WannaCry is a ransomware that is spreading fast and affecting many computer systems world wide including government systems, hospital systems etc.
It uses a vulnerability in Microsoft Window's SMB protocol ( SMB stands for Server Message Block) which turned on by default. Once infected it asks the victim to pay 300$ bitcoins in order to remove the infection and decrypt all the encrypted files.
Once infected, WannaCry also scans for other vulnerable computers connected to the same network, as well scans random hosts on the wider Internet, to spread quickly.
The ransomware opens a unregistered domain and if it fail to open then the system is infected.Therefore security researcher Darien Huss registered the domain which stop or pause the ransomware. Soon Cyber criminals around the world DDOSed it to take it down so that the ransomware can continue affecting.
How to protect yourself from WannaCry!
Method 1 . Disable SMB
Step 1 : Search for "Windows Features" and open it.
Step 2 : Uncheck SMB.
Step 3 : Click Ok and Restart your pc
If you are a windows 7 or 8 user refer to this video :
Method 2 : Use a tool "WannaSmile"
WannaSmile is a simple tool created by friend Indrajeet Bhuyan and Hrishikesh Barman
Instructions mentioned by them.
Offline fix instructions.
1. Install the wannaSmile service by running the setup.exe from this release. (Download the wannasmile.zip file)
2. After Installing you need to start the service once and then it will do the rest automatically
2. After Installing you need to start the service once and then it will do the rest automatically
Online fix instructions.
How To Run
You directly run the .exe file and it will do the magic. ( Run as Administrator ). If you don't trust our .exe file then you yourself can compile and run it.
DOWNLOAD WANNASMILE : https://github.com/indrajeetb/WannaSmile
Also there is an update been released by Microsoft (MS17-010) Update it to it.
No comments:
Post a Comment