Recently, a very large scale network attack with about 75,000 computers has been infected in 99 countries by a known ransom ware blackmailer known as WannaCry. What is this and how to prevent it please follow the following article.
What is Ransom ware WannaCry?
WannaCry is a malicious program that infiltrates a device, a user's computer, or a computer in an enterprise system that automatically encrypts a wide range of files in targeted formats such as text documents and images. Individual and business users will pay a small amount of money if they want to retrieve the data.
Regarding the way to infect, WannaCry finds vulnerabilities and infects them within the organization by exploiting a vulnerability disclosed by the NSA tool that was stolen by a hacker group, The Shadow Brokers. This blackmail is primarily exploited by the SMB protocol flaw in which individual organizations have not patched the vulnerability in time, focusing on Win2k8 R2 and Win XP.
The screenshot of computer of The National Health Service (NHS) as a blackmail of $ 300 in Bitcoin money
This type of attack is different from the traditional computer worm, which programs itself to clone itself into the computer system and trick users into clicking malicious links.
It is estimated that this cyberattack affects around 99 countries, including the United Kingdom, the United States, China, Russia, Spain, Italy, Taiwan (China), Vietnam and Many other countries. According to Intel experts, the flaw has been reported in Hanoi and Ho Chi Minh City, and may be spreading across the country.
Until May 13, according to TheHacker News, the largest malicious code ever , has successfully infected more than 200,000 Windows-based PCs in at least 99 countries. Only within the first few hours of releasing, the amount hackers behind WannaCry took was about $ 30,000.
Without a break, a more sophisticated upgrade version of WannaCry 2.0 has been released by hackers and continues to infect hundreds of thousands of computers worldwide.
How to check the level of infection WannaCry virus
You can click on this link
How to launch WannaCry antivirus
According to the CMC INFOSEC experts, hackers will see more new WannaCry variants as well as more sophisticated malicious code.
Therefore, the urgent task for now is to temporarily disable SMB and continually update the patches with the Windows operating system, especially with the server. In addition, users still need to prevent from opening of strange emails and unknown source.
Businesses and users can download Microsoft's hotfix, for bugs in the SMB protocol; also versions are no longer supported, including Windows XP, Vista, Windows8, Server2003, and 2008.
Besides, you need to regularly back up your data and have backup options for your data; prevent strange links, which for best enterprises should have a private machine to remote staff when they suspect unsafe mail. For individual users always install antivirus software on mobile and computer, especially specialized software for malicious code data encryption.
by ThaoNTX