# WanaCry victims here?



## lorraine walsh (May 13, 2017)

I have read and heard that a lot of people have become the victim of this shitty ransomware. So, are there any here? Also, is there any known way to prevent it beforehand?


----------



## P4-630 (May 13, 2017)

lorraine walsh said:


> I have read and heard that a lot of people have become the victim of this shitty ransomware. So, are there any here? Also, is there any known way to prevent it beforehand?



On a Dutch tech site I read that they target mostly larger networks.


----------



## Ferrum Master (May 13, 2017)

Never had any sort of infection for years...

Use Linux, or don't do stupid browsing in gray areas.


----------



## Ahhzz (May 13, 2017)

lorraine walsh said:


> I have read and heard that a lot of people have become the victim of this shitty ransomware. So, are there any here? Also, is there any known way to prevent it beforehand?


 install the security patch Microsoft released for it two months ago.

**edit: I downloaded it to have at work yesterday for myself and clients, but this morning the M$ site seems to be having some issues, sorry. Looking for an alternative download option.


----------



## P4-630 (May 13, 2017)

I know someone who got his files encryted by some ransomware, as far as I know he used torrent and was not a stranger to use cracks for software.
In the end he paid for it and his files were decrypted.


----------



## Caring1 (May 13, 2017)

Never had it myself, but the best way to defeat it is have current back ups.
If you get infected, wipe your drive and reinstall.


----------



## P4-630 (May 13, 2017)

For simple safer browsing use Google DNS.


----------



## StefanM (May 13, 2017)

*'Accidental hero' finds kill switch to stop spread of ransomware cyber-attack*


----------



## lorraine walsh (May 13, 2017)

Ahhzz said:


> install the security patch Microsoft released for it two months ago.
> 
> **edit: I downloaded it to have at work yesterday for myself and clients, but this morning the M$ site seems to be having some issues, sorry. Looking for an alternative download option.


Yeah it is installed at my end. that can be the reason why I am safe!

App


Caring1 said:


> Never had it myself, but the best way to defeat it is have current back ups.
> If you get infected, wipe your drive and reinstall.


apparently that is the only way out if you don't wanna pay


----------



## Ahhzz (May 13, 2017)

If anyone still has issues getting the patch, and trusts me, send me a PM, and I'll drop you a Dropbox link for the Win7SP1 file. I have the 32 and 64 bit versions. If you don't trust, the site will come up eventually, you just have to keep hitting each page when it fails, until you get to the next step (3 from the link I sent to get to a final download).


----------



## Derek12 (May 13, 2017)

Spain was badly hit but no infected computers where I work or my own ones


----------



## P4-630 (May 13, 2017)

https://www.nomoreransom.org/website-disclaimer.html

Decryption tools for various versions ransomware:
https://www.nomoreransom.org/decryption-tools.html


----------



## lorraine walsh (May 13, 2017)

Guys anyone tried to contact them via the decryptor? Or any article about that?


----------



## droopyRO (May 13, 2017)

It seems they are mostly targeting large networks not individual PCs. In Romania a part of the Dacia(Renault)car factory just went offline a few hours ago acording to the media.


----------



## Aquinus (May 13, 2017)

Ferrum Master said:


> Use Linux


Challenge accepted... oh wait.


----------



## Derek12 (May 13, 2017)

Ferrum Master said:


> Never had any sort of infection for years...
> 
> Use Linux, or don't do stupid browsing in gray areas.


Because Linux doesn't have any security holes


----------



## FireFox (May 13, 2017)

lorraine walsh said:


> Also, is there any known way to prevent it beforehand?



Yeap, don't use Internet, easy.


----------



## P4-630 (May 13, 2017)

Knoxx29 said:


> Yeap, don't use Internet, easy.



Duh...

At least use Google DNS then.


----------



## Aquinus (May 13, 2017)

Derek12 said:


> Because Linux doesn't have any security holes


It's better for a few reasons.

It's not typically the low hanging fruit.
The number of potential users to hack is smaller than Windows or OS X.
It's also likely that holes will be found and patched faster when more people are looking at the source.
All in all, it's not because it's 100% secure, it's because Windows is a more tempting target if you consider number of users, just as Android is becoming a target because of the number of users/devices.


----------



## Derek12 (May 13, 2017)

Aquinus said:


> It's better for a few reasons.
> 
> It's not typically the low hanging fruit.
> The number of potential users to hack is smaller than Windows or OS X.
> ...



