HyFlyer Posted May 12, 2017 Share Posted May 12, 2017 Public service message. Be careful out there...... https://www.forbes.com/sites/thomasbrewster/2017/05/12/nsa-exploit-used-by-wannacry-ransomware-in-global-explosion/#e599ba0e599b http://imageshack.com/a/img923/8724/ySZ4xP.jpg Link to comment Share on other sites More sharing options...
mrzippy Posted May 12, 2017 Share Posted May 12, 2017 Don't open emails from anyone you don't know! Still thinking about a new flightsim only computer! Link to comment Share on other sites More sharing options...
davidjones Posted May 12, 2017 Share Posted May 12, 2017 Microsoft has issued protection patches for this in March. Make sure your system has all of the latest updates. If you have auto updates on you will already have it. Just remember you owe this exploit to WikiLeaks . . . DJ Link to comment Share on other sites More sharing options...
HyFlyer Posted May 12, 2017 Author Share Posted May 12, 2017 By the way, the MS patch that should address the Eternal Blue infection is MS17-010 Link to comment Share on other sites More sharing options...
napamule2 Posted May 13, 2017 Share Posted May 13, 2017 I heard this ramsom ware is mostly being seen in Europe. And 'low income' countries. The ransom amount is small, but they will profit by 'contacting' a LOT of 'unprotected' and/or 'older' computers. I am not worried. Chuck B Napamule i7 2600K @ 3.4 Ghz (Turbo-Boost to 3.877 Ghz), Asus P8H67 Pro, Super Talent 8 Gb DDR3/1333 Dual Channel, XFX Radeon R7-360B 2Gb DDR5, Corsair 650 W PSU, Dell 23 in (2048x1152), Windows7 Pro 64 bit, MS Sidewinder Precision 2 Joy, Logitech K-360 wireless KB & Mouse, Targus PAUK10U USB Keypad for Throttle (F1 to F4)/Spoiler/Tailhook/Wing Fold/Pitch Trim/Parking Brake/Snap to 2D Panel/View Change. Installed on 250 Gb (D:). FS9 and FSX Acceleration (locked at 30 FPS). Link to comment Share on other sites More sharing options...
Elvensmith Posted May 13, 2017 Share Posted May 13, 2017 It has caused widespread disruption to the National Health Service (NHS) here in the UK, from hospitals through to GP surgeries. In many parts of the country operations have been cancelled and people told not to go to A&E (our version of the ER) unless their condition is life threatening. A nasty attack by people who seem to have no regard for the effect it could have on human life. IMHO find out who the culprits are and they get a visit from Mr C.R. Uise-Missile or a suitably equipped drone. Vern. Link to comment Share on other sites More sharing options...
HyFlyer Posted May 13, 2017 Author Share Posted May 13, 2017 Interesting reading: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/ Link to comment Share on other sites More sharing options...
JSkorna Posted May 13, 2017 Share Posted May 13, 2017 This is why people that don't update their OS are only asking for trouble. http://www.air-source.us/images/sigs/000219_195_jimskorna.png Link to comment Share on other sites More sharing options...
Jim Robinson Posted May 13, 2017 Share Posted May 13, 2017 According to this guy someone's found a "kill switch" and shut this thing down: Link to comment Share on other sites More sharing options...
loki Posted May 13, 2017 Share Posted May 13, 2017 Interesting reading: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/ Also interesting that Microsoft thought it was serious enough to issue patches for officially unsupported versions of Windows. https://krebsonsecurity.com/2017/05/microsoft-issues-wanacrypt-patch-for-windows-8-xp/ Link to comment Share on other sites More sharing options...
jgf Posted May 13, 2017 Share Posted May 13, 2017 The best protection is to simply keep everything backed up on external drives. I rotate two 1tB units for monthly backups of my complete system, a third is used for incremental backups as necessary. Something hits my system, I boot from a maintenance disk, wipe out and reformat both internal drives, then restore from the external drives (fortunately have never needed to do this, but did a trial run once). These drives are inexpensive and good backup software is free. Link to comment Share on other sites More sharing options...
ryapad Posted May 14, 2017 Share Posted May 14, 2017 Yaaaa! More Havoc... Eagles may soar, but weasels never get sucked into jet engines. [sIGPIC][/sIGPIC] http://gac16.blogspot.com/ Link to comment Share on other sites More sharing options...
TightGit Posted May 14, 2017 Share Posted May 14, 2017 I think it's reasonable to assume that everyone on this forum has installed and operated a flight sim and so has a knowledge of computer operation to a greater or lesser extent (in my case lesser!). But it's easy to forget that there are millions of computer users who haven't a clue how the things actually work. A good analogy is the millions of excellent car drivers who are completely stuck if the engine won't start. (Mrs TG is one of those excellent drivers but doesn't know how to check the engine oil level, or even that it needs checking.) My point is that saying things like "Everybody knows to make back-ups and not to open unknown attachments" is simply not true. Link to comment Share on other sites More sharing options...
RatRace Posted May 14, 2017 Share Posted May 14, 2017 A good analogy is the millions of excellent car drivers who are completely stuck if the engine won't start. In my book, if you don't know how to start an engine (or cannot figure out why it won' start), you are by definition not a good car driver. Unlike watching TV where you don't need to know how a TV works to enjoy a TV show, you do need to know how a car works to properly drive one. In general, it always helps to know how a device works in order to operate and maintain it. That even applies to TVs, as well as PCs or laptops. Link to comment Share on other sites More sharing options...
