Wanna Cry Ransome Cyber Attack

[Sarvesh]

Wanna Cry Ransomware cyber attack has hit more than 104 countries, Russia & India among the worst affected, US NSA is being criticized

News links below:

Wanna Cry ransomware cyber attack: 104 countries hit, India among worst affected, US NSA criticized

Global ransomware cyber attack downs computers in 74 countries, malware used stolen NSA tools

Andhra police computers hit by Wanna Cry cyber attack:

Andhra police computers hit by cyberattack - Times of India

In the wake of the largest ransomware attack in the history that had already infected over 114,000 Windows systems worldwide since last 24 hours, Microsoft just took an unusual step to protect its customers with out-of-date computers.

Microsoft has just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions.

Patch download Link: Microsoft Update Catalog

Tech Guide/ Info: Customer Guidance for WannaCrypt attacks

God bless Our Earth & its people.

Update: some more info Protect Against WannaCry: Microsoft Issues Patch for Unsupported Windows (XP, Vista, 8,...)

 

[bssunilreddy]

 

[Vyom]

Quite an apt name, "Wanna Cry". I wonder who named it so.

As for the ransomware is concerned, well that's what you get for using un-updated Windows. Either use legit windows or use Linux.
Good lesson to a lot of people and organizations out there. I feel sad for hospitals and the likes for getting attacked tho.

 

[quicky008]

is the patch for this ransomware included by default with microsoft's creators update?

 

[Zangetsu]

Quite an apt name, "Wanna Cry". I wonder who named it so.

As for the ransomware is concerned, well that's what you get for using un-updated Windows. Either use legit windows or use Linux.
Good lesson to a lot of people and organizations out there. I feel sad for hospitals and the likes for getting attacked tho.

MS should name the patch as Don't Cry

Linux is good alternative to get protected and also a updated AV database.

 

[chimera201]

But what is the infection method? Clicking on links or something?

 

[Flash]

What is the "Wanna Cry" ransomware's possible impact on Linux users?

 

[Zangetsu]

Has AV companies updated the Database...I think yes

 

[chimera201]

^I got mail from Bitdefender on May 13 saying its updated for it.

 

[Sarvesh]

It can only spread if you download unsolicited file attachment and run it or if you are connected to a network (LAN) which is already affected. It exploits the security issue only on older MS OSes such as XP, XP x64, Vista, Windows 7, Windows 8, Windows Server 2003 (including Datacenter Edition), Windows Server 2008 & Windows XP embedded.

Windows has released security patch (KB4012598) for all these OSes.
Download from here : Microsoft Update Catalog

Simply download and install.
Windows 10, Windows 8.1 & Windows 7 with latest updates installed is not affected.
Anybody using XP or other OS mentioned above should immediately install the patch. You can download the patch on any secure system (Win 10, Linux, Android etc.) and then apply to your system before connecting to internet.

 

[Hrishi]

The ransom ware uses cryptographic injection and residence method to stay on the machine. The actual DLL code is encrypted in a loader with AES encryption. Once the loader is invoked, it uses a 128 bit key to decrypt the actual DLL and associate with a process, almost immediately starting the encryption process.
It spreads via File Share and SMB to the lan/wan segment.
A typical infection vector can be either a file share, or a archive or a pdf or spam email.

Sent from my ONE E1003 using Tapatalk

 

[Zangetsu]

'Accidental hero' halts ransomware attack and warns: this is not over

 

[Prime_Coder]

But what is the infection method? Clicking on links or something?

the attack spreads by phishing emails, but also uses the backdoor developed by the U.S. (NSA) to spread through a network which has not installed recent security updated to directly infect any exposed systems. Read here: WannaCry ransomware attack - Wikipedia

 

[lywyre]

Thankfully, I no longer connect with our PC or laptop. I stay online using my mobile and at office we use Ubuntu.

I will wait till this weekend to update our PC and laptop (both Win 7). Hope the dust would be settled by then.

I recommend every body to take a backup of your documents and personal collections to an external hard-disk.

 

[chimera201]

Most people would have disabled their Windows Update due to forced Win 10 installation. GG MS and NSA.

 

[Flash]

Cyber attacks linked to North Korea, security experts claim

 

[BhargavJ]

I've read that it often stays in the computer for a while before striking. I'm not infected at present. Suppose I am infected but the thing is dormant and so everything appears to be fine, and I make a backup of my important files and copy them to a pendrive, and then my computer files get encrypted, will the files in the pendrive stay safe or is it that the files have already been infected and it is just waiting for some kind of trigger to encrypt the files? Sorry I'm don't know much about these things.

Edit: I opened the Microsoft Update Catalog, but it has nothing for Windows 7. So how do I download the update for Win 7?

 

[chimera201]

I've read that it often stays in the computer for a while before striking. I'm not infected at present. Suppose I am infected but the thing is dormant and so everything appears to be fine, and I make a backup of my important files and copy them to a pendrive, and then my computer files get encrypted, will the files in the pendrive stay safe or is it that the files have already been infected and it is just waiting for some kind of trigger to encrypt the files? Sorry I'm don't know much about these things.

Edit: I opened the Microsoft Update Catalog, but it has nothing for Windows 7. So how do I download the update for Win 7?

Check View Update History. If you have May 2017 Security Monthly Quality Rollup, you are all good. Else you need to check for updates.
Also have a good Anti-virus installed.

 

[BhargavJ]

Check View Update History. If you have May 2017 Security Monthly Quality Rollup, you are all good. Else you need to check for updates.
Also have a good Anti-virus installed.

Have the KB4019264 (2017-05 Security Monthly Quality Rollup for Windows 7) installed, so no problem. Also have Kaspersky security suite installed. Thanks.

 

[Sarvesh]

Have the KB4019264 (2017-05 Security Monthly Quality Rollup for Windows 7) installed, so no problem. Also have Kaspersky security suite installed. Thanks.

Relax! You are safe. Keep your system & Antivirus up to date & do not download any suspicious software or file from any site or email. Kaspersky is one of the best protection around.