Skip to main content

WannaCry Ransomware Attack !!

By

What is WannaCry Ransomware?





Ransomware is a type of virus that once it infects your computer, you are pretty much screwed. It encrypts all of your files on the computer and sends the key to the attackers and then erases it locally from the victim machine so that there is no way to unlock those files unless u pay the ransom. Now the people who create these virus usually require the ransom to be paid through Bitcoin wallet because its untraceable and they have access to the currency without any kind of federal agency being able to track them down. Now the sad thing about this is   once your computer is infected with this virus, you are done. You are  not getting your files back unfortunately, unless u pay the ransom and even then there is a slim chance that you are  going to actually get the key from them to decrypt your files. Most of the time they just take the and don’t even bother to email you the key.


Source … ????

 Now a bunch of analyst are saying this is connected to the  massive spy tool leak from US’s NSA which is National Security Agency that happened a couple of weeks ago.  A hacker group named shadow broker was able to obtain hacker tools from NSA without their knowledge and then they released them to the world. Now these particular hacking tools that NSA had  exploited vulnerabilities in Windows OS that not even Microsoft  knew about.
This is such a bad virus that started from code that NSA created with exploits that Microsoft couldn’t even find. So that kind of gives you the idea the level of code we’re dealing with and now its been weaponized and deployed to the world and the ransom that they are asking  for is 300$ to get the decryption key and so far.


WannaCry: Effect and Consequences

 The WannaCry needs to be a wake up call for all many security experts predicted for this year for a increase in ransomware infections in particularly on soft targets with low security budgets like small organisations, public sectors, hospitals etc.
Well  it looks like a day of reckoning is here for many but with the spread of WannaCry ransomware aka Wanna Decrypter aka W Cry and you may well if u get this on your system which encrypts the victims file and holds a ransom unless amount is paid in Bitcoins. Wanncry first appeared around February  2017. But as now being updated looking different to previous versions it has infected tens of thousands of computers in over 150 countries and is spreading. Currently according to Avast most of the infections are coming from Russia, Ukraine, India and Taiwan.
The number is still counting , you can watch it spreading  if u go to this URL(https://intel.malwaretech.com/botnet/wcrypt/?t=lm&bid=all)  


Here you can see there is a map  of the current infections or at least known by Intel.
The WannaCry ransomware attacks are initiated using a SMB version 2 remote code execution in the Windows OS. This means it acts as a worm and moves from victim machines to victim machine as long as those machines are vulnerable. Each machine searching for new victims, meaning it spreads like wildfire.
The stolen NSA eternal blue exploit which was made publicly available through the Shadow Broker dumped on April the 14th 2017, could  have been used to weaponize the ransomware to exploit the SMB version  remote code vulnerability.

Initially the ransomware was likely to be distributed through Phishing attacks or the simple mechanisms so it could be clicking on a link and opening a archive that has been sent by email.


How It Works ?

The WannaCry shows a timer countdown warning that the payment amount will be raised after 3 days and the victim will completely lose it personal files after 7 days . The transactions statistics of Bitcoin wallets used by WannaCry creators show that some of the victims have  already paid the ransom.


Who are going to be attacked?

So who is at risk, anyone running operating system which are listed in the patch announcement and has not installed this patch. This patch was released by Microsoft March the 14th 2017. However many public organisations have not yet installed the patch to their systems.
So how can you prevent WannaCry infection. Well you need to install the official Windows patch MS 17-010 which closes the SMB server vulnerability used in this ransomware attack. So  if you have got the latest Windows Update then you are protected and you don’t need to install this patch separately. You want to scan all your system and you want to make sure that MS 17-010 is patched and installed and importantly you need to make sure that all of your system are backed-up . All important data should be backed up on drives which are not accessible via your regular system. So it is preferred to make the backup on external hard-drives now or you can use cloud storage if u have any short of backup like that’s in Dropbox that can just get encrypted as well or all the types of syncing backup services you want to backup in a way so that it is isolated from your regular system.
Peoples and organisations  need to take security seriously because attackers are only going to become more ingenious , ransomware is only going to become more widespread and more damaging so please pass your systems now  .




Labels:

Comments

Post a Comment

Popular posts from this blog

BHIM app launched

By
Gearing up the move towards Digital India , Prime Minister Narendra Modi recently launched e-wallet app  BHIM( Bharat Interface for Money ) ,  which is named after Dr B.R. Ambedkar according to the sources. PM Narendra Modi mentioned that BHIM app is launched for making transactions more easy and reliable. BHIM is Aadhaar  based mobile payment service through which various transactions can be done. The app BHIM was launched at Digi Dhan Mela which was held in Delhi. It is basically refurbished version of UPI (Unified Payments Interface) and USSD (Unstructured Supplementary Service Data) This service can be used on a smartphone or a regular basic feature phone . At present it is available on Play Store for Android Devices , later it will be available on App Store also for iOS devices ( Can't say anything about Windows Phone 😋 ). To use BHIM one needs to register their respective account with the app and generate UPI code for further transactions . T...
Post a Comment
Read more

10 Major Android O features !

By
Google is surely coming out with its new high-calorie name for Android O, mean while techies are thinking about the possibilities for O....... Google could come ahead with Oreo, Orange, Oatcake.(Most probably Oreo) The very first developer preview of android O is out now,  ahead of its annual Google I/O developer's conference  and like every other update of Android I am excited.While I don't know what Android O will be called , but I do know about all the features that Android O will bring. Google could come ahead with Oreo, Orange, Oatcake.(Most probably Oreo) So here are 10 cool Android O features that you should definitely know. Improved Notification The first Android O feature I'm going to talk about is the improved notifications. Google has been refining the notification center since Lollipop and they are not done yet . Android O brings notification channel which lets you customize notifications for different categories of an app. Let...
Post a Comment
Read more

Windows 10 Tricks & Hidden Features !

By
Today I’m going to share some windows 10 tricks and tricks that are fairly unknown. So without any further ado let’s get started. Dynamic Lock There are situations when u get up from your desk to grab a cup of coffee, but you forget to lock your Laptop. Well you won’t want anyone to take a peek in your laptop. Would you? Well this is where the cool new Dynamic Lock feature comes into play. Dynamic lock automatically locks your PC when you are away. To enable it you first have to pair your phone with your PC via Bluetooth. Then you can just head to Settings and go to Accounts and then go to Sign-in options. Here scroll down below and check the option below Dynamic Lock. Now whenever you move away from your Laptop with your phone. Your laptop will automatically be locked, when your phone is out of the Laptop’s Bluetooth range. Do note this feature might only be available only on Windows 10 Creators Update. Free Up Storage If u have a high end Windo...
Post a Comment
Read more