Big picture of bitcoin blackmail virus
Publish: 2021-04-26 06:33:47
1. Wannacry (also known as wanna decryptor), a kind of "worm like" blackmail virus software, with a size of 3.3mb, is spread by criminals using the dangerous vulnerability "eternal blue" leaked by NSA (National Security Agency)
the malware will scan the TCP 445 port (server message block / SMB) on the computer, spread in a worm like way, attack the host and encrypt the files stored on the host, and then ask for ransom in the form of bitcoin. The amount of extortion ranged from $300 to $600
on May 14, 2017, a variant of wannacry blackmail virus appeared: wannacry 2.0, which cancelled the kill switch and spread faster. As of May 15, 2017, wannacry has caused cyber attacks in at least 150 countries, which has affected the financial, energy, medical and other instries, causing serious crisis management problems. Some windows operating system users in China are infected. Campus network users bear the brunt of the infection. A large number of laboratory data and graation projects are locked and encrypted.
the malware will scan the TCP 445 port (server message block / SMB) on the computer, spread in a worm like way, attack the host and encrypt the files stored on the host, and then ask for ransom in the form of bitcoin. The amount of extortion ranged from $300 to $600
on May 14, 2017, a variant of wannacry blackmail virus appeared: wannacry 2.0, which cancelled the kill switch and spread faster. As of May 15, 2017, wannacry has caused cyber attacks in at least 150 countries, which has affected the financial, energy, medical and other instries, causing serious crisis management problems. Some windows operating system users in China are infected. Campus network users bear the brunt of the infection. A large number of laboratory data and graation projects are locked and encrypted.
2. In short, blackmail virus is a computer virus that uses Windows system vulnerability to maliciously encrypt user files and then extort money < / UL >
{rrrrrrr}
10
(3) in view of the current technical means, if blackmail virus can not be solved, it can only be completely formatted, Then, the system is reinstalled and the system vulnerability patch is made to prevent the secondary poisoning
3.
Once the computer is infected with this bitcoin blackmail virus, all the file data on the computer will be forcibly encrypted. If it is not delivered in the form of bitcoin to the virus maker & lt; Ransom;, Then these files can't be decrypted and retrieved. Even if the ransom is paid this time, they may be decrypted next time; Patronize & quot& mdash;& mdash; That is to say, this virus is very important to & lt; Pay attention to data & quot; It's hard to estimate the harm that can be caused by the users, especially the enterprise users
How to avoid the harm of bitcoin blackmail virus< p> As soon as bitcoin blackmail virus came into being, it immediately caused an uproar around the world. Major network security organizations and well-known anti-virus software began to pay attention to this problemthere is a lot about & lt; Manually set the firewall to close the sensitive port of the computer, so as to resist the bitcoin blackmail virus; But this kind of method is more suitable for those who know computer better; Non white people;, For example, for a third rate programmer like me, this method is more suitable for me. I can't even use antivirus software
but for the general public, it may be necessary to deal with it in a simpler way
it has been several years since the advent of bitcoin extortion virus. In order to help users' computers fight against bitcoin extortion virus attacks, many anti-virus software have certain defense mechanisms. For example, 360 launched a & lt; Anti blackmail service;, If your data is encrypted by bitcoin extortion virus when 360 is installed on your computer, 360 will compensate for your ransom and recover your data
users who don't know how to use computers can choose to install anti-virus software to defend you against such viruses, but it depends on their hobbies to choose which one
4. What is blackmail virus< Different from other similar blackmail viruses, wannacry virus is a kind of worm that can infect other computers automatically and spread rapidly e to chain reaction
2. This kind of blackmail virus mainly infects windows system. It will use encryption technology to lock files, forbid users to access, and blackmail users
3. The attacker claimed that he could only unlock the file after asking for more than $300 worth of bitcoin. In fact, even if the ransom is paid, it may not be able to unlock the file
Why are they infected
once the blackmail worm attacks a user machine that can connect to the public network, it will scan the IP of the intranet and the public network. If the scanned IP has opened port 445, it will use the "enternal blue" vulnerability to install the back door. Once the backdoor is executed, a blackmailer virus named wana crypt0r will be released to encrypt all documents and files on the user's machine for blackmail
why use bitcoin
bitcoin is a kind of point-to-point network payment system and virtual pricing tool, commonly known as digital currency. Bitcoin is popular among cyber criminals because it is decentralized, unregulated and almost untraceable< Background of transmission and infection
this round of blackmailer worm virus mainly includes two family variants onion and wncry, which first broke out in Britain, Russia and other countries, and many enterprises and medical institutions were recruited in the system, resulting in heavy losses
