Bitcoin computer virus in 2018
Publish: 2021-05-03 01:36:24
1. From May 12, bitcoin blackmail computer virus broke out all over the world. At present, 16 hospitals across the UK have been attacked on a large scale, and many Chinese universities have been recruited. Hackers blackmail users for ransom by locking computer files, and only charge bitcoin
in this global computer virus incident, mobile China also received a blackmail. Fortunately, the machine that received the email was a testing machine, which did not affect us. However, it's different for college students in the graation season. The thesis is locked, which is related to graation. So in the face of this outbreak of blackmail virus, how should we deal with it and what protective measures should we take<
first of all, let's understand the characteristics of this virus
the computer virus initiated by hackers will encrypt a large number of files on the system into files with. Onion suffix. After poisoning, they are required to pay bitcoin ransom to decrypt and recover the files, causing serious losses to personal data, and anti-virus software cannot decrypt these encrypted files. But we must not listen to the hacker's so-called "give money to decrypt" saying, because hackers do not necessarily keep their promises, in addition, bitcoin is expensive, and it is also a large number for ordinary users< Secondly, we need to pay attention to the background of the virus outbreak.
according to the domestic experts, according to the network security agencies, this is a virus attack event launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers
e to the previous outbreak of worms using port 445 in China, operators have blocked port 445 for indivial users, but the ecation network has no such restriction, and there are still a large number of machines exposing port 445. According to the statistics of relevant institutions, at present, more than 5000 machines in China are attacked by NSA "eternal blue" hacker weapons every day, and the ecation network is the hardest hit area
What are the coping methods
1. Close port 445, and you can search and query by yourself
2. At present, Microsoft has released a patch ms17-010 to fix the system vulnerability of "eternal blue" attack. You can install this patch for your computer as soon as possible
as for XP, 2003 and other Microsoft machines that no longer provide security updates, microblog professionals recommend using "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being attacked by blackmail software and other viruses
in this global computer virus incident, mobile China also received a blackmail. Fortunately, the machine that received the email was a testing machine, which did not affect us. However, it's different for college students in the graation season. The thesis is locked, which is related to graation. So in the face of this outbreak of blackmail virus, how should we deal with it and what protective measures should we take<
first of all, let's understand the characteristics of this virus
the computer virus initiated by hackers will encrypt a large number of files on the system into files with. Onion suffix. After poisoning, they are required to pay bitcoin ransom to decrypt and recover the files, causing serious losses to personal data, and anti-virus software cannot decrypt these encrypted files. But we must not listen to the hacker's so-called "give money to decrypt" saying, because hackers do not necessarily keep their promises, in addition, bitcoin is expensive, and it is also a large number for ordinary users< Secondly, we need to pay attention to the background of the virus outbreak.
according to the domestic experts, according to the network security agencies, this is a virus attack event launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers
e to the previous outbreak of worms using port 445 in China, operators have blocked port 445 for indivial users, but the ecation network has no such restriction, and there are still a large number of machines exposing port 445. According to the statistics of relevant institutions, at present, more than 5000 machines in China are attacked by NSA "eternal blue" hacker weapons every day, and the ecation network is the hardest hit area
What are the coping methods
1. Close port 445, and you can search and query by yourself
2. At present, Microsoft has released a patch ms17-010 to fix the system vulnerability of "eternal blue" attack. You can install this patch for your computer as soon as possible
as for XP, 2003 and other Microsoft machines that no longer provide security updates, microblog professionals recommend using "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being attacked by blackmail software and other viruses
2.
