ramsomware

Related Tutorials

About Cristian Cismaru

I love everything related to IT & C, I like to share the experience and information that we accumulate every day.
Learn as you learn!


  1. The best solution against viruses of all kinds is: Better safe than bad.

  2. George said

    It's bad parse this ransomware.

  3. Marius said

    Cristi that free tool launched by Bitdefender anti-ransomware is for all types of ransomware, or just one?

  4. Cristi said

    Safest PC is not connected to the internet!

  5. I think the best solution would be the dedication laptops / PCs and a virus not to touch your devices
    I I put a picture Patriarch Daniel Desktop and screen saver bell Dani so I'm sure that will not have problems with virus

  6. Grozea Lucian said

    How can I download virus to test a virtual machine? Specifically, from where you downloaded. I'd like to try it on linux.

  7. Now seriously, as I see I see that has asked anyone above about that, we leave nine download virus PTR test the virtual machine or not ptr our revenge on enemies, sending them on facebook, mail and they obviously choir click :))

  8. apyttuxije said

    "Back up important data on an external hard drive that you will be disconnected after backup"
    But a backup to the cloud (like OneDrive) ???

  9. Last year was my PC infected with LOCKY. I noticed that some files encrypted ex. doc, jpg, DBF etc ... but I had a file on your computer that have large-.jpg extension and those not known to encrypt it. I would like to ask if you rename an extension to an ex archive. from .zip to do .arhivvv It also encrypts the file?
    Thanks a lot!

  10. Cloud is affected by WANNA CRY Ransomware?

    • Unaffected, but it may be a way of spreading.
      From the "cloud" can receive an email with an attachment, or one months on any social network, which is still in the "cloud."

      • Stefan said

        Happened with another version of Ransomware - encrypted files in Dropbox. After synchronizing the affected computer were encrypted and the Dropbox.
        Only 100% secure solution for now is to save data periodically.

  11. daniel vornicu said

    I was attacked identically two years ago and I noticed that the files and files that were archived or the ISO image (like DVD .pal) could not be encrypted, the rest of all photos, programs etc that were not archived or removed, disk formatting and Windows reinstallation Inclusive flashdisc.If helped with some bafta and luck !!!

  12. cipric50 said

    Cristi have a good usb stik RunSanDiskSecureAccess_Win for entering the password he uses you as being affected by this ransomware?

  13. luciangl said

    WannaCry Malwre patch / RansomVirus Patch. Official link from Microsoft
    order to Prevent infection, has advised users and Organizations to Apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.

    The password to decrypt WannaCry files is "[Email protected]"And now people can happily recover their data after this massive attack without paying hackers any ransom and path their system before getting targeted by another ransomware or any other kind of virus.

    Cristi if you have virtual, put password and confirm whether and running, or make the update and see if longer infected.

  14. I've been using it for a long time. Cybereason ... he calls him .. he successfully blocks wannacry and all of this Ransomware family running net. ..incercatil .. for free ..

  15. Really I do not have antivirus for years, if you know where to stick and you do not install all donkeys on the net will not gets hurt, why I Virus detection (to take aspirin) if I head hurts, possibly to I suck more resources and I work harder laptopu.

  16. Florin said

    Wanna Cry can infect a computer if the user who runs it has limited rights?

  17. I suspect that is solved with a reinstall of windows and formatting hardulul, not just C? I am interested in saving computer viruses in general

  18. Vasile said

    Hello Cristi. I have a misunderstanding. You know you put onedrive 10 win. Besides there appears "this PC", "Downloads". In case I get the virus ... it encrypts and I only partitions in onedrive or computer?

  19. Ice Alinutza said

    Out of curiosity, this malware encrypts files in the file system journaling ext4 or only the NTFS format - that if I have a dual boot Linux and Windows I will be affected all files or just the Windows? Thank you!

  20. Catalin-Marius said

    I do not understand, this virus is the same as the one in 2011 with the name of the Romanian police or the FBI, it does exactly the same thing, and that, except that the Romanian police and the FBI were fooling you to have porn and piracy in the PC.
    That which is now is somehow changed or is as one that has not done much havoc ?! Ms.

  21. Manticore1580 said

    Hello tuturor.Stie someone if archived files with WinRAR or Power ISO, affected by WANNA CRY or any infection Ransomware? A good evening.

  22. Usually the source code of a specified file extensions ransomware whom it this malware (.docx, .txt, .jpg, .png etc ...)

  23. Florin said

    Several years ago the virus was and Romanian police.

  24. Florin said

    So was the Romanian Police virus.

  25. Gabriel said

    Virus "Police" does not change the extensions can hide files and appear on the desktop picture virus "Police", so you could not get into Windows. At that virus could enter the "Safe Mode" and can disinfect.
    But do not compare to this new virus, type "Ransomware" that is quite dangerous.
    Cristi Thanks for this information - it is important how to protect !!!

  26. Hello!

    Please beautifully do a tutorial on how to back up the operating system completely?

    Thank you!

  27. Hello! Can you send me the malware executable? I want to do a forensics analysis on it, I'm curious if it keeps the encryption key somewhere

Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.