global monitoring of security agencies has found that as many as 74 countries have suffered this blackmailer worm attack
since May 12, the spread of infection in China has also begun to increase sharply, and the outbreak has been intensified in many universities and enterprises
wannacry blackmail virus prevention method:
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
2. This kind of blackmail virus mainly infects windows system. It will use encryption technology to lock files, forbid users to access, and blackmail users
3. The attacker claimed that he could only unlock the file after asking for more than $300 worth of bitcoin. In fact, even if the ransom is paid, it may not be able to unlock the file
Why are they infected
once the blackmail worm attacks a user machine that can connect to the public network, it will scan the IP of the intranet and the public network. If the scanned IP has opened port 445, it will use the "enternal blue" vulnerability to install the back door. Once the backdoor is executed, a blackmailer virus named wana crypt0r will be released to encrypt all documents and files on the user's machine for blackmail
why use bitcoin
bitcoin is a kind of point-to-point network payment system and virtual pricing tool, commonly known as digital currency. Bitcoin is popular among cyber criminals because it is decentralized, unregulated and almost untraceable< Background of transmission and infection
this round of blackmailer worm virus mainly includes two family variants onion and wncry, which first broke out in Britain, Russia and other countries, and many enterprises and medical institutions were recruited in the system, resulting in heavy losses
global monitoring of security agencies has found that as many as 74 countries have suffered this blackmailer worm attack
since May 12, the spread of infection in China has also begun to increase sharply, and the outbreak has been intensified in many universities and enterprises
wannacry blackmail virus prevention method:
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
5. blockchain technology is best known in the financial sector: its origins are integrated with cryptocurrencies that rely on blockchain transparency and unparalleled security to accelerate their success. In essence, through a decentralized distributed digital ledger, the blockchain can record any valuable transaction in the whole computer system, so that no record can be changed quietly without the consensus of the whole computer system
in the financial field, blockchain has been explored and actively used for financial transactions and even contract management. For the supply chain, the benefits are not limited to just keeping accurate records: the blockchain fundamentally reces the time spent on paperwork and authorization. At present, most of the proct or material delivery delays are e to these two points. However, in the blockchain, it does not take time to verify the previous records, only a digital signature is needed to ensure the accuracy and authenticity of digital paper records< At present, consumers have to rely on certificates to verify the authenticity of gemstones. A piece of paper can be easily changed. When many diamond owners value their diamonds with the intention of selling them, they will find that their perfect diamonds are only a little more valuable than glass or smaller diamonds
with the application of blockchain, diamonds can be used as raw stones for unique barcode coding when they are just mined from the vegetable market. While maintaining the integrity of their information, changes made and records handled, they can circulate in the whole supply chain. Throughout the supply chain, authenticity can be verified and there are no unauthorized changes, so the end buyer can track the origin of the diamond (in fact, any other material used to make the final proct) and its entire circulation
similarly, through the blockchain, we can trace the origin, service and ownership history of used cars, so as to rece service fraud (such as the place where the odometer is recalibrated) and the number of stolen vehicles in circulation, and also hope that these instries will be completely terminated
transparency and security
Security and transparency are not usually terms that go hand in hand, but they do on blockchains. As mentioned above, the security of blockchain does not allow any form of unauthorized changes and ensures the authenticity of data. By storing the same "block" information that needs to be collectively approved on its network, the blockchain can not be controlled by any single entity, and there will be no single point of failure, which makes it the most secure platform so far
blockchain can provide transparency, however, its programming mode only allows authorized entities to access information related to their specific interests. For example, buyers may be able to view transaction history, but will be denied access to sensitive or personal information, such as addresses
from a compliance perspective, this helps to ensure that all parties comply with laws, such as the EU's general data protection regulation (gdpr) and South Africa's Personal Information Protection Act (Popi), while still being able to share or access information related to their own parts of the supply chain
there are many application examples of blockchain technology, and supply chain is one of them. However, e to the complexity and number of parties involved in the supply chain, blockchain is considered to be the perfect solution to all the challenges so far, including security, delay and authenticity.