But AFAIK (anyone correct me if wrong) this hack happened by not applying a Windows update/patch issued 2 months ago. The same could happen with Linux.
About Android, it was insecure since it was created. In many cases but not always, security is inversely proportional to openness.


----------



## Aquinus (May 13, 2017)

Derek12 said:


> But AFAIK (anyone correct me if wrong) this hack happened by not applying a Windows update issued 2 months ago. The same could happen with Linux.
> About Android, it was insecure since it was created. In many cases but not always, security is inversely proportional to openness.


Actually, wide use is definitely linked to higher risk of attack. That doesn't change how secure it is but, it alters the chances that a hole will be found. Software more widely used that is secure can very well have a higher chance of a security hole being found simply by the fact that more people are trying to find a hole. Fewer people looking for holes in less secure software could even have a better chance of not being compromised because a lot fewer people are trying. So, it's not really just a factor of if something is more secure or not. You're right though, if a hole is found and people don't update, you're a prime candidate to be hacked however, the same logic applies in the sense that a vulerability is only as bad as the people trying to exploit it.

So, while I agree that it's a software thing, I would argue that it's also a people thing and that more people using something can, by itself, make software less secure.


----------



## DeathtoGnomes (May 13, 2017)

> * 7 Easy Steps to Protect Yourself*
> Currently, there is no WannaCry decryption tool or any other solution available, so users are strongly advised to follow prevention measures in order to protect themselves.
> 
> *Keep your system Up-to-date:* First of all, if you are using supported, but older versions of Windows operating system, keep your system up to date, or simply upgrade your system to Windows 10.
> ...


(fixed links too)
Snipped from https://thehackernews.com/2017/05/wannacry-ransomware-windows.html


----------



## alucasa (May 13, 2017)

In general, keeping OS up-to-date prevents a lot of nasty stuff but nowadays, for some, keeping any OS, let it be Windows or Ubuntu or any other OS, is an ordeal due to paranoia.

Both Windows and Unix let you know when an update is available. Windows forces you to install them at one point which some turn it off by force. Unix let you know but doesn't force it.

P.S. UK's NHS (National health service) was hit by ransomware yesterday. Majority of their networks went down, preventing surgeries and whatnot. The media claim it's an attack but I bet some dude opened a suspicious e-mail attachment.


----------



## Bill_Bright (May 13, 2017)

Derek12 said:


> Because Linux doesn't have any security holes


That, of course is naive and silly. Of course Linux has security holes and new ones are being discovered all the time. Those who don't believe that are not paying attention! I recommend anyone concerned about security (and that should be everyone) to sign up for the Department of Homeland Security's US-CERT Cyber Security Bulletin Vulnerability Summaries. There you will see that Linux, MacOS, security apps, YOUR favorite browser, and all sorts of other programs have new vulnerabilities being discovered all the time. Critical ones too!

Note the Vulnerability Summary for the week of April 24, 2017, Linux had 11 High Vulnerabilities.



Caring1 said:


> but the best way to defeat it is have current back ups.


Actually, the best way to defeat it is to prevent in the first place. And for Windows users, that is easy with 3 simple steps:

1. Use a current version of Windows.
2. Keep Windows fully updated.
3. Use a fully updated antimalware solution (and MSE on W7, or WD on W8/W10 are fine for that).​
Okay, 4 steps.

4. Don't be "click happy" on unsolicited links, attachments, downloads, and pop-ups.​
Of course, that does not negate the need for a current backup. If you are defeated by this malware by failing to follow those three easy steps, having a current backup may be your only recourse, because frankly, I would not trust the bad guys to give you the unlock key once you pay the ransom.



alucasa said:


> keeping OS up-to-date prevents a lot of nasty stuff but nowadays, for some, keeping any OS, let it be Windows or Ubuntu or any other OS, is an ordeal due to paranoia.


I disagree - at least for Windows. It is not an ordeal at all! The paranoid just think it is!  But all that is needed is to just leave Windows alone (don't change the defaults) and it will keep itself updated. Piece of cake!


----------



## Vya Domus (May 13, 2017)

Just keep important stuff in multiple places , that's what I do. I know that by doing this you technically increase your chances of getting into this situation but at the same time it lowers the chance you lose all of your stuff greatly.


