1. davidhk129's Avatar
    Source :

    https://www.cnet.com/how-to/wannacry...09744752885916

    The ransomware attack is holding computer systems hostage worldwide. Here's what you need to know to keep yourself as safe as possible.
    05-16-2017 07:38 PM
  2. Josiah23's Avatar
    Yeah, I actually heard about this. It's crazy how people do this to hundreds of thousands of people...

    Can they affect me if I have multiple hard drives (6 HDD/SSD) with multiple OS's though? Lol

    I'm prepared (I think). I make backups/clones of my main SSD monthly, sometimes I'll do it quarterly.

    Can't you get around it by going into Windows safe mode and create a new guest or admin user? Or are they smarter than usual people asking for money using ransomware?
    Guytronic likes this.
    05-16-2017 09:03 PM
  3. RumoredNow's Avatar
    Dear god, I almost clicked. Then I saw it was Cnet. The National Inquirer of tech press.
    Josiah23, Guytronic and kaktus1389 like this.
    05-17-2017 02:26 PM
  4. HoosierDaddy's Avatar
    Can't you get around it by going into Windows safe mode and create a new guest or admin user?
    The harm is mainly encrypting your personal files. I don't think this does anything to keep you from logging on but regardless of the account you log on under, the files are encrypted and worthless without the key to unencrypt them. The crooks are usually pretty careful to use a unique key per victim that can't be reverse engineered.

    But these crooks seem oddly smart and dumb. I mean they modified the NSA's leaked code to do this but didn't stop to think that with so many victims law enforcement had the incentive to monitor who received the bitcoins. Not to mention that relatively few people trusted them enough to even pay the ransom.

    I am a little disturbed that the US Gov is hinting that the North Koreans may be behind this. No way.
    05-18-2017 12:42 PM
  5. Josiah23's Avatar
    The harm is mainly encrypting your personal files. I don't think this does anything to keep you from logging on but regardless of the account you log on under, the files are encrypted and worthless without the key to unencrypt them. The crooks are usually pretty careful to use a unique key per victim that can't be reverse engineered.

    But these crooks seem oddly smart and dumb. I mean they modified the NSA's leaked code to do this but didn't stop to think that with so many victims law enforcement had the incentive to monitor who received the bitcoins. Not to mention that relatively few people trusted them enough to even pay the ransom.

    I am a little disturbed that the US Gov is hinting that the North Koreans may be behind this. No way.
    Hmm.. that's interesting... I guess when someone hit me with the ransomware virus a while back, they probably weren't the smartest crayon in the box, lol. I just made a new user account and it allowed me to get in and bring the files over to the new one... lol.

    I'm guessing "they've" gotten somewhat smarter.

    Can't you still got around it if you have a backup/clone on another drive? I have 6 or 7 hard drives with different backups and OSS on em'
    05-18-2017 12:47 PM
  6. HoosierDaddy's Avatar
    Hmm.. that's interesting... I guess when someone hit me with the ransomware virus a while back, they probably weren't the smartest crayon in the box, lol. I just made a new user account and it allowed me to get in and bring the files over to the new one... lol.

    I'm guessing "they've" gotten somewhat smarter.

    Can't you still got around it if you have a backup/clone on another drive? I have 6 or 7 hard drives with different backups and OSS on em'
    A backup before the infection is a cure. But if the backup doesn't include the boot drive I would wipe it clean and reinstall Windows unless there is reliable proof parts of the ransomeware wouldn't be otherwise left behind. And I wouldn't use a restore that runs under the infected OS for the same reason.

    FWIW, I understand it had been neutered yesterday so new victims' files won't be encrypted after that point. The author included a kill switch. Before doing bad things, it first checks for the existence of a specific domain name. If it exists, the malware doesn't encrypt. A white-hat saw the name in a memory dump and registered it without knowing why the reference was in the code. That put a stop to the bad stuff. The crook did this so (s)he could register the domain if (s)he wanted to stop the mayhem.
    Josiah23 likes this.
    05-18-2017 12:58 PM

Similar Threads

  1. i get error code 0x80244022 when i try to download Viber
    By Windows Central Question in forum Ask a Question
    Replies: 8
    Last Post: 05-16-2017, 05:26 PM
  2. Not able to download anything feom windowsphone store today
    By Vinod Lohar1 in forum Ask a Question
    Replies: 1
    Last Post: 05-16-2017, 05:02 PM
  3. Can't download apps from the Windows Store or on Xbox? You're not alone
    By WindowsCentral.com in forum Windows Central News Discussion
    Replies: 0
    Last Post: 05-16-2017, 04:40 PM
  4. How can put a remix3d object on my desktop?
    By Windows Central Question in forum Ask a Question
    Replies: 1
    Last Post: 05-16-2017, 01:32 PM
  5. Replies: 0
    Last Post: 05-16-2017, 12:50 PM
LINK TO POST COPIED TO CLIPBOARD