Jump to content
In the Name of God بسم الله

WannaCry Ransomware attack: Your PC at risk

Recommended Posts

  • Advanced Member
  1. a type of malicious software designed to block access to a computer system until a sum of money is paid.



In the same way that bacteria mutate to become resistant to antibiotics, so has the WannaCry virus.

That malware was behind the massive ransomware attack that started Friday, hitting more than 150 countries and 200,000 computers, shutting down hospitals, universities, warehouses and banks.

The new ransomware demands 0.11943 bitcoin, or about $218. It uses all the same exploits as the WannaCry ransomware, including EternalBlue, a vulnerability first discovered by the NSA and leaked by the hacker group Shadow Brokers in April.

WannaCry takes advantage of a Windows flaw discovered by the NSA and made public by hackers in April. Microsoft (MSFT, Tech30) did release a patch for the vulnerability in March. But computers and networks that didn't update their systems were still at risk.

On Friday, a security researcher inadvertently created a "kill switch" to help stop the spread of this ransomware. However, a hacker could rewrite the code to omit the kill switch and start trying to infect new machines with a new version of it.

The worm is primarily impacting business, where it can spread quickly through a network to take down an entire company. Business take longer to install critical updates and patches, often to avoid impacting any legacy software they are running. But individuals with PCs running Windows should still take a few precautions.

Here are some preventive/precautionary measures:

  1. Maintain updated Antivirus software on all systems.
  2. Keep the operating system third party applications (MS office, browsers, browser Plugins) up-to-date with the latest patches.
  3. Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline.
  4. Don't open attachments in unsolicited e-mails claiming to be from FedEx or similar organization (Most important), even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if the link seems benign. In cases of genuine URLs close out the e-mail and go to the organization's website directly through browser.
  5. Individuals or organizations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report such instances of fraud to CERT-In and Law Enforcement agencies.



Link to comment
Share on other sites

  • Advanced Member
20 minutes ago, Ron_Burgundy said:

I just received an email from security department and they were warning about same issue. 

This one (WannaCry) is just one such attack. There were quite a few similar kinds in the past too. 

Link to comment
Share on other sites

22 minutes ago, Lover of Ahlulbait (ams) said:

I know dude behind this attack. @DigitalUmmahhas just cleared his Ethical hacking exam and now doing unethical things. Too bad dear. 


I can neither confirm nor deny this allegation.

In a totally unrelated matter, my "friend" is selling all the UK NHS patient data. PM if interested.

Link to comment
Share on other sites

  • Veteran Member

l posted this in another thread, yet this is more applicable here:

http://www.zdnet.com/article/how-almost-anyone-can-wiretap-the-internet/  date:23Nov15

In addition to computers and smartphones, https://www.wired.com/2017/03/medical-devices-next-security-nightmare/ 

And as SC has noted elsewhere:  loT  is advertised as the "lnternet of Things" but in reality is the "lnternet of Troubles"

Link to comment
Share on other sites

  • Advanced Member
31 minutes ago, hasanhh said:

DPRK = Democratic Peoples' Republic of Korea = North Korea


RoK = Republic of Korea = South Korea

No. No. I know DPRK. I mean which govt is blaming. 

On 2017-5-17 at 9:42 AM, hasanhh said:

Starting Tuesday the 16th, the gov't and press are blaming the DPRK.


Link to comment
Share on other sites

  • Veteran Member
9 minutes ago, Lover of Ahlulbait (ams) said:

No. No. I know DPRK. I mean which govt is blaming. 


That was American news. NOW, if you search "ransomeware + blame" and you'll get "blame on ____" to include Microsoft (by a sociologist), the NSA, China, US(by Putin), hackers, ad nauseum .

For one short reference to the DPRK, http://www.dailymail.co.uk/news/article-4508736/North-Korea-global-cyber-hac.html 

Link to comment
Share on other sites

  • 1 month later...
  • Forum Administrators

Yesterday it was announced that there is a new strain of ransomware called Petya. From Symantec Official Blog:


From Norton:

How to deal with Ransomware:

  1. Do not pay the ransom. It only encourages and funds these attackers. Even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.
  2. Be sure you are backing up your data on a regular basis. If you do become a victim of a ransomware attack, you will be able to restore any impacted files from a known good backup. Restoration of your files from a backup is the fastest way to regain access to your data.
  3. Do not provide personal information when answering an email, unsolicited phone call, text message or instant message. Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department if you or your coworkers receive suspicious calls.
  4. Use reputable internet security software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of fake software out there.
  5. Employ content scanning and filtering on your mail servers. Inbound e-mails should be scanned for known threats and should block any attachment types that could pose a threat.
  6. Make sure that all systems and software are up-to-date with relevant patches. Exploit kits hosted on compromised websites are commonly used to spread malware. Regular patching of vulnerable software is necessary to help prevent infection.
  7. If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. Make sure you use a trustworthy Virtual Private Network (VPN) when accessing public Wi-Fi 


Link to comment
Share on other sites

Join the conversation

You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...