Did Ransomware made you CRY using “WannaCry”? See what to do and additional Prevention Advice.

Ongoing Coverage about Ransomware attack (WanaCrypt0r, WannaCry, Wana Decrypt0r)

Before diving into Details about this topic I would like to point out the Important steps to Secure your Computer first. So that you can go ahead and secure your computer before getting infected by Ransomware. And if your computer or any device is already infected then you can skip this process and continue reading for further instructions.

1. Disable smb v1 (SMB Stands for Server Message Block). Don’t know how to disable? Click here.

2. Install Microsoft Security Patches. Not sure where to find? Click here. (For Older Operating Systems such as Windows XP, Windows 8, and Windows Server 2003 Click here.)

3. Take Backup – The recommended way includes 2 copies. One for Cloud & other Physically(External Hard Disk). Once backup is done disconnect/logoff these 2 copies from your computer.

4. Install Antivirus – If you have one then make sure the “heuristic functions” of the antivirus is turned ON and if you don’t have any, then download the trial version at-least to avoid the infection.

5. Update all softwares including OS – Make sure that all of the softwares in your computer is up to date, check if their is any latest release for all the softwares, if it is there, then install it.

6. Turn on the “Show file extensions” option in your computer – Don’t know how to do? Click here.  Turning ON the “Show File Extensions” will help you to spot Potentially Malicious Files easily. Keep an Spy Eye on Extensions such as ‘.exe’, ‘.vbs’, ‘.scr’, etc. However, there are several other extensions as well which they can use. So just be cautious.

7. Keep an Hawk’s eye on each operation going on in your computer. Do not trust anyone as any email or account can be compromised. Be cautious on everywhere, Social
Media, Online Forum, Online Gaming Partners, etc. Open attachments only from reliable sources and when you know exactly what is the attachment.

8. DISCONNECT YOUR COMPUTER OR ANY DEVICES from the Internet when you discover any unusual activity or rogue unknown process in your computer.

Now, if your computer is already infected by any Ransomware, then first of all Don’t pay Ransom.

Even if you pay to Ransomware, there is No Guarantee that you’ll get back your data from them. Hence, check out these instructions:

You may contact your local IT Support Services regarding this, instead of paying Ransom, which may help you to recover your files.

You can also contact No More Ransom! Organization to get more additional help and Report your concern. Visit their website here.

What is Ransomware?

In plain words, Ransomware is a malicious piece of software which allows hacker to get into any computer or any device enabling them to encrypt & lock all the files, then demands payments to decrypt/unlock them.

The Ransomware known as by these names Wannacry, WanaCrypt0r, Wana Decrypt0r 2.0 has already infected about 200,000 Victims in 150 Countries is a self-spreading mechanism derived from an NSA exploit leaked by Shadow Brokers. This exploit can be mitigated by installing these Microsoft Security patches.
Microsoft has also released an update for older operating systems such as Windows XP, Windows 8, and Windows Server 2003. The update can be downloaded from here.

How this Ransomware got killed?

Malware Tech, awarded as a “Hero of the day” discovered that the self-spreading WannaCry Ransomware was making a pre-infection check to a domain located at iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com.

The Ransomware starts encrypting the files, if the domain was unregistered. So, malwaretech registered the domain for about 10 euro thinking this might stop the process of Encryption Initialization and luckily/accidentally it stopped the infection process. MalwareTech had accidentally triggered a worldwide kill-switch for the ransomware’s self spreading feature.

 

Check out BleepingComputer’s ongoing Coverage about this Ransomware attack(WanaCrypt0r, WannaCry, Wana Decrypt0r)

12th May 2017 – Telefonica Tells Employees to Shut Down their Computers Amid Massive Ransomware Outbreak

12th May 2017 – Wana Decryptor Ransomware Using NSA Exploit Leaked by Shadow Brokers Is on a Rampage

12th May 2017 – WannaCry / Wana Decryptor / WanaCrypt0r Info & Technical Nose Dive

13th May 2017 – Wana Decryptor Ransomware Outbreak Temporarily Stopped By “Accidental Hero”

13th May 2017 – Microsoft Releases Patch for Older Windows Versions to Protect Against Wana Decryptor

14th May 2017 – Honeypot Server Gets Infected with WannaCry Ransomware 6 Times in 90 Minutes

14th May 2017 – Microsoft Exec Blames WannaCry Ransomware on NSA Vulnerability Hoarding Program

15th May 2017 – With the Success of WannaCry, Imitations are Quickly In Development

15th May 2017 – WannaCry Ransomware Version With Second Kill Switch Detected and Shut Down

15th May 2017 – Someone Created a WannaCry Version That Doesn’t Use a Kill Switch

You will be happy to know that how this Ransomware Outbreak Temporarily Stopped by the “Accidental HeroMalwareTech. Read in detail here, how they stopped this Ransomware by just Registering one domain for $10.69 and used it as a KILL SWITCH.

Do you know who is the Guy who Saved the World from this Ransomware Attack?

He is a 22 Year Old British Cyber Security Researcher who found this Kill Switch from a Small Bedroom at his Parent’s House. His name is Marcus Hutchins. Check our more about him at Business Insider.

Checkout this WannaCrypt Map :

Leave a Reply

Your email address will not be published. Required fields are marked *