Global Ransomware Attack Used NSA Hacking Tools "At A Scale Never Seen Before"

Discussion in 'Serious Discussion' started by emk810, May 12, 2017.

  1. Katzenfreund

    Katzenfreund MDL Expert

    Jul 15, 2016
    1,372
    817
    60
    Although XP support stopped three years ago, it also got a patch for WannaCry.
     
  2. Katzenfreund

    Katzenfreund MDL Expert

    Jul 15, 2016
    1,372
    817
    60
    Indeed, on Sunday, security researchers Matt Suiche and Benkow discovered a second WannaCry version that used a different kill switch domain, which they also registered and sinkholed like the first, preventing this newer strain of the WannaCry ransomware from making any new victims.

    Later in the day, security researchers from Kaspersky Lab discovered on Virus Total a new WannaCry version, which unlike the first two, didn't feature the kill switch domain.

    Despite this worrying discovery, this version has not been seen infecting live computers as of yet.

    https://www.bleepingcomputer.com/ne...nnacry-version-that-doesnt-use-a-kill-switch/
     
  3. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,535
    2,089
    120
    I find it interesting that when something malicious goes after John Q Public very little is reported other than a small blip on the news. But when the Industrialized Corporate Machine gets caught up in something malicious they report as if the world is going to end, And they are the one's to blame for not installing the patches when they should have, or being too cheap to run a current o.s.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. JFKI

    JFKI MDL Expert

    Oct 25, 2015
    1,098
    372
    60
    Actually there was a way to continue getting updates until 2020... (I Think)
    I have that registry hack on my virtualbox XP, although I have not booted it in several months.

    I think it was set up that way for signs like they use along roadways and other embedded systems. :dunno:
     
  5. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,973
    12,477
    340

    WannaCry's kill-switch prevents spreading only.
    It still can infect though and runs on any windows and encrypts files if not detected and stopped.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,973
    12,477
    340
    I have deleted the posts about deletion of posts, lol

    We do discuss that (again). ATM a user has to ask to get this option / report the own post..I personally want all people +10 posts can...

    Keep you informed...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,973
    12,477
    340
    I've assigned the right to Joe C, Oz as requested. And MJ for now :)
    Please keep in mind to have a strong PW or if you like 2FA.
    The major point at our current debate are security concerns. The posts are restorable by the team, though.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,535
    2,089
    120
    Thank you Yen.
    I'll do the 2FA security password as soon as I finish my coffee this morning. It's too dangerous if I do anything before I have my coffee
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Oz

    Oz MDL Expert

    Sep 1, 2009
    1,034
    704
    60
    I can delete them for you Joe ;)
     
  10. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,535
    2,089
    120
    I appreciate that, Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. °ツ

    °ツ MDL Addicted

    Jun 8, 2014
    758
    1,025
    30
    Downloaded a sample of WannaCry 2.0 and ran it in VirtualBox, it doesn't encrypt all files, some file extensions got encrypted while others did not.
    Having an updated Windows installation is not enough protection, there is still a need for common sense and security software.

    Also, it can work in Linux too if you use wine: