Bitcoin blackmail virus bargaining
{rrrrrrr}
10
(3) in view of the current technical means, if blackmail virus can not be solved, it can only be completely formatted, Then, the system is reinstalled and the system vulnerability patch is made to prevent the secondary poisoning
In the evening of May 12, the wanna cry worm virus broke out in more than 74 countries around the world. At least 45000 machines have been infected. The network system of some colleges and universities in China has become a disaster area, and the network payment system of PetroChina gas station has also been affected
it is reported that the virus can spread rapidly in the local area network by taking advantage of the vulnerability of port 445 of windows system, but large local area networks such as schools have not done similar prevention, so it has become the target of attack
{rrrrrrr}
therefore, it is not recommended that the victim pay ransom to the hacker, because even if you pay, the hacker may not know which computer you have
it is worth mentioning that the outbreak of bitcoin blackmail virus has pushed bitcoin to the top of the wave again. "Bitcoin virus" has become a hot search keyword, and many bitcoin insiders have expressed their concerns about bitcoin's "stigmatization"“ Good tools should not be blamed because they are used by bad people. " A person in the bitcoin instry said, "bitcoin is bitcoin, virus is virus, injustice has a head, debt has owner, so it is unnecessary to have hostility to bitcoin."
now, the most important thing is that victims should install the patch released by Microsoft as soon as possible to prevent strange mail, and important files should be backed up to the cloud platform and local offline hard disk
At the beginning, I heard that it was so serious all of a sudden. As a practitioner, I really had a sense of fear. Once it spread in my scope, it would cause endless trouble to my work. Moreover, some phenomena were exaggerated in the report, such as unnecessary operation and automatic infection of virus. I don't know how this principle came about. Is it a myth of network technology, Viruses, Trojans and malware become uncontrollable demons
"eternal blue virus" can scan windows machines with open 445 file sharing port to implant malicious programs. There are no absolutely safe operating systems in the world. They are all early systems of foreigners. Besides, there are no flawless things in the world. I have to learn more and take good precautions. I am engaged in enterprise information and security work. I know the dangers of viruses, Trojans and malicious programs, and I can't help the panda who gets up early to burn incense. There are a lot of solutions, but some people are still poisoned
how to shut down ports 445, 135, 137, 138 and 139 and turn off network sharing can also avoid winning. The method is as follows:
run, input "dcomcnfg", right-click "my computer" on the right of "computer" option, and select "properties". In the default properties tab of my computer properties dialog box, remove the check before "enable Distributed COM on this computer", select the default protocol tab, select "connection oriented TCP / IP", click "delete" button,
Close ports 135, 137 and 138: right click the network neighbor to select properties, On the new connection, right-click to select properties, and then select the network tab to remove the check boxes of Microsoft network file and printer sharing and Microsoft network client. In this way, ports 135, 137 and 138 on the shared end are closed
Close port 139: Port 139 is a NetBIOS session port for file and print sharing. The way to close 139 is to select "Internet Protocol (TCP / IP)" attribute in "local connection" in "network and dial-up connection", enter "advanced TCP / IP settings" and "disable TCP / IP NetBIOS" in "wins settings", and check to close 139 port
Close port 445: start - run, input regedit. After confirming, locate to HKEY_ LOCAL_ Machine, system, currentcontrolset, services, NetBt, parameters, create a new DWORD value named smbdeviceenabled, and set it to 0 to close port 445
whether practitioners or ordinary users, it is a difficult problem to face the virus Trojan horse vulnerability and malicious code. How to ensure their own safety is to take action in advance, take precautions, keep the safety warning in mind, and do not surf the Internet, operate or click randomly. There are so many bad guys that it is impossible to prevent them. Then the whole society should take action to make the virus and bad guys have no place to hide