Windows bitcoin blackmail worm
Publish: 2021-04-25 12:11:15
1. Wannacry (also known as wanna decryptor), a kind of "worm like" blackmail virus software, with a size of 3.3mb, is spread by criminals using the dangerous vulnerability "eternal blue" leaked by NSA (National Security Agency)
the malware will scan the TCP 445 port (server message block / SMB) on the computer, spread in a worm like way, attack the host and encrypt the files stored on the host, and then ask for ransom in the form of bitcoin. The amount of extortion ranged from $300 to $600
on May 14, 2017, a variant of wannacry blackmail virus appeared: wannacry 2.0, which cancelled the kill switch and spread faster. As of May 15, 2017, wannacry has caused cyber attacks in at least 150 countries, which has affected the financial, energy, medical and other instries, causing serious crisis management problems. Some windows operating system users in China are infected. Campus network users bear the brunt of the infection. A large number of laboratory data and graation projects are locked and encrypted.
the malware will scan the TCP 445 port (server message block / SMB) on the computer, spread in a worm like way, attack the host and encrypt the files stored on the host, and then ask for ransom in the form of bitcoin. The amount of extortion ranged from $300 to $600
on May 14, 2017, a variant of wannacry blackmail virus appeared: wannacry 2.0, which cancelled the kill switch and spread faster. As of May 15, 2017, wannacry has caused cyber attacks in at least 150 countries, which has affected the financial, energy, medical and other instries, causing serious crisis management problems. Some windows operating system users in China are infected. Campus network users bear the brunt of the infection. A large number of laboratory data and graation projects are locked and encrypted.
2. "CTB Locker" virus is mainly spread through email attachments. Due to the high amount of extortion, this kind of Trojan horse is put accurately, aiming at "rich people", and spread through large enterprise mailbox, senior restaurant official website, etc. Please update the latest version of 360 security guard in time, and find "NSA Arsenal immunity tool" in it, which has good protection effect
3. Bitcoin is still very hot, but most countries do not recognize the status and value of bitcoin. So it's hard to determine what the future of bitcoin will be. After all, the market value is a number
if it is not officially recognized by the world, mining is a waste of energy.
if it is not officially recognized by the world, mining is a waste of energy.
4. No, the old generation of procts will be reced, the new proct is still so expensive, this is the replacement. Because it costs money to go on a new proction line, all of which should be included in the proct price
5. Petya blackmail virus is a new type of blackmail virus, which does great harm
you only need to install a computer housekeeper and fix all system vulnerabilities in time.
you can be immune to Petya blackmail virus attacks by not clicking suspicious attachments ring the Internet access
you only need to install a computer housekeeper and fix all system vulnerabilities in time.
you can be immune to Petya blackmail virus attacks by not clicking suspicious attachments ring the Internet access
6.
In the evening of May 12, the wanna cry worm virus broke out in more than 74 countries around the world. At least 45000 machines have been infected. The network system of some colleges and universities in China has become a disaster area, and the network payment system of PetroChina gas station has also been affected
it is reported that the virus can spread rapidly in the local area network by taking advantage of the vulnerability of port 445 of windows system, but large local area networks such as schools have not done similar prevention, so it has become the target of attack
{rrrrrrr}
therefore, it is not recommended that the victim pay ransom to the hacker, because even if you pay, the hacker may not know which computer you have
it is worth mentioning that the outbreak of bitcoin blackmail virus has pushed bitcoin to the top of the wave again. "Bitcoin virus" has become a hot search keyword, and many bitcoin insiders have expressed their concerns about bitcoin's "stigmatization"“ Good tools should not be blamed because they are used by bad people. " A person in the bitcoin instry said, "bitcoin is bitcoin, virus is virus, injustice has a head, debt has owner, so it is unnecessary to have hostility to bitcoin."
now, the most important thing is that victims should install the patch released by Microsoft as soon as possible to prevent strange mail, and important files should be backed up to the cloud platform and local offline hard disk
7. Hello, this kind of virus is not easy to handle. It is recommended that the computer install the latest security patch. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible at the website of https://technet.microsoft.com/zh-cn/library/security/ms17-010; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immune tool" to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses. Download address: http://dl.360safe.com/nsa/nsatool.exe
then close ports 445, 135, 137, 138 and 139 to turn off network sharing. So it's safe.
then close ports 445, 135, 137, 138 and 139 to turn off network sharing. So it's safe.
