Nasty Ransomware worm on the loose.
#1
Nasty Ransomware worm on the loose.
As you may have seen, there is a nasty ransomware worm on the loose globally at the moment.
Massive ransomware infection hits computers in 99 countries - BBC News
This gets in and infects your Windows machine, encrypting all your key files (in about 5 mins) and then blue screens your computer to a message, demanding bitcoins for the decrypt key.
This is a worm, as well as a virus, which means it can get at your computer over the net, without you doing anything. However it appears that it is doing this via SMB shares - and if you have a decent router it should bounce these (port 445) from the outside net. However, once inside your home network, it will make a fast and complete mess .... plus they may find another way through your firewalls. Don't open anything you aren't 110% sure of.
Make sure you have an offline backup of you critical files, your antivirus is up to date, and so are your Windows updates.
This was a fault in Windows that they patched a number of weeks back, but as has been shown, many don't have update working (and WinXP no longer gets any updates anyway). It is derived from an NSA hacking tool that leaked late last year - hence why the Win updates have only been recent - the NSA kept the info to themselves.
Hopefully someone will find a way to cut this out at the net level (it has shades of the ARPANET worm), but for the next few days at least - be careful out there.
Massive ransomware infection hits computers in 99 countries - BBC News
This gets in and infects your Windows machine, encrypting all your key files (in about 5 mins) and then blue screens your computer to a message, demanding bitcoins for the decrypt key.
This is a worm, as well as a virus, which means it can get at your computer over the net, without you doing anything. However it appears that it is doing this via SMB shares - and if you have a decent router it should bounce these (port 445) from the outside net. However, once inside your home network, it will make a fast and complete mess .... plus they may find another way through your firewalls. Don't open anything you aren't 110% sure of.
Make sure you have an offline backup of you critical files, your antivirus is up to date, and so are your Windows updates.
This was a fault in Windows that they patched a number of weeks back, but as has been shown, many don't have update working (and WinXP no longer gets any updates anyway). It is derived from an NSA hacking tool that leaked late last year - hence why the Win updates have only been recent - the NSA kept the info to themselves.
Hopefully someone will find a way to cut this out at the net level (it has shades of the ARPANET worm), but for the next few days at least - be careful out there.
#2
Re: Nasty Ransomware worm on the loose.
If you are running a machine that hasn't been updated since March you deserve everything you get.
#3
Re: Nasty Ransomware worm on the loose.
Frankly MS shot themselves in the foot when they used their 'patches' for nefarious ends - people stopped trusting them when win10 turned up unannounced.
And then there are people still running WinXP, because it works and why should they pay for more trouble. They are SoL.
#4
Re: Nasty Ransomware worm on the loose.
If you just allow microsoft, or any of the other manufacturers, to update OS and apps, you get unannounced reductions in functionality, incompatibility, forced 'upgrades' to Win10 and spying/advertising/privacy invasion. So frankly it's no surprise that people don't just allow 'patches' to install.
Frankly MS shot themselves in the foot when they used their 'patches' for nefarious ends - people stopped trusting them when win10 turned up unannounced.
And then there are people still running WinXP, because it works and why should they pay for more trouble. They are SoL.
Frankly MS shot themselves in the foot when they used their 'patches' for nefarious ends - people stopped trusting them when win10 turned up unannounced.
And then there are people still running WinXP, because it works and why should they pay for more trouble. They are SoL.
Ironically MS has just announced that it is going to twice annual updates to Win10 in future which makes you think lots of clever, devious people will be looking for holes which appear over a 6 month period.
A simple Google search will tell you how to change the Win10 settings so you don't have your data harvested, annoying Cortana etc. (I know you know this, it's what everyone should do - check their settings and change them so Gates doesn't gather info and nag 'to improve your experience').
#5
Lost in BE Cyberspace
Joined: Dec 2010
Posts: 14,040
Re: Nasty Ransomware worm on the loose.
Negative ghostrider. Major updates. Joyful apps. Security and patches will come in regulary
#6
Re: Nasty Ransomware worm on the loose.
Sure enough, a version of the ransomware without the domain kill switch that stopped to previous version is in the wild :
https://motherboard.vice.com/en_us/a...-globe-is-back
Meanwhile, mickeysoft have released the patch that repairs their hole in their older OS (eg WinXP, Win8) that were out of support
https://blogs.technet.microsoft.com/...crypt-attacks/
https://motherboard.vice.com/en_us/a...-globe-is-back
Meanwhile, mickeysoft have released the patch that repairs their hole in their older OS (eg WinXP, Win8) that were out of support
https://blogs.technet.microsoft.com/...crypt-attacks/
#7
Re: Nasty Ransomware worm on the loose.
My simple guide to PC security.
Step 1: Erase Windows and install Linux.
Step 2: Have a nice cup of tea.
I'm being cruel, actually use Windows a lot myself. I was surprised by the scope of the organisations hit, not so much the NHS who have a storied and miserable past with IT, but Telefónica?
I suppose we should all thank the NSA for their work in keeping us safe. Many thanks from...oh well, you already know who we are .
Step 1: Erase Windows and install Linux.
Step 2: Have a nice cup of tea.
I'm being cruel, actually use Windows a lot myself. I was surprised by the scope of the organisations hit, not so much the NHS who have a storied and miserable past with IT, but Telefónica?
I suppose we should all thank the NSA for their work in keeping us safe. Many thanks from...oh well, you already know who we are .
#8
Re: Nasty Ransomware worm on the loose.
And obviously, it you are a large organisation you can't just let mickeysoft screw up your installs (because you can't trust them not to screw up your installs) and so if you are slow with regression testing patches ...
BTW looks like the kill switch less version doesn't have the SMB worm part .... yet.
#9
Re: Nasty Ransomware worm on the loose.
If you just allow microsoft, or any of the other manufacturers, to update OS and apps, you get unannounced reductions in functionality, incompatibility, forced 'upgrades' to Win10 and spying/advertising/privacy invasion. So frankly it's no surprise that people don't just allow 'patches' to install.
Frankly MS shot themselves in the foot when they used their 'patches' for nefarious ends - people stopped trusting them when win10 turned up unannounced.
And then there are people still running WinXP, because it works and why should they pay for more trouble. They are SoL.
Frankly MS shot themselves in the foot when they used their 'patches' for nefarious ends - people stopped trusting them when win10 turned up unannounced.
And then there are people still running WinXP, because it works and why should they pay for more trouble. They are SoL.
The MS patching policy does suck, to be honest I do very little on the laptop these days, I prefer iOS which despite having its own array of issues does "just work".
Getting too old to be faffing with Linux ... 25+ years of commercial software development will do that to you ...