Skip to main content

WannaCry Ransomware Attack !!

By

What is WannaCry Ransomware?





Ransomware is a type of virus that once it infects your computer, you are pretty much screwed. It encrypts all of your files on the computer and sends the key to the attackers and then erases it locally from the victim machine so that there is no way to unlock those files unless u pay the ransom. Now the people who create these virus usually require the ransom to be paid through Bitcoin wallet because its untraceable and they have access to the currency without any kind of federal agency being able to track them down. Now the sad thing about this is   once your computer is infected with this virus, you are done. You are  not getting your files back unfortunately, unless u pay the ransom and even then there is a slim chance that you are  going to actually get the key from them to decrypt your files. Most of the time they just take the and don’t even bother to email you the key.


Source … ????

 Now a bunch of analyst are saying this is connected to the  massive spy tool leak from US’s NSA which is National Security Agency that happened a couple of weeks ago.  A hacker group named shadow broker was able to obtain hacker tools from NSA without their knowledge and then they released them to the world. Now these particular hacking tools that NSA had  exploited vulnerabilities in Windows OS that not even Microsoft  knew about.
This is such a bad virus that started from code that NSA created with exploits that Microsoft couldn’t even find. So that kind of gives you the idea the level of code we’re dealing with and now its been weaponized and deployed to the world and the ransom that they are asking  for is 300$ to get the decryption key and so far.


WannaCry: Effect and Consequences

 The WannaCry needs to be a wake up call for all many security experts predicted for this year for a increase in ransomware infections in particularly on soft targets with low security budgets like small organisations, public sectors, hospitals etc.
Well  it looks like a day of reckoning is here for many but with the spread of WannaCry ransomware aka Wanna Decrypter aka W Cry and you may well if u get this on your system which encrypts the victims file and holds a ransom unless amount is paid in Bitcoins. Wanncry first appeared around February  2017. But as now being updated looking different to previous versions it has infected tens of thousands of computers in over 150 countries and is spreading. Currently according to Avast most of the infections are coming from Russia, Ukraine, India and Taiwan.
The number is still counting , you can watch it spreading  if u go to this URL(https://intel.malwaretech.com/botnet/wcrypt/?t=lm&bid=all)  


Here you can see there is a map  of the current infections or at least known by Intel.
The WannaCry ransomware attacks are initiated using a SMB version 2 remote code execution in the Windows OS. This means it acts as a worm and moves from victim machines to victim machine as long as those machines are vulnerable. Each machine searching for new victims, meaning it spreads like wildfire.
The stolen NSA eternal blue exploit which was made publicly available through the Shadow Broker dumped on April the 14th 2017, could  have been used to weaponize the ransomware to exploit the SMB version  remote code vulnerability.

Initially the ransomware was likely to be distributed through Phishing attacks or the simple mechanisms so it could be clicking on a link and opening a archive that has been sent by email.


How It Works ?

The WannaCry shows a timer countdown warning that the payment amount will be raised after 3 days and the victim will completely lose it personal files after 7 days . The transactions statistics of Bitcoin wallets used by WannaCry creators show that some of the victims have  already paid the ransom.


Who are going to be attacked?

So who is at risk, anyone running operating system which are listed in the patch announcement and has not installed this patch. This patch was released by Microsoft March the 14th 2017. However many public organisations have not yet installed the patch to their systems.
So how can you prevent WannaCry infection. Well you need to install the official Windows patch MS 17-010 which closes the SMB server vulnerability used in this ransomware attack. So  if you have got the latest Windows Update then you are protected and you don’t need to install this patch separately. You want to scan all your system and you want to make sure that MS 17-010 is patched and installed and importantly you need to make sure that all of your system are backed-up . All important data should be backed up on drives which are not accessible via your regular system. So it is preferred to make the backup on external hard-drives now or you can use cloud storage if u have any short of backup like that’s in Dropbox that can just get encrypted as well or all the types of syncing backup services you want to backup in a way so that it is isolated from your regular system.
Peoples and organisations  need to take security seriously because attackers are only going to become more ingenious , ransomware is only going to become more widespread and more damaging so please pass your systems now  .




Labels:

Comments

Post a Comment

Popular posts from this blog

WhatsApp introduces new STATUS feature !!

By
Snapchat has another Facebook owned competitor snatching for its users. We are talking about latest WhatsApp's encrypted Status feature. In the context of its 8th Birthday on 24 Feb , 2017,  the instant messaging platform banged its users with a new feature for sharing bedazzled photos , videos and GIFs( Graphics Interchange Format ) as Status. WhatsApp revamped Status feature will allow users to flaunt their status in far better way. Those people who are using Snapchat can easily relate to this...(and Instagram users too who are addicted to Instagram Stories).These photos , videos and GIFs will disappear automatically after 24 hours of Status Update. Similar to the new security feature ,end-to end encryption this too will be end-to-end encrypted. Your entire WhatsApp contact list can access your status within 24 hours of Status update. WhatsApp will even allow your contact list to comment on your Status to make this feature more social, but these comments will
Post a Comment
Read more

How to Hard Reboot an iPhone or iPad

By
No one can easily doubt over the engineering efforts made by Apple. Despite of that there are some chances that your iPhone or iPad might stop working, by which I mean it stops responding to your touch. At that moment you need to reset your iPhone and considering the worst scenario no matter how long you hold the power button the power off option doesn’t show up. This condition may arise due to any software bug or unwanted behaviour of any app. In such cases there is  a straightforward method to resolve it , which involves forcing your device to reboot. This method is termed as reset or hard restart which is done by holding down the combination of 2 buttons simultaneously for 10 seconds or more. By doing so all running processes will be cleared and the device will be rebooted forcibly. Talking about iPhone 7 and iPhone 7 Plus, the Home button is not a physical button anymore. So the button combination is bit different in these devices than their predecessor.
Post a Comment
Read more

Meet The Mighty--PROMETHEUS!!

By
Brandeis Prometheus  is a luxury phone.It not only has a beautiful design but practical also.The handset is made to be durable and stay cool even when running high power apps.The phone has a unique design,which makes it worth at least a second glance for this new smartphone. TECH-SPECS: DISPLAY : Prometheus has a  Freedom Display  which makes use of the Free Form Technology. It has a 6''(5.5'' rectangular + 0.5'' free form)  4K super Amoled screen with 16:10 aspect ratio and sapphire crystal glass. CAMERA : This phone literally has a Magic Vision. It captures perfection even in darkness. It has a Rear and Front 12 MP Dual-Lens Camera, f/1.7 Aperture,Digital Zoom upto 10x,Optical Image Stabilization,Octa-Led Ring Light Flash,Phase detection/laser Autofocus. Or in a nutshell , just WOW!!. TECHNOLOGY :   This phone literally has its own powerhouse and believe us, you ne
Post a Comment
Read more