8. In recent days, massive blackmail worm attacks have rapidly spread to more than 100 countries and regions around the world. The virus locks user data and computer files until the user pays a ransom of $300-600 worth of bitcoin. It is unprecedented for hackers to blackmail global computer users on such a large scale, which can be regarded as a threat to the whole world
specific behaviors and prevention methods
today we will have a deep understanding of what kind of virus this virus is, how it spreads, and why it causes such serious consequences<
the virus originated from the network weapon library leaked by the US National Security Agency (NSA) in the early stage
the "wannacry" virus spreading all over the world belongs to the worm type blackmail software, which actively infects the victims by using the windows vulnerability (known as "eternal blue") numbered ms17-010. Previously, the US National Security Agency (NSA) controlled almost all the banks and financial institutions in the Middle East through the "eternal blue" weapon
because this vulnerability information was leaked and exploited by hackers, it led to this global virus spreading event<
extortion worm virus broke out three times in four days, variant
version 0.1: hackers spread through network weapons, blackmail users, no worm function
version 1.0: worm function, large-scale spread, main spread from May 12 to May 14
version 2.0: blackmail virus, replacing and canceling the "suicide switch". The so-called "suicide switch" is a "switch" set by virus authors in order to prevent the outbreak of worms out of control. If a specific domain name is registered, it will not continue to be infected. On May 14, version 2.0 changed the switch domain name and was soon registered. On May 14, the second variant of blackmail virus 2.0 cancelled the suicide switch and continued to spread
regarding the current spread of the virus, sun Xiaojun, the person in charge of 360 security procts, said: from the perspective of indivial users, the infection rate of blackmail worm has slowed down. Among the 500 million users of 360 security guard, the vast majority of users repaired the vulnerability in March and were not affected. About 200000 users who did not patch their computers were attacked by viruses and almost all of them were intercepted
what lessons should we learn from the rampant blackmail worm incident
network security experts say: this virus exploits a vulnerability of Microsoft, which Microsoft has released a patch in March this year to fix. But some of our users are not in the habit of patching and did not fix the vulnerability in time, which led to the computer being attacked
the blackmail virus attack has once again sounded the alarm of network security. The rapid development of Internet and other information technology has brought great benefits to people, but also unprecedented network security challenges
it is suggested that we should pay attention to network security issues, install security protection software in time, upgrade security patches of operating system and various applications in time, set high security password and change it regularly, do not download and install application software with unknown origin, and take backup measures for particularly important data.
specific behaviors and prevention methods
today we will have a deep understanding of what kind of virus this virus is, how it spreads, and why it causes such serious consequences<
the virus originated from the network weapon library leaked by the US National Security Agency (NSA) in the early stage
the "wannacry" virus spreading all over the world belongs to the worm type blackmail software, which actively infects the victims by using the windows vulnerability (known as "eternal blue") numbered ms17-010. Previously, the US National Security Agency (NSA) controlled almost all the banks and financial institutions in the Middle East through the "eternal blue" weapon
because this vulnerability information was leaked and exploited by hackers, it led to this global virus spreading event<
extortion worm virus broke out three times in four days, variant
version 0.1: hackers spread through network weapons, blackmail users, no worm function
version 1.0: worm function, large-scale spread, main spread from May 12 to May 14
version 2.0: blackmail virus, replacing and canceling the "suicide switch". The so-called "suicide switch" is a "switch" set by virus authors in order to prevent the outbreak of worms out of control. If a specific domain name is registered, it will not continue to be infected. On May 14, version 2.0 changed the switch domain name and was soon registered. On May 14, the second variant of blackmail virus 2.0 cancelled the suicide switch and continued to spread
regarding the current spread of the virus, sun Xiaojun, the person in charge of 360 security procts, said: from the perspective of indivial users, the infection rate of blackmail worm has slowed down. Among the 500 million users of 360 security guard, the vast majority of users repaired the vulnerability in March and were not affected. About 200000 users who did not patch their computers were attacked by viruses and almost all of them were intercepted
what lessons should we learn from the rampant blackmail worm incident
network security experts say: this virus exploits a vulnerability of Microsoft, which Microsoft has released a patch in March this year to fix. But some of our users are not in the habit of patching and did not fix the vulnerability in time, which led to the computer being attacked
the blackmail virus attack has once again sounded the alarm of network security. The rapid development of Internet and other information technology has brought great benefits to people, but also unprecedented network security challenges
it is suggested that we should pay attention to network security issues, install security protection software in time, upgrade security patches of operating system and various applications in time, set high security password and change it regularly, do not download and install application software with unknown origin, and take backup measures for particularly important data.
9. Wannacry (also known as wanna decryptor), a 3.3mb "worm like" blackmail virus software, is spread by criminals by using the dangerous vulnerability "eternal blue" leaked by NSA (National Security Agency).
the malicious software will scan the TCP 445 port (server message block / SMB) on the computer, Spread in a worm like way, attack the host and encrypt the files stored on the host, and then ask for ransom in the form of bitcoin. The amount of extortion ranged from $300 to $600.
the malicious software will scan the TCP 445 port (server message block / SMB) on the computer, Spread in a worm like way, attack the host and encrypt the files stored on the host, and then ask for ransom in the form of bitcoin. The amount of extortion ranged from $300 to $600.
Hot content