1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Massive Spreading of the Ransomeware known as 'Wana Decrypt0r,' 'WannaCryptor' or 'WCRY'

Discussion in 'BlackHat Lounge' started by amoon, May 13, 2017.

  1. amoon

    amoon Jr. VIP Jr. VIP

    Joined:
    May 16, 2015
    Messages:
    1,812
    Likes Received:
    1,091
    Gender:
    Male
    Occupation:
    IM - BHW
    Location:
    Map–Territory


    mentioned in the news and According to a report, the ransomware attack has shut down work at 16 hospitals across the UK after doctors got blocked from accessing patient files. Another report says, 85% of computers at the Spanish telecom firm, Telefonica, has get infected with this malware
    ...



    18425403_1881363501877514_8340229886665241965_n.jpg



    18451397_1881363568544174_3351069955807898916_o.jpg
     
  2. walterz

    walterz Regular Member

    Joined:
    May 5, 2016
    Messages:
    362
    Likes Received:
    255
    Gender:
    Male
    Occupation:
    Video Game Player
    Location:
    Recycle Bin
    Home Page:
    How to prevent getting that malware on us?
     
    • Thanks Thanks x 2
  3. Black Nothing

    Black Nothing Junior Member

    Joined:
    Sep 12, 2016
    Messages:
    197
    Likes Received:
    13
    Location:
    Black Hat Land
    Ive seen it on da news looks narly
     
  4. amoon

    amoon Jr. VIP Jr. VIP

    Joined:
    May 16, 2015
    Messages:
    1,812
    Likes Received:
    1,091
    Gender:
    Male
    Occupation:
    IM - BHW
    Location:
    Map–Territory

    How to Protect Yourself from WannaCry

    First of all, if you haven't patched your Windows machines and servers against EternalBlue exploit (MS17-010), do it right now.

    To safeguard against such ransomware infection, you should always be suspicious of uninvited documents sent an email and should never click on links inside those documents unless verifying the source.

    To always have a tight grip on all your important files and documents, keep a good backup routine in place that makes their copies to an external storage device that is not always connected to your PC.

    Moreover, make sure that you run an active anti-virus security suite of tools on your system, and most importantly, always browse the Internet safely.



    source--> http://thehackernews.com/2017/05/wannacry-ransomware-unlock.html
     
  5. imserious

    imserious Senior Member

    Joined:
    Mar 27, 2009
    Messages:
    950
    Likes Received:
    562
    Update your windows ASAP.
    This worm does not need the user to take any action to spread as it uses some Windows capability to spread itself on a network.
     
  6. Automation247

    Automation247 Regular Member

    Joined:
    Jan 21, 2014
    Messages:
    486
    Likes Received:
    171
    Gender:
    Male
    Occupation:
    Making some $$$
    Location:
    SPAMMING 24/7 FROM SOMEWHERE IN EUROPE
    Home Page:
    The latest vulnerability in Windows is impressive.
    They can EXECUTE ANY CODE REMOTELY and you do not need to download anything or even they can send you an email and infect you even if you do not click / looked at the email.

    These criminals must be banking $$$ just imagine if they can infect these large business then they can infect small and medium business easy peasy.
     
    • Thanks Thanks x 1
  7. MusicMedia88

    MusicMedia88 Junior Member

    Joined:
    Nov 15, 2014
    Messages:
    160
    Likes Received:
    105
    I'm gonna get a screenshot of that and set it as my co-worker's desktop background Monday morning just to freak him out :D
     
    • Thanks Thanks x 1
  8. amoon

    amoon Jr. VIP Jr. VIP

    Joined:
    May 16, 2015
    Messages:
    1,812
    Likes Received:
    1,091
    Gender:
    Male
    Occupation:
    IM - BHW
    Location:
    Map–Territory

    WINDOWS is like a public park for those hackers...:D
     
  9. amoon

    amoon Jr. VIP Jr. VIP

    Joined:
    May 16, 2015
    Messages:
    1,812
    Likes Received:
    1,091
    Gender:
    Male
    Occupation:
    IM - BHW
    Location:
    Map–Territory

    don't forget to give them your bitcoin wallet...and after you receive the payment, remove that Desktop background ...:D
     
  10. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    • Thanks Thanks x 1
  11. JustUs

    JustUs Power Member

    Joined:
    May 6, 2012
    Messages:
    626
    Likes Received:
    588
    Last edited: May 13, 2017
  12. moonlighsunligh

    moonlighsunligh Jr. VIP Jr. VIP Premium Member

    Joined:
    May 1, 2010
    Messages:
    2,041
    Likes Received:
    318
    Home Page:
    I guess servers are the primary targets. A VPS of mine gets attacked every 5-10 minutes. I wasn't sure what it was ... but then figure out it was an malware that can acess any PC even its users do not access the web.

    The (free) solution that works so far (tested by me):
    Microsoft Security Essentials (note that it sometimes disallow RDP connection,so be sure to have other options to connect to your VPS)

    Updates seem to work as well ... but I still need to check again.
     
  13. davids355

    davids355 Jr. VIP Jr. VIP

    Joined:
    Apr 25, 2011
    Messages:
    10,413
    Likes Received:
    8,113
    Scary. It seems patching windows is the primary prevention. And if you get hit, hopefully you have backups.
     
  14. Tensegrity

    Tensegrity Elite Member

    Joined:
    Apr 22, 2009
    Messages:
    1,846
    Likes Received:
    976
    The medical industry is a good niche!
     
  15. umnkenanavi

    umnkenanavi Newbie

    Joined:
    May 15, 2017
    Messages:
    0
    Likes Received:
    0
    Gender:
    Female
    Home Page:
    The most effective way to avoid this Ransomware is to "cut off internet access":p, because it is spread through TCP445 port. It is said that Windows 10 OS is better protected.