Bitcoin virus law
Yesterday, I went to the electronic reading room. Not long after I plugged in the USB flash drive, the teacher suddenly asked everyone to unplug the USB flash drive. Some students found that all the files in the USB flash drive could not be opened, and there were two more documents asking for money
so everyone rushed to check, as long as the U disk inserted in the school computer were poisoned, large-scale computer poisoning occurred in the evening
a lot of people's information and graation thesis are in the computer. I really feel that hacker's behavior is disgusting. For the sake of money, regardless of the future of students, teachers' lifelong scientific research achievements...
hope to catch criminals as soon as possible and give them severe punishment by law
this virus will scan windows devices with open 445 file sharing port. As long as the user's device is on the Internet, hackers can implant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers
some security researchers point out that this large-scale network attack seems to be deployed through a worm application, and wannacry can spread among computers. What's more terrible is that unlike most malicious programs, this program can replicate and spread on its own in the network, and most of the current viruses still need to rely on the successful users to spread by cheating them to click the attachment with the attack code
the attack has affected 99 countries and as many as 75000 computers, but because the virus uses anonymous network and bitcoin anonymous transaction to obtain ransom, it is very difficult to track and locate the originator of the virus
The virus in the "bitcoin virus" incident is known as "ransomware". By encrypting the files in the victim's computer, you can't open them completely to ask for ransom. This is a virus attack launched by lawless elements by using "eternal blue" leaked from NSA hacker's weapon library. It does not need any operation of users. As long as it is turned on and connected to the Internet, lawless elements can implant blackmail software into computers and servers
What's more terrible is that this is just the beginning. Now this blackmail virus has spread to all over the world, including many colleges and universities in China. You can see many students on the Internet showing pictures of their computers being attacked. I have to say that hackers are really well intentioned, even in simplified Chinese
In my opinion, I don't know if it's right. We still need criticism and correction. I don't think this virus has anything to do with which way you use to access the Internet, and it also has nothing to do with which kind of computer (PC or laptop) you use. He mainly aims at some loopholes in the Current Windows operating system. We all know that when a software is downloaded, it must have the highest administrator authority to install the software on this computer. This should be a security policy of the computer operating system. However, there are loopholes in everything, and the operating system is no exception. For example, this virus outbreak, in fact, the patch was released as early as March, but many users didn't pay attention to it and didn't fix it. So, now as long as you are connected to the network, and the system vulnerability is not repaired in time, you can scan the port, use the vulnerability of a port, directly install the encryption software (virus) to your computer in the background, and encrypt your important files, so as to achieve the purpose of blackmail. So it's better not to turn off the self-renewal function of windows for convenience. At the same time, it's also recommended to turn off some ports that are not often used but are very dangerous, such as 445, 135, 137, 138 and 139—— Finally, WiFi is just a way to access the Internet. It can also spread viruses. So, quickly update and patch it .... There is also a video here. I think it's very good, but I don't know if I can watch it http://weibo.com/tv/v/?fid=1034 :
wannacry blackmail virus prevention method:
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.