Skip to main content

WannaCry Ransomware Attack !!

By

What is WannaCry Ransomware?





Ransomware is a type of virus that once it infects your computer, you are pretty much screwed. It encrypts all of your files on the computer and sends the key to the attackers and then erases it locally from the victim machine so that there is no way to unlock those files unless u pay the ransom. Now the people who create these virus usually require the ransom to be paid through Bitcoin wallet because its untraceable and they have access to the currency without any kind of federal agency being able to track them down. Now the sad thing about this is   once your computer is infected with this virus, you are done. You are  not getting your files back unfortunately, unless u pay the ransom and even then there is a slim chance that you are  going to actually get the key from them to decrypt your files. Most of the time they just take the and don’t even bother to email you the key.


Source … ????

 Now a bunch of analyst are saying this is connected to the  massive spy tool leak from US’s NSA which is National Security Agency that happened a couple of weeks ago.  A hacker group named shadow broker was able to obtain hacker tools from NSA without their knowledge and then they released them to the world. Now these particular hacking tools that NSA had  exploited vulnerabilities in Windows OS that not even Microsoft  knew about.
This is such a bad virus that started from code that NSA created with exploits that Microsoft couldn’t even find. So that kind of gives you the idea the level of code we’re dealing with and now its been weaponized and deployed to the world and the ransom that they are asking  for is 300$ to get the decryption key and so far.


WannaCry: Effect and Consequences

 The WannaCry needs to be a wake up call for all many security experts predicted for this year for a increase in ransomware infections in particularly on soft targets with low security budgets like small organisations, public sectors, hospitals etc.
Well  it looks like a day of reckoning is here for many but with the spread of WannaCry ransomware aka Wanna Decrypter aka W Cry and you may well if u get this on your system which encrypts the victims file and holds a ransom unless amount is paid in Bitcoins. Wanncry first appeared around February  2017. But as now being updated looking different to previous versions it has infected tens of thousands of computers in over 150 countries and is spreading. Currently according to Avast most of the infections are coming from Russia, Ukraine, India and Taiwan.
The number is still counting , you can watch it spreading  if u go to this URL(https://intel.malwaretech.com/botnet/wcrypt/?t=lm&bid=all)  


Here you can see there is a map  of the current infections or at least known by Intel.
The WannaCry ransomware attacks are initiated using a SMB version 2 remote code execution in the Windows OS. This means it acts as a worm and moves from victim machines to victim machine as long as those machines are vulnerable. Each machine searching for new victims, meaning it spreads like wildfire.
The stolen NSA eternal blue exploit which was made publicly available through the Shadow Broker dumped on April the 14th 2017, could  have been used to weaponize the ransomware to exploit the SMB version  remote code vulnerability.

Initially the ransomware was likely to be distributed through Phishing attacks or the simple mechanisms so it could be clicking on a link and opening a archive that has been sent by email.


How It Works ?

The WannaCry shows a timer countdown warning that the payment amount will be raised after 3 days and the victim will completely lose it personal files after 7 days . The transactions statistics of Bitcoin wallets used by WannaCry creators show that some of the victims have  already paid the ransom.


Who are going to be attacked?

So who is at risk, anyone running operating system which are listed in the patch announcement and has not installed this patch. This patch was released by Microsoft March the 14th 2017. However many public organisations have not yet installed the patch to their systems.
So how can you prevent WannaCry infection. Well you need to install the official Windows patch MS 17-010 which closes the SMB server vulnerability used in this ransomware attack. So  if you have got the latest Windows Update then you are protected and you don’t need to install this patch separately. You want to scan all your system and you want to make sure that MS 17-010 is patched and installed and importantly you need to make sure that all of your system are backed-up . All important data should be backed up on drives which are not accessible via your regular system. So it is preferred to make the backup on external hard-drives now or you can use cloud storage if u have any short of backup like that’s in Dropbox that can just get encrypted as well or all the types of syncing backup services you want to backup in a way so that it is isolated from your regular system.
Peoples and organisations  need to take security seriously because attackers are only going to become more ingenious , ransomware is only going to become more widespread and more damaging so please pass your systems now  .




Labels:

Comments

Post a Comment

Popular posts from this blog

10 Major Android O features !

By
Google is surely coming out with its new high-calorie name for Android O, mean while techies are thinking about the possibilities for O....... Google could come ahead with Oreo, Orange, Oatcake.(Most probably Oreo) The very first developer preview of android O is out now,  ahead of its annual Google I/O developer's conference  and like every other update of Android I am excited.While I don't know what Android O will be called , but I do know about all the features that Android O will bring. Google could come ahead with Oreo, Orange, Oatcake.(Most probably Oreo) So here are 10 cool Android O features that you should definitely know. Improved Notification The first Android O feature I'm going to talk about is the improved notifications. Google has been refining the notification center since Lollipop and they are not done yet . Android O brings notification channel which lets you customize notifications for different categories of an app. Let...
Post a Comment
Read more

How To Backup Your Blogger Site/Blog ?

By
I hope , all those who are reading this post will be aware of Blogger or any other blog publishing service like Wordpress. If not, lets take a peek at that. Currently Blogger is owned by Google, which was developed by Pyra Labs. The blogs are hosted under sub-domain blogspot.com Blogger is one of the top free blogging platform. The major drawback of Blogger is that it is full of limitations. Google literally owns your blog, it has complete control over your blog. Google has the right to delete your blog anytime , if it founds you violating its Terms Of Services. It usually happens if you are spamming or doing something which somehow violates the Blogger Term of Services. That is the reason why I suggest to move to WordPress, where you can get self-hosted blog. For the above mentioned reason it is highly recommended for the Bloggers to take complete backup of their Blog including the content, template, themes and comments. By doing this you can have a safe side, if someth...
Post a Comment
Read more

Meet The Mighty--PROMETHEUS!!

By
Brandeis Prometheus  is a luxury phone.It not only has a beautiful design but practical also.The handset is made to be durable and stay cool even when running high power apps.The phone has a unique design,which makes it worth at least a second glance for this new smartphone. TECH-SPECS: DISPLAY : Prometheus has a  Freedom Display  which makes use of the Free Form Technology. It has a 6''(5.5'' rectangular + 0.5'' free form)  4K super Amoled screen with 16:10 aspect ratio and sapphire crystal glass. CAMERA : This phone literally has a Magic Vision. It captures perfection even in darkness. It has a Rear and Front 12 MP Dual-Lens Camera, f/1.7 Aperture,Digital Zoom upto 10x,Optical Image Stabilization,Octa-Led Ring Light Flash,Phase detection/laser Autofocus. Or in a nutshell , just WOW!!. TECHNOLOGY :   This phone literally has its own powerhouse and believe us, you ne...
Post a Comment
Read more