The virus in the "bitcoin virus" incident is known as "ransomware". By encrypting the files in the victim's computer, you can't open them completely to ask for ransom. This is a virus attack launched by lawless elements by using "eternal blue" leaked from NSA hacker's weapon library. It does not need any operation of users. As long as it is turned on and connected to the Internet, lawless elements can implant blackmail software into computers and servers
What's more terrible is that this is just the beginning. Now this blackmail virus has spread to all over the world, including many colleges and universities in China. You can see many students on the Internet showing pictures of their computers being attacked. I have to say that hackers are really well intentioned, even in simplified Chinese
3. According to the network security agency, this is a virus attack launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers. This is to remind the majority of computer users: 1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible at the website of https://technet.microsoft.com/zh-cn/library/security/ms17-010; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses. The download address of immunization tool is: NSA / nsatool.exe. 2. Close ports 445, 135, 137, 138 and 139, and close network sharing. 3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email... 4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after backup. 5. It is suggested that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
4. The valuation of meituan has always been a hot topic in the instry. Meituan has forced itself to this position, giving the impression to the whole market that there are wolves in the top and tigers in the bottom. It is said that meituan has passed the hearing of the Hong Kong Stock Exchange orally. However, spinach is most interested in his valuation, which is said to be between $45 billion and $55 billion. Due to the frequent use of public comments, we pay special attention to meituan. In June this year, meituan announced its IPO in Hong Kong. It plans to raise more than $6 billion, with a valuation of more than $60 billion. Surpass Xiaomi at one stroke, and follow closely. However, just two months later, meituan has obviously lost weight.
5. You can use Tencent computer housekeeper to check and kill viruses as follows
1. First, upgrade your antivirus software and update the virus library to the latest
2. Open Tencent computer Housekeeper - virus checking and killing
3. Select lightning, overall or designated location (three kinds of checking and killing modes, according to your own needs). During the process of killing, you will scroll the process description and display the progress bar. In its traditional interface, it displays the start status of the antivirus engine in the form of icons, and displays the identification times of suspicious behaviors, the number of files scanned safely and other information
4. Wait patiently for the end of the scanning, if there is any abnormality, you can click to deal with it and clean up the virus
5, You can also choose to turn on the Tencent computer manager in safe mode, and follow the above steps for antivirus
turn off the computer, cut off the network, and select the entry mode (press the F8 key to start the computer and select the first item to enter the mode. This mode only starts the basic driver, and does not load other software. Then open your virus software and clean it up
1. First, upgrade your antivirus software and update the virus library to the latest
2. Open Tencent computer Housekeeper - virus checking and killing
3. Select lightning, overall or designated location (three kinds of checking and killing modes, according to your own needs). During the process of killing, you will scroll the process description and display the progress bar. In its traditional interface, it displays the start status of the antivirus engine in the form of icons, and displays the identification times of suspicious behaviors, the number of files scanned safely and other information
4. Wait patiently for the end of the scanning, if there is any abnormality, you can click to deal with it and clean up the virus
5, You can also choose to turn on the Tencent computer manager in safe mode, and follow the above steps for antivirus
turn off the computer, cut off the network, and select the entry mode (press the F8 key to start the computer and select the first item to enter the mode. This mode only starts the basic driver, and does not load other software. Then open your virus software and clean it up
6. It is recommended that you install and use Tencent computer housekeeper anti-virus software
Tencent computer housekeeper integrates "professional virus detection and killing, intelligent software management, and system security protection", and creates an innovative mode of "anti-virus + management"
Tencent computer manager is the first professional anti-virus software that adopts "4 + 1" core anti-virus engine in China,
using Tencent's second-generation anti-virus engine "eagle eye",
it takes less resources, and based on CPU virtual execution technology, it can eradicate stubborn viruses and greatly improve the ability of in-depth investigation and killing.
Tencent computer housekeeper integrates "professional virus detection and killing, intelligent software management, and system security protection", and creates an innovative mode of "anti-virus + management"
Tencent computer manager is the first professional anti-virus software that adopts "4 + 1" core anti-virus engine in China,
using Tencent's second-generation anti-virus engine "eagle eye",
it takes less resources, and based on CPU virtual execution technology, it can eradicate stubborn viruses and greatly improve the ability of in-depth investigation and killing.
7. The method is as follows
Hot content