Infection live with WANNA CRY Ransomware and methods of protection
The destructive infection in recent years is a computer which is called Ransomware WannaCry.
Where did WannaCry?
Where he did not know exactly, but we know it was built on the stage of spyware tools subtracted from NSA (SRI Americans) that the NSA used them for espionage. The tools were based on some vulnerabilities in Windows that NSA has not reported to Microsoft, were stolen and put on the Dark Web, where some ideas put them to work.
Actually very suspicious!
Credit for securelist.com image
WannaCry has affected almost all the American continent.
How does a Ransomware?
Simple:
1. get infected
2. The files are encrypted ICI
3. You have to pay if you want to decrypt them
If you are an individual and you have two or three selfies soaked on a PC, not a big problem, but if you are a big company and your entire database is encrypted, then… .Oops - WannaCry.
What says the message displayed WannaCry?
In short, it says to pay $ 300 if we want to decrypt the files, if not… .adio.
There was even a time limit, 7 days, then you can not decrypt the files.
After three days the redemption amount is increased from the 300 600 dollars as moneylenders.
Below is the message in Romanian!
How do we protect the ransomware?
1. You update to Windows. (important)
2. Back up important data on an external hard drive that you will be disconnected after backup. (very important)
3. Use a security solution against ramsomware's
4. Do not install pirated software.
5. Do not visit suspicious sites.
6. Do not click on any attachments from email.
Related tutorials:
How does a PC infected with crypto Trojan LOCKY
Removing ransomware infections type with Malwarebytes
CryptoLocker such as disinfecting prevent and recover files as infected ramsomware
The best solution against viruses of all kinds is: Better safe than bad.
It's bad parse this ransomware.
Cristi that free tool launched by Bitdefender anti-ransomware is for all types of ransomware, or just one?
We will test and see… in another tutorial. I couldn't say "belly", because I didn't use such tools.
Bitdefender is software that against ransomware and is doing great for any attack before!
Next-gen protection against CTB-Locker ransomware, Locky, Petya and TeslaCrypt ransomware Families
Known threats are eliminated by antiviruses. The unknowns, ie "zero days" (https://en.wikipedia.org/wiki/Zero-day_(computing) ) Infects you without being able to detect.
Safest PC is not connected to the internet!
That can sleep must:
1. Disconnect the net
2. PC out of the socket
3. open the window
4. When PC window
5. You put your head and pray quilt
☺
Fake, on the contrary, you can connect to it a usb, cd, dvd or even an external hard drive and do not forget that an up-to-date antivirus becomes useless.
The safest PC is the one who has installed and Linux Mint no longer joking about viruses in linux just does not exist like that just the bad Windows suffer.
I think the best solution would be the dedication laptops / PCs and a virus not to touch your devices
I I put a picture Patriarch Daniel Desktop and screen saver bell Dani so I'm sure that will not have problems with virus
His Holiness Patriarch aka Daniel is overkill in my opinion. A bottle of holy water-original that work wonders on the base plate.
Hello.
How can I download virus to test a virtual machine? Specifically, from where you downloaded. I'd like to try it on linux.
Now seriously, as I see I see that has asked anyone above about that, we leave nine download virus PTR test the virtual machine or not ptr our revenge on enemies, sending them on facebook, mail and they obviously choir click :))
I can not do it, sorry.
"Back up important data to an external hard drive that you will disconnect after backup"
But a backup to the cloud (like OneDrive) ???
Go, but I thought the safest way (fenced external disk) where, even if you fall the net, you will still be able to access the data.
Last year my PC was infected with the LOCKY virus. I noticed that it encrypted certain files e.g. doc, jpg, dbf etc… but on the computer I had a file that had the extension .jpg-large and on those it did not know how to encrypt it. I would like to ask you if you would rename an extension to an ex archive. from .zip to do it .arhivvv does it still encrypt the file?
Thanks a lot!
Cloud is affected by WANNA CRY Ransomware?
Unaffected, but it may be a way of spreading.
From the "cloud" you can receive an email with an attachment, or a month on a social network, which is also in the "cloud".
Suffered with another version of Ransomware - it encrypted the files in Dropbox. After synchronizing the affected computer, the ones from Dropbox were also encrypted.
Only 100% secure solution for now is to save data periodically.
I was attacked identically two years ago and I noticed that the files and files that were archived or the ISO image (like DVD .pal) could not be encrypted, the rest of all photos, programs etc that were not archived or removed, disk formatting and Windows reinstallation Inclusive flashdisc.If helped with some bafta and luck !!!
Cristi have a good usb stik RunSanDiskSecureAccess_Win for entering the password he uses you as being affected by this ransomware?
WannaCry Malwre patch / RansomVirus Patch. Official link from Microsoft
order to Prevent infection, has advised users and Organizations to Apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.
https://technet.microsoft.com/library/security/MS17-010
The password to decrypt WannaCry files is "WNcry@2ol7" and now people can happily recover back their data after this massive attack without paying the hackers any ransom and path their system before getting targeted by another ransomware or any other kind of virus.
Cristi if you have virtual, put password and confirm whether and running, or make the update and see if longer infected.
I've been using something like this for a long time. Cybereason… ..call him ..he successfully blocks wannacry and most of this family of Ransomware circulating .on the net. ..tried..it's free ..
Really I do not have antivirus for years, if you know where to stick and you do not install all donkeys on the net will not gets hurt, why I Virus detection (to take aspirin) if I head hurts, possibly to I suck more resources and I work harder laptopu.
Wanna Cry can infect a computer if the user who runs it has limited rights?
I suspect that is solved with a reinstall of windows and formatting hardulul, not just C? I am interested in saving computer viruses in general
Hi Cristi. I have a misunderstanding. You know that win 10 puts you onedrive. It appears there next to "this pc", "Downloads". In case I get the virus… it encrypts me and what do I have in onedrive or only in the computer partitions?
Out of curiosity, this malware also encrypts files in the ext4 filesystem with logging or only those in NTFS format - that is, if I have a dual boot Linux and Windows will all my files or only the Windows ones be affected? Thank you!
It only runs on Windows.
Hello.
I do not understand, this virus is the same as the one in 2011 with the name of the Romanian police or the FBI, it does exactly the same thing, and that, except that the Romanian police and the FBI were fooling you to have porn and piracy in the PC.
That which is now is somehow changed or is as one that has not done much havoc ?! Ms.
Hello tuturor.Stie someone if archived files with WinRAR or Power ISO, affected by WANNA CRY or any infection Ransomware? A good evening.
Usually, in the source code of a ransomware ARE SPECIFIED the file extensions on which this type of malware has an effect (.docx, .txt, .jpg, .png etc.…)
Several years ago the virus was and Romanian police.
So was the Romanian Police virus.
The "Police" virus did not change the extensions, it was possible to hide files and the picture with the "Police" virus appeared on the desktop, so you could not enter windows. With that virus, you could go into "Safe Mode" and disinfect yourself.
But it doesn't compare to this NEW "Ransomware" virus, which is quite dangerous.
Thanks to Cristi for this information, - it's important how to protect ourselves !!!
Hello!
Please beautifully do a tutorial on how to back up the operating system completely?
Thank you!
https://videotutorial.ro/acronis-true-image-2011-un-soft-de-backup-campion-la-pastrarea-in-siguranta-a-datelor-tutorial-video/
We already have several tutorials on this topic using various software. Type up in the search box on the right “Keriver 1-Click Restore Free backup and restore software for Windows” press the Enter key and you will find the tutorial
Hello! Can you send me the malware executable? I want to do a forensics analysis on it, I'm curious if it keeps the encryption key somewhere