in the financial field, blockchain has been explored and actively used for financial transactions and even contract management. For the supply chain, the benefits are not limited to just keeping accurate records: the blockchain fundamentally reces the time spent on paperwork and authorization. At present, most of the proct or material delivery delays are e to these two points. However, in the blockchain, it does not take time to verify the previous records, only a digital signature is needed to ensure the accuracy and authenticity of digital paper records< At present, consumers have to rely on certificates to verify the authenticity of gemstones. A piece of paper can be easily changed. When many diamond owners value their diamonds with the intention of selling them, they will find that their perfect diamonds are only a little more valuable than glass or smaller diamonds
with the application of blockchain, diamonds can be used as raw stones for unique barcode coding when they are just mined from the vegetable market. While maintaining the integrity of their information, changes made and records handled, they can circulate in the whole supply chain. Throughout the supply chain, authenticity can be verified and there are no unauthorized changes, so the end buyer can track the origin of the diamond (in fact, any other material used to make the final proct) and its entire circulation
similarly, through the blockchain, we can trace the origin, service and ownership history of used cars, so as to rece service fraud (such as the place where the odometer is recalibrated) and the number of stolen vehicles in circulation, and also hope that these instries will be completely terminated
transparency and security
Security and transparency are not usually terms that go hand in hand, but they do on blockchains. As mentioned above, the security of blockchain does not allow any form of unauthorized changes and ensures the authenticity of data. By storing the same "block" information that needs to be collectively approved on its network, the blockchain can not be controlled by any single entity, and there will be no single point of failure, which makes it the most secure platform so far
blockchain can provide transparency, however, its programming mode only allows authorized entities to access information related to their specific interests. For example, buyers may be able to view transaction history, but will be denied access to sensitive or personal information, such as addresses
from a compliance perspective, this helps to ensure that all parties comply with laws, such as the EU's general data protection regulation (gdpr) and South Africa's Personal Information Protection Act (Popi), while still being able to share or access information related to their own parts of the supply chain
there are many application examples of blockchain technology, and supply chain is one of them. However, e to the complexity and number of parties involved in the supply chain, blockchain is considered to be the perfect solution to all the challenges so far, including security, delay and authenticity.
6. Petya blackmail virus is a new type of blackmail virus, which does great harm
you only need to install a computer housekeeper and fix all system vulnerabilities in time.
you can be immune to Petya blackmail virus attacks by not clicking suspicious attachments ring the Internet access
you only need to install a computer housekeeper and fix all system vulnerabilities in time.
you can be immune to Petya blackmail virus attacks by not clicking suspicious attachments ring the Internet access
7. 1. You can install a computer manager on your computer, and then open the toolbox to find the document Guardian
3. Through this function, there is a file recovery function to recover the files deleted or encrypted by blackmail virus
3. Through this function, there is a file recovery function to recover the files deleted or encrypted by blackmail virus
8. 1. Don't give money. Even if you hand it in, you may not be able to recover the data
2. 3. Install anti extortion protection tools, do not visit the website, do not open suspicious mail and files
4. Turn off the computer, including TCP and UDP protocol ports 135 and 445. Pay special attention to win7 system, do not use campus network, nor CMCC
5. If you still can't understand it, cut off the network
[how to prevent bitcoin blackmailer virus] some suggestions on Security:
backup important personal data. Pay attention to personal computer security maintenance, regularly update system patches, safe and reliable antivirus software.
2. 3. Install anti extortion protection tools, do not visit the website, do not open suspicious mail and files
4. Turn off the computer, including TCP and UDP protocol ports 135 and 445. Pay special attention to win7 system, do not use campus network, nor CMCC
5. If you still can't understand it, cut off the network
[how to prevent bitcoin blackmailer virus] some suggestions on Security:
backup important personal data. Pay attention to personal computer security maintenance, regularly update system patches, safe and reliable antivirus software.
9. Bitcoin virus is a virus spread by using Microsoft Windows "eternal blue" vulnerability for the purpose of extorting bitcoin. The most important thing is to prevent the virus if there is no virus. We can take measures such as closing port 445, patching windows, installing immune tools, and killing the virus with anti-virus software; The most important thing is to recover the encrypted files. I personally tested the data recovery software to be effective, and released the video of recovering the infected data. You can watch it in Youku search "recover the files encrypted by wannacry blackmailer virus". Although the file encryption has no key and can't be recovered by any algorithm, the source files deleted by the virus in the disk can be recovered, It is suggested to use master Tu's data recovery software for recovery. The official provides a free registration code for the students who are recruited by blackmail virus: tudrzyujt5h8cbwt5wlz, hoping to help more people
Hot content