TightGit Posted May 14, 2017 Share Posted May 14, 2017 In my book, if you don't know how to start an engine (or cannot figure out why it won' start), you are by definition not a good car driver. I'm sure that Mrs TG would contend that 55 years of accident free driving would suggest otherwise! But I was merely making the point that millions of computer users could more accurately be called "Operators", as they have no idea what actually happens when they click on something. Link to comment Share on other sites More sharing options...
RatRace Posted May 14, 2017 Share Posted May 14, 2017 I'm sure that Mrs TG would contend that 55 years of accident free driving would suggest otherwise! Well, who am I to doubt Mrs TG :D But I was merely making the point that millions of computer users could more accurately be called "Operators", as they have no idea what actually happens when they click on something. Unfortunately, I have to agree with you on that one too ! Link to comment Share on other sites More sharing options...
JSMR Posted May 15, 2017 Share Posted May 15, 2017 This is why people that don't update their OS are only asking for trouble. Maybe all those who got 'infected' should've updated as well. Shame on them. https://fshub.io/airline/RUA/overview Link to comment Share on other sites More sharing options...
CRJ_simpilot Posted May 16, 2017 Share Posted May 16, 2017 The best protection is to simply keep everything backed up on external drives. I rotate two 1tB units for monthly backups of my complete system, a third is used for incremental backups as necessary. Something hits my system, I boot from a maintenance disk, wipe out and reformat both internal drives, then restore from the external drives (fortunately have never needed to do this, but did a trial run once). These drives are inexpensive and good backup software is free. This is what I do. I clone each computer to external drives. If the computer is hacked I just reformat, boot AOMEI Backuper from USB and clone back from my external hard drive. OOM errors? Read this. What the squawk? An awesome weather website with oodles of Info. and options. Wile E. Coyote would be impressed. Link to comment Share on other sites More sharing options...
CRJ_simpilot Posted May 16, 2017 Share Posted May 16, 2017 A vast majority of polymorphic malware enters via E-mail attachments. People shouldn't open attachments that they have no idea about. Take great care in opening attachments. I use many forms of security and one of those is Sandboxie. This could help greatly. Attachments should be hashed and verified for the recipient. OOM errors? Read this. What the squawk? An awesome weather website with oodles of Info. and options. Wile E. Coyote would be impressed. Link to comment Share on other sites More sharing options...
il88pp Posted May 16, 2017 Share Posted May 16, 2017 Crj, what you describe is called restoring a System Image. That's not the same as cloning. As a note, as correct terminology matters with things involving a whole disk. [sIGPIC][/sIGPIC] Link to comment Share on other sites More sharing options...
ftldave Posted May 16, 2017 Share Posted May 16, 2017 Has anyone else noticed that Bitcoin, the payment demanded by the ransoming criminals, is rarely mentioned in press reports about this WannaCry/WannaCrypt ransomware attack? That anonymous Internet payment system, a "crypto currency", seems to have created an explosion of ransomware, with 2016 being a record year for such criminal activity. Just last week I received a white paper from Hewlett-Packard hyping Bitcoin as "gonna be great" for banks and business, to boost profits, "a way to streamline transactions by eliminating paperwork, errors, and jobs." And as we all know, eliminating jobs is a good thing in the corporate world, a-hem. Correction - HP avoided using the name "Bitcoin", referred to "Blockchain" instead, the internal clearing mechanism used in Bitcoin transactions. So, maybe the Bitcoin name is starting to get a less than reputable reputation, something that the corporate marketers want to avoid. But they do surely want a piece of it, to "monetize" it, as they say in so-called corporate culture. Bitcoin may be the currency-of-choice for tin foil mad hatters and anarchists, but the crooks sure love it as well. Link to comment Share on other sites More sharing options...
tiger1962 Posted May 16, 2017 Share Posted May 16, 2017 There's been plenty of coverage this side of the pond, and on the web, we know where the bitcoin 'wallets' for these ransomware payments are located: https://qz.com/982993/watch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack/ Of course, if these bitcoins are ever exchanged for cash it'll be Game Over for whoever does it, which means that you can't cash them in yourself and you can't sell them on, so what was the point? Tim Wright "The older I get, the better I was..." Xbox Series X, Asus Prime H510M-K, Intel Core i5-11400F 4.40GHz, 16Gb DDR4 3200, 2TB WD Black NVME SSD, 1TB Samsung SATA SSD NVidia RTX3060 Ti 8Gb, Logitech Flight Yoke System, CH Pro Pedals, Acer K272HL 27", Windows 11 Home x64 Link to comment Share on other sites More sharing options...
CRJ_simpilot Posted May 16, 2017 Share Posted May 16, 2017 There's been plenty of coverage this side of the pond, and on the web, we know where the bitcoin 'wallets' for these ransomware payments are located: https://qz.com/982993/watch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack/ Of course, if these bitcoins are ever exchanged for cash it'll be Game Over for whoever does it, which means that you can't cash them in yourself and you can't sell them on, so what was the point? HAHAHA That's golden. OOM errors? Read this. What the squawk? An awesome weather website with oodles of Info. and options. Wile E. Coyote would be impressed. Link to comment Share on other sites More sharing options...
loki Posted May 16, 2017 Share Posted May 16, 2017 Crj, what you describe is called restoring a System Image. That's not the same as cloning. As a note, as correct terminology matters with things involving a whole disk. His description sounds like cloning to me. Don't see anything wrong with his terminology. Link to comment Share on other sites More sharing options...
loki Posted May 16, 2017 Share Posted May 16, 2017 There is some evidence that North Korea may be involved with this attack. https://arstechnica.com/security/2017/05/virulent-wcry-ransomware-worm-may-have-north-koreas-fingerprints-on-it/ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.