This information is very helpful to stay safe if you haven’t already gotten the update 1703 we suggest installing it right now. Why? Well, not only is it faster than previous build it’s also a lot safer.
Wanna Cry Malware Attack
Wanna Cry is on rise now days. The attack happens on Friday, 12 May 2017, a large cyber-attack using it was launched, infecting more than 230,000 computers in 150 countries, and demanding ransom payments. The attack has been done by multiple methods, including phishing emails and on unpatched systems as a computer worm.
How to respond to a Wanna Cry Ransomware Attack?
Disconnect your device from the internet to ensure there is no further infection or exfiltrating of data as the ransomware will be unable to reach the command and control servers.
Set BIOS clock back in case the ransomware has a time limit associated to it as with Wanna Cry. You can also reach out to the Cyber Police Cell of your state immediately.
What to do in case of Ransomware Attack?
Get Ransomware Removal Service choose one of data recovery service providers such as stellar. They perform ransomware removal service for Reveton, Fusob, Cerber, Crysis, CryptoLocker, CryptoLocker.F and TorrentLocker, CryptoWall, CTB-Locker, Jigsaw, KeRanger, LeChiffre, Locky, TeslaCrypt, TorrentLocker & ZCryptor ransomware. Stellar is the industry experts in removing ransomware from all devices.
Microsoft To The Rescue
Wanna Cry Ransomware Guidelines to stay safe:
- Be careful to click on harmful links in your emails.
- Be wary of visiting unsafe or unreliable sites.
- Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
- If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
- Keep your files backed up regularly and periodically.
- Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
- Use anti-virus and always make have the last update.
- Make sure your windows have the last update close the gap.
Windows New Update 5/15/2017:
The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open.
If you did not update your windows just turn off SMP,
There are two methods to turn off SMP manually or Tools.
1.Control Panel\Programs\Programs and Features.
2. Remove check Box SMB1.0/CIF Filse Sharing Support.
3. you must be restart your computer.
Done! Now you are safe.
2. Tools :
Link Download direct: SMB2 Tools Disable
1. RUN AS ADMINISTRATOR.
2.First check if the Features is turn on !.
when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it
3. SMB2 IS currently disabled.
4. you must be restart your computer.
Done! Now you are safe.
I hope it helps to keep you safe.
Hang-on! How Did This Even Happen?
- Wannacry Cyberattack may be linked to similar attack, based on attacks using the WannaCry virus/worm. Investigations are currently ongoing, but links to any particular attack group or country is still at large.
- This the largest scale cyberattack known yet, and there is also a threat of version 2.0
- Malware freezes computer files, and continuously sends e-mails containing the virus to your contacts.
So thats all we know for now.
For Developers Enthusiastic About Experimenting This
I’m sure that it’s possible to get hold of it but if you do you’ll lose the data on any drives it can access, including other computers on the same network and network addressed storage drives.
If you want to experiment with it one of the safest ways to do it would be with any other computers and NAS drives unplugged, on a computer running Linux with a virtual machine running your guinea pig copy of Windows. You could even make backups of that version of Windows to replace the original once you’ve wrecked it so that the experiment can continue. It would also be vital not to allow the virtual machine network access to the host computer either, it running Linux wouldn’t make it so that the malware can’t encrypt its files, it just needs access to the drive to do that.