Wannacry Ransomware

By -

The WannaCry ransomware attack is an ongoing worldwide cyberattack by the WannaCry ransomware cryptoworm, which targets computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.

The attack started on Friday, 12 May 2017,and has been described as unprecedented in scale, infecting more than 230,000 computers in over 150 countries. Parts of Britain's National Health Service (NHS), Spain's Telefónica, FedEx and Deutsche Bahn were hit, along with many other countries and companies worldwide.

WannaCry spreads across local networks and the Internet to systems that have not been updated with recent security updates, to directly infect any exposed systems. To do so it uses the EternalBlue exploit developed by the U.S. National Security Agency (NSA), which was released by The Shadow Brokers two months before. A "critical" patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organizations had not yet applied it. Those still running exposed older, unsupported operating systems such as Windows XP and Windows Server 2003, were initially at particular risk but the day after the outbreak Microsoft took the unusual step of releasing updates for these operating systems too. Almost all victims are running newer Windows 7.

Shortly after the attack began, a web security researcher who blogs as "MalwareTech" discovered an effective kill switch by registering a domain name he found in the code of the ransomware. This greatly slowed the spread of the infection, but new versions have since been detected that lack the kill switch. As per official news agencies reports, the cyberattack has slowed down drastically and has died down as of 19 May 2017.

Here is the screenshot of the victims Pc.



How it infects the PCs/Servers :
  • Via Phishing e-mail 
  • Via Network through other infected PCs
What are the symptoms that you can identify that your PC is hit by this ransomware or not.
  • Your PC may be crashing repetitively.
  • Occurring of blue screen.
  • PC may get slow.
What you can do  if your PC is infected by this ransomware:
  1. Disconnect your PC from the network immediately (cable or WiFi).
  2. Backup your critical data on a non-connected external drive.
  3. Do not connect the drive to the network until further notice.
  4. Contact immediately 2929 IT support.
  5. Contact on-site support for those PCs not on anti-virus platform.
How to prevent infection form this virus:
  • Do not click on any suspicious link.
  • Do not open any attachment in an e-mail providing unsolicited information.
  • Double check on the origin of the e-mail sender. The e-mail sender name may seem legitimate, but e-mail address can show the mail is malicious.
  •  Apply information Security Charter rules with utmost rigour.
  • Apply all security patches pushed to your PCs by the IPO Team.
 This is how the Ransomware works.



Comments

Post a Comment

Popular posts from this blog

Bypassing Web Portal

By -
Hey all this is all yours Hacklovers back again with my new blog. In this blog I'm going to tell you about the ways you can Bypass the web portals 1 . Many times in schools or college they provide us with free WiFi so that we can freely relax ourselves. May times people use WiFi for opening Facebook, Flash games and many other things. But your network administrator frowns our fun time, and the sites you want to access are blocked. Luckily there are ways around to get pass through the restrictions and have a good time.   So here is the 1st method * Using A Portable browser    1. Portable web Browser : A portable web browser does not need to be installed to run, meaning that it wont leave any traces on the computer you use it on. By downloading a portable browser to a flash drive and configuring its proxy setting, you can have a browser that you can take with you anywhere to bypass any web restriction. Firefox is the easiest portable browser to use. Make sure that you downl
Read more

Things A Cyber Security Student Can Do For Securing Jobs.

By -
Image
    This post is regarding the students who are looking for jobs in Cyber Security field. I being a student have seen my cohorts struggling with getting up for the jobs or securing them. Here are some of the few pointers or tips which I have written down to getting up with the things on the way of securing your job.  Things a Cyber Security student can do: Understand your niche: Get to know your zone. Select your domain or area of interest to get into it and understand the role which is suitable for you.  Study about your role: You should always have a brief idea about the role you want to go for. What are the things you should study for the role you want to go for.        Like if you are going in for SOC Analyst:     You should have knowledge about the networking, technical skills.     Build up your LinkedIn Network: It is important for every student to improve their LinkedIn profile and have some great connections. These are the factors which help you out to stand out for your job
Read more

Start up for hacking

By -
Image
               Now a days many of us about the hacking, n many people who are interested in learning about hacking doesn't know about how to get started. So this blog can let u give some information about how u can start for hacking.             So before we start for hacking the one thing is that it is not necessary that you must be a good programmer. Their are some tools which can help you, while hacking. But you must have basic knowledge about computer networks, IP address, HTTP, FTP, DNS, SMTP, etc. You can also begin to learn about alternative operating systems(OS) like Linux. Basically I recommend to use Linux (backtrack OS). You can use Linux by installing VM Ware or Virtual Box. You will get all the exploitation tools in that. You can take the help of you tube for installation of vm ware and backtrack or any other os. for more details you can refer many books such as Hacking Secrets Exposed and many more. There are many many websites through which you can learn t
Read more