1btc blackmail virus
the malware will scan the TCP 445 port (server message block / SMB) on the computer, spread in a worm like way, attack the host and encrypt the files stored on the host, and then ask for ransom in the form of bitcoin. The amount of extortion ranged from $300 to $600
on May 14, 2017, a variant of wannacry blackmail virus appeared: wannacry 2.0, which cancelled the kill switch and spread faster. As of May 15, 2017, wannacry has caused cyber attacks in at least 150 countries, which has affected the financial, energy, medical and other instries, causing serious crisis management problems. Some windows operating system users in China are infected. Campus network users bear the brunt of the infection. A large number of laboratory data and graation projects are locked and encrypted.
{rrrrrrr}
10
(3) in view of the current technical means, if blackmail virus can not be solved, it can only be completely formatted, Then, the system is reinstalled and the system vulnerability patch is made to prevent the secondary poisoning
Once the computer is infected with this bitcoin blackmail virus, all the file data on the computer will be forcibly encrypted. If it is not delivered in the form of bitcoin to the virus maker & lt; Ransom;, Then these files can't be decrypted and retrieved. Even if the ransom is paid this time, they may be decrypted next time; Patronize & quot& mdash;& mdash; That is to say, this virus is very important to & lt; Pay attention to data & quot; It's hard to estimate the harm that can be caused by the users, especially the enterprise users
How to avoid the harm of bitcoin blackmail virus< p> As soon as bitcoin blackmail virus came into being, it immediately caused an uproar around the world. Major network security organizations and well-known anti-virus software began to pay attention to this problemthere is a lot about & lt; Manually set the firewall to close the sensitive port of the computer, so as to resist the bitcoin blackmail virus; But this kind of method is more suitable for those who know computer better; Non white people;, For example, for a third rate programmer like me, this method is more suitable for me. I can't even use antivirus software
but for the general public, it may be necessary to deal with it in a simpler way
it has been several years since the advent of bitcoin extortion virus. In order to help users' computers fight against bitcoin extortion virus attacks, many anti-virus software have certain defense mechanisms. For example, 360 launched a & lt; Anti blackmail service;, If your data is encrypted by bitcoin extortion virus when 360 is installed on your computer, 360 will compensate for your ransom and recover your data
users who don't know how to use computers can choose to install anti-virus software to defend you against such viruses, but it depends on their hobbies to choose which one
you only need to install a computer housekeeper and fix all system vulnerabilities in time.
you can be immune to Petya blackmail virus attacks by not clicking suspicious attachments ring the Internet access
1. If the card withdraws money from overseas ATMs through UnionPay channel and opens the overseas withdrawal function, it can withdraw money from overseas ATMs in local currency; The way to open the overseas withdrawal / POS consumption function of UnionPay: you log in to the professional version and click the horizontal menu "one card → account management → limit management - ATM, POS limit"; Take the card to the counter to apply, swipe the card to check the secret, you can do it on your behalf, no need to show your certificate; Through the visual counter application, swipe the card to verify the secret, need to handle in person
2. The withdrawal limit of all-in-one card in overseas ATM (including Hong Kong, Macao and Taiwan): the daily accumulative withdrawal of single card is less than or equal to 10000 yuan RMB; Since January 1, 2018, the accumulated withdrawal amount of all domestic bank cards under each person's name each year (the amount is shared by all banks' debit cards, credit cards and subsidiary cards) is equivalent to RMB 100000
warm tips
I. for overseas withdrawal of international debit card, the limits of international organizations and UnionPay are calculated separately (that is, UnionPay and international organizations with the same bank card overseas on the same day can withdraw the equivalent of RMB 10000), but the withdrawal limit will be included in the annual total amount of RMB 100000
II. If the annual limit is exceeded, the function of withdrawing cash abroad with domestic bank card will be suspended in this year and the following year
3. All in one card overseas withdrawal service charge: UnionPay ATM withdrawal: 5 ‰ of the withdrawal amount, with a minimum of 10 yuan / transaction
warm tips
I. The local currency is taken out
II. For overseas withdrawal, no matter the account level, there is no discount
III. The local acceptance agency may charge additional fees. You can check the fee instructions posted beside the withdrawal device, or the device will prompt you of the fees that may be incurred in completing the transaction when withdrawing money
4. Rules for conversion of debit card overseas withdrawal / consumption exchange rate: UnionPay route: convert it into RMB for settlement (clearing currency: RMB) according to the exchange rate specified by UnionPay on that day; Please contact UnionPay for exchange rate
5. Our UnionPay savings card is generally recommended to be used overseas, because there is no service charge for the consumption of UnionPay savings card at overseas POS (if the customer consumes abroad, it is limited not only by the limit set by himself, but also by the type of merchant the customer consumes). Thank you for your attention and support
(response time: January 3, 2020, please refer to the official website of China Merchants Bank for the latest business changes.)
2. 3. Install anti extortion protection tools, do not visit the website, do not open suspicious mail and files
4. Turn off the computer, including TCP and UDP protocol ports 135 and 445. Pay special attention to win7 system, do not use campus network, nor CMCC
5. If you still can't understand it, cut off the network
[how to prevent bitcoin blackmailer virus] some suggestions on Security:
backup important personal data. Pay attention to personal computer security maintenance, regularly update system patches, safe and reliable antivirus software.
1. Don't open strangers or unknown e-mails to prevent attacks through e-mail attachments
2. Try not to click the office macro running prompt to avoid virus infection from office components
3. Download the required software from the official website, do not double-click to open. JS,. VBS and other suffix files
4. Upgrade NGAF to the latest anti-virus and other security features library
5. Upgrade the anti-virus software to the latest anti-virus library to prevent the attack of existing virus samples
6. Regularly back up important data and files in different places, and recover them in case of virus< According to the characteristics of the blackmail virus, we can judge that its variants can usually hide features, but can not hide its key behavior. After summarizing, the behavior of the blackmail virus in the process of running mainly includes the following aspects:
1. HTTP request through script file; 2
2. Download files through script files
3. Read remote server files
4. Collect computer information
5. Traverse the file
6. Call the encryption algorithm library.
so there's no way
hope to adopt~