Infection live with WANNA CRY Ransomware and methods of protection

Infection live with WANNA CRY Ransomware and methods of protection
Infection live with WANNA CRY Ransomware and methods of protection
The destructive infection in recent years is a computer which is called Ransomware WannaCry.

Where did WannaCry?

Where he did not know exactly, but we know it was built on the stage of spyware tools subtracted from NSA (SRI Americans) that the NSA used them for espionage. The tools were based on some vulnerabilities in Windows that NSA has not reported to Microsoft, were stolen and put on the Dark Web, where some ideas put them to work.

Actually very suspicious!


Credit for securelist.com image
WannaCry has affected almost all the American continent.

How does a Ransomware?

Simple:
1. get infected
2. The files are encrypted ICI
3. You have to pay if you want to decrypt them
If you are an individual and you have two or three selfies soaked on a PC, not a big problem, but if you are a big company and your entire database is encrypted, then… .Oops - WannaCry.

What says the message displayed WannaCry?

In short, it says to pay $ 300 if we want to decrypt the files, if not… .adio.
There was even a time limit, 7 days, then you can not decrypt the files.
After three days the redemption amount is increased from the 300 600 dollars as moneylenders.
Below is the message in Romanian!

How do we protect the ransomware?

1. You update to Windows. (important)
2. Back up important data on an external hard drive that you will be disconnected after backup. (very important)
3. Use a security solution against ramsomware's
4. Do not install pirated software.
5. Do not visit suspicious sites.
6. Do not click on any attachments from email.


Related tutorials:
How does a PC infected with crypto Trojan LOCKY
Removing ransomware infections type with Malwarebytes
CryptoLocker such as disinfecting prevent and recover files as infected ramsomware





Related Tutorials



About Cristian Cismaru

I like everything related to IT&C, I like to share the experience and information I accumulate every day.
Learn as you learn!

Comments

  1. The best solution against viruses of all kinds is: Better safe than bad.

  2. George said

    It's bad parse this ransomware.

  3. Marius said

    Cristi that free tool launched by Bitdefender anti-ransomware is for all types of ransomware, or just one?

  4. Cristi said

    Safest PC is not connected to the internet!

  5. I think the best solution would be the dedication laptops / PCs and a virus not to touch your devices
    I I put a picture Patriarch Daniel Desktop and screen saver bell Dani so I'm sure that will not have problems with virus

  6. Grozea Lucian said

    Hello.
    How can I download virus to test a virtual machine? Specifically, from where you downloaded. I'd like to try it on linux.

  7. Now seriously, as I see I see that has asked anyone above about that, we leave nine download virus PTR test the virtual machine or not ptr our revenge on enemies, sending them on facebook, mail and they obviously choir click :))

  8. apyttuxije said

    "Back up important data to an external hard drive that you will disconnect after backup"
    But a backup to the cloud (like OneDrive) ???

  9. Last year my PC was infected with the LOCKY virus. I noticed that it encrypted certain files e.g. doc, jpg, dbf etc… but on the computer I had a file that had the extension .jpg-large and on those it did not know how to encrypt it. I would like to ask you if you would rename an extension to an ex archive. from .zip to do it .arhivvv does it still encrypt the file?
    Thanks a lot!

  10. Cloud is affected by WANNA CRY Ransomware?

    • Unaffected, but it may be a way of spreading.
      From the "cloud" you can receive an email with an attachment, or a month on a social network, which is also in the "cloud".

      • Stefan said

        Suffered with another version of Ransomware - it encrypted the files in Dropbox. After synchronizing the affected computer, the ones from Dropbox were also encrypted.
        Only 100% secure solution for now is to save data periodically.

  11. daniel vornicu said

    I was attacked identically two years ago and I noticed that the files and files that were archived or the ISO image (like DVD .pal) could not be encrypted, the rest of all photos, programs etc that were not archived or removed, disk formatting and Windows reinstallation Inclusive flashdisc.If helped with some bafta and luck !!!

  12. cipric50 said

    Cristi have a good usb stik RunSanDiskSecureAccess_Win for entering the password he uses you as being affected by this ransomware?

  13. luciangl said

    WannaCry Malwre patch / RansomVirus Patch. Official link from Microsoft
    order to Prevent infection, has advised users and Organizations to Apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.

    https://technet.microsoft.com/library/security/MS17-010

    The password to decrypt WannaCry files is "[email protected]"And now people can happily recover their data after this massive attack without paying hackers any ransom and path their system before getting targeted by another ransomware or any other kind of virus.

    Cristi if you have virtual, put password and confirm whether and running, or make the update and see if longer infected.

  14. I've been using something like this for a long time. Cybereason… ..call him ..he successfully blocks wannacry and most of this family of Ransomware circulating .on the net. ..tried..it's free ..

  15. Really I do not have antivirus for years, if you know where to stick and you do not install all donkeys on the net will not gets hurt, why I Virus detection (to take aspirin) if I head hurts, possibly to I suck more resources and I work harder laptopu.

  16. Florin said

    Wanna Cry can infect a computer if the user who runs it has limited rights?

  17. I suspect that is solved with a reinstall of windows and formatting hardulul, not just C? I am interested in saving computer viruses in general

  18. Vasile said

    Hi Cristi. I have a misunderstanding. You know that win 10 puts you onedrive. It appears there next to "this pc", "Downloads". In case I get the virus… it encrypts me and what do I have in onedrive or only in the computer partitions?

  19. Ice Alinutza said

    Out of curiosity, this malware also encrypts files in the ext4 filesystem with logging or only those in NTFS format - that is, if I have a dual boot Linux and Windows will all my files or only the Windows ones be affected? Thank you!

  20. Catalin-Marius said

    Hello.
    I do not understand, this virus is the same as the one in 2011 with the name of the Romanian police or the FBI, it does exactly the same thing, and that, except that the Romanian police and the FBI were fooling you to have porn and piracy in the PC.
    That which is now is somehow changed or is as one that has not done much havoc ?! Ms.

  21. Manticore1580 said

    Hello tuturor.Stie someone if archived files with WinRAR or Power ISO, affected by WANNA CRY or any infection Ransomware? A good evening.

  22. Usually, in the source code of a ransomware ARE SPECIFIED the file extensions on which this type of malware has an effect (.docx, .txt, .jpg, .png etc.…)

  23. Florin said

    Several years ago the virus was and Romanian police.

  24. Florin said

    So was the Romanian Police virus.

  25. Gabriel said

    The "Police" virus did not change the extensions, it was possible to hide files and the picture with the "Police" virus appeared on the desktop, so you could not enter windows. With that virus, you could go into "Safe Mode" and disinfect yourself.
    But it doesn't compare to this NEW "Ransomware" virus, which is quite dangerous.
    Thanks to Cristi for this information, - it's important how to protect ourselves !!!

  26. Hello!

    Please beautifully do a tutorial on how to back up the operating system completely?

    Thank you!

  27. Hello! Can you send me the malware executable? I want to do a forensics analysis on it, I'm curious if it keeps the encryption key somewhere

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.