How to protect yourself from WannaCry ransomware

Toggle sidebar Toggle sidebar
Josiah23

Josiah23

New member
Mar 25, 2015
2,166
0
0
Visit site
Yeah, I actually heard about this. It's crazy how people do this to hundreds of thousands of people...

Can they affect me if I have multiple hard drives (6 HDD/SSD) with multiple OS's though? Lol

I'm prepared (I think). I make backups/clones of my main SSD monthly, sometimes I'll do it quarterly.

Can't you get around it by going into Windows safe mode and create a new guest or admin user? Or are they smarter than usual people asking for money using ransomware?
 
HoosierDaddy

HoosierDaddy

Well-known member
May 28, 2013
2,340
85
48
Visit site
Josiah23 said:
Can't you get around it by going into Windows safe mode and create a new guest or admin user?
Click to expand...
The harm is mainly encrypting your personal files. I don't think this does anything to keep you from logging on but regardless of the account you log on under, the files are encrypted and worthless without the key to unencrypt them. The crooks are usually pretty careful to use a unique key per victim that can't be reverse engineered.

But these crooks seem oddly smart and dumb. I mean they modified the NSA's leaked code to do this but didn't stop to think that with so many victims law enforcement had the incentive to monitor who received the bitcoins. Not to mention that relatively few people trusted them enough to even pay the ransom.

I am a little disturbed that the US Gov is hinting that the North Koreans may be behind this. No way.
 
Josiah23

Josiah23

New member
Mar 25, 2015
2,166
0
0
Visit site
HoosierDaddy said:
The harm is mainly encrypting your personal files. I don't think this does anything to keep you from logging on but regardless of the account you log on under, the files are encrypted and worthless without the key to unencrypt them. The crooks are usually pretty careful to use a unique key per victim that can't be reverse engineered.

But these crooks seem oddly smart and dumb. I mean they modified the NSA's leaked code to do this but didn't stop to think that with so many victims law enforcement had the incentive to monitor who received the bitcoins. Not to mention that relatively few people trusted them enough to even pay the ransom.

I am a little disturbed that the US Gov is hinting that the North Koreans may be behind this. No way.
Click to expand...

Hmm.. that's interesting... I guess when someone hit me with the ransomware virus a while back, they probably weren't the smartest crayon in the box, lol. I just made a new user account and it allowed me to get in and bring the files over to the new one... lol.

I'm guessing "they've" gotten somewhat smarter.

Can't you still got around it if you have a backup/clone on another drive? I have 6 or 7 hard drives with different backups and OSS on em'
 
HoosierDaddy

HoosierDaddy

Well-known member
May 28, 2013
2,340
85
48
Visit site
Josiah23 said:
Hmm.. that's interesting... I guess when someone hit me with the ransomware virus a while back, they probably weren't the smartest crayon in the box, lol. I just made a new user account and it allowed me to get in and bring the files over to the new one... lol.

I'm guessing "they've" gotten somewhat smarter.

Can't you still got around it if you have a backup/clone on another drive? I have 6 or 7 hard drives with different backups and OSS on em'
Click to expand...
A backup before the infection is a cure. But if the backup doesn't include the boot drive I would wipe it clean and reinstall Windows unless there is reliable proof parts of the ransomeware wouldn't be otherwise left behind. And I wouldn't use a restore that runs under the infected OS for the same reason.

FWIW, I understand it had been neutered yesterday so new victims' files won't be encrypted after that point. The author included a kill switch. Before doing bad things, it first checks for the existence of a specific domain name. If it exists, the malware doesn't encrypt. A white-hat saw the name in a memory dump and registered it without knowing why the reference was in the code. That put a stop to the bad stuff. The crook did this so (s)he could register the domain if (s)he wanted to stop the mayhem.
 
You must log in or register to reply here.

Similar threads

Windows Central
How to set up a new virtual machine in Virtualbox
Replies
0
Views
232
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
How to watch the Game Awards 2024: Start time, what to expect, and everything you need to know
Replies
0
Views
116
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
Dragon's Dogma 2: How to get into Battahl with or without a permit — Secret passage, smuggle yourself in, and more
Replies
0
Views
244
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
Monster Hunter Wilds' open beta test on Xbox and Steam PC: How to download early, beta launch times in your region, and more
Replies
0
Views
161
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
AFMF 2 for ROG Ally: How to download, frame rate improvements, new features, how to enable, and everything you need to know for your gaming device
Replies
0
Views
103
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central

Latest posts

Trending Posts

Members online

Total: 3,765 (members: 2, guests: 3,763)

Forum statistics

Threads
327,270
Messages
2,249,719
Members
428,610
Latest member
LVMHgirl

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom