Eternal Blue virus asks for bitcoin
okcoin reminds users that the current domestic bitcoin trading platform does not support extracting bitcoin. If netizens want to buy computers for ransom payment, they need to choose a trading platform that can withdraw bitcoin to avoid a second loss. In addition, after paying the ransom, whether the computer attacked by the virus can be effectively unsealed remains unknown. Therefore, the technical personnel of okcoin currency bank suggest that the majority of Internet users upgrade and install the relevant patches of Windows operating system as soon as possible, and the infected machines should be disconnected immediately to avoid further spread of infection. Users who have not been attacked by virus should update the system as soon as possible, install regular and safe anti-virus software, and improve the defense ability of the computer.
2. If you are worried about the virus, you can install a computer housekeeper
3. The repair vulnerability in its toolbox can fix the virus vulnerability.
the eternal blue virus solution is to update the windows system patch in time
Eternal Blue refers to the night of April 14, 2017, the hacker group shadow brokers (shadow brokers) announced a large number of network attack tools, including "eternal blue" tool, "eternal blue" can obtain the highest privileges of the system by using the SMB vulnerability of windows system
on May 12, the lawless elements made wannacry blackmail virus by transforming "eternal blue", which was recruited on the intranet of universities, large enterprises and government agencies in the United Kingdom, Russia, the whole Europe and China. They were blackmailed to pay a high ransom to decrypt the recovery documents
attack mode
the malicious code will scan the windows machine with 445 file sharing port, without any user operation. As long as the computer is turned on and connected to the Internet, the criminals can implant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in the computer and server. The hacker used petwarp, a variant of Petya blackmail virus
extended materials:
event process
since May 12, 2017, a worldwide outbreak of worm malicious code based on windows network sharing protocol, This is a network attack event initiated by lawless elements by reforming the "eternal blue" attack program in NSA hacker weapon library leaked before. Within five hours
including the United Kingdom, Russia, the whole Europe and China, a number of colleges and universities, large enterprises and government agencies were recruited, and they were blackmailed to pay a high ransom to decrypt the recovery files, causing serious losses to important data. The attacked device was locked and a ransom of $300 in bitcoin was demanded
it is required to pay the ransom as soon as possible, otherwise the files will be deleted, and even the poor who have not paid in half a year can participate in the free unlocking activities. I thought it was just a small-scale prank type blackmail software, but I didn't expect that the blackmail software broke out in a large area, and many college students were recruited