----------



## Bill_Bright (May 13, 2017)

Speaking of the Department of Homeland Security's US-Computer Emergency Response Team (from my previous post), just got this today too:

Alert (TA17-132A), Indicators Associated With WannaCry Ransomware


----------



## revin (May 13, 2017)

Dang Update keeps getting stuck "creating restore point" !!! for some of the 5-13 updates


----------



## Ahhzz (May 13, 2017)

Bill_Bright said:


> ....
> 
> Actually, the best way to defeat it is to prevent in the first place. And for Windows users, that is easy with 3 simple steps:
> 
> ...



Speaking of "Naive and silly". To think that just because M$ has patches does not mean it is secure by any stretch. This vulnerability was patched 2 months ago, that's true. But the vulnerability, as well as dozens of others, have been there for years, as indicated by the fact that Windows 7 is affected by this attack. So, believing that simply keeping Windows updated, or even adding an Antivirus to the mix, is absolutely naive.


----------



## Divide Overflow (May 13, 2017)

FedEx is reportedly afflicted.  Seems to be hitting improperly secured VMs pretty hard too.

Gotta be careful with your backups.  If your backup data is also infected a simple wipe / restore can be tricky.


----------



## alucasa (May 13, 2017)

Divide Overflow said:


> FedEx is reportedly hit.  Seems to be hitting *improperly secured VMs* pretty hard too.



Oh, the irony...


----------



## Drone (May 13, 2017)

Because of that Microsoft released a patch even for *Windows XP SP3* lol

Yeah Windows XP

download KB 4012598


----------



## Bill_Bright (May 13, 2017)

Ahhzz said:


> So, believing that simply keeping Windows updated, or even adding an Antivirus to the mix, is absolutely naive.


Please don't read in to what was said, something not said! And please twist words around. That is not cool. I never said keeping Windows updated is the panacea for all malware. My comment was in reply to comments about this specific threat. And it is true, the steps I said prevents THIS threat. 

But to your comments about being naive, it is also true that keeping our operating systems current is indeed, one of the best ways to prevent infections. But because there are such things as zero day exploits, keeping our systems updated is still not a guarantee. You still must not be click-happy, and must use a decent anti-malware solution that uses behavior analysis to detect and block suspicious behavior. 

So IMO, your attempt to discredit what I said by suggesting things not said, and twisting comments around was naive and silly. And because everyone knows that keeping our systems current is a proven method to "help" (notice I did not say "guarantee") prevent malware infections, suggesting otherwise was not helpful to the discussion.


----------



## 64K (May 13, 2017)

Linux might not be considered so secure if it had the install base that Windows has. Maleware authors will target the largest install base for their work to target the most amount of people as possible. I wonder what kind of a royal clusterfuck it would be for Linux users if their OS had an installed base the size of Windows and also being an open sourced OS as well.


----------



## Bill_Bright (May 13, 2017)

The size of the target is sure a factor. But make no mistake. Linux has vulnerabilities too - and malware to exploit them.

Why Linux users should worry about malware and what they can do about it. 

And unprotected Linux boxes can be used to attack your family and friends who are running unprotected Windows systems too.


----------



## DeathtoGnomes (May 13, 2017)

Ahhzz said:


> So, believing that simply keeping Windows updated, or even adding an Antivirus to the mix, is absolutely naive.


I totally agree, there are too many people that just want to "set it and forget", the same people that dont understand why they have to pay and the same people that never understand how their identity was stolen.

Most people trust M$ implicitly, dont realize that most of these threats is M$ fault for shoddy and weak programming, coupled with the lack of timely fixes of already known threats and exploits. There is history with M$ disregarding potential threats and exploits (prolly in favor of the USGov using them to spy on its citizens. ), and that begs the question, how long ago could this threat have been fixed before it actually became a thing?  Now that it is a thing, we point at each other and say "You're naive cuz you got ha'kt!" all the while still trusting M$ to 100% protect us.

It does us no good arguing who or what is naive when it comes to M$ and windows, as technically minded people we can predict who the victims will be and some of us will even sit back and laugh while being asked "can you fix this?".  Get your evil on!


----------



## Bill_Bright (May 13, 2017)

DeathtoGnomes said:


> Most people trust M$ implicitly, dont realize that most of these threats is M$ fault for shoddy and weak programming




Yeah right. Because everybody knows shoddy and weak programming is how a tiny software development company becomes and stays one of the top 10 tech companies in the world. 

This is just typical and biased Microsoft bashing. Don't blame the bad guy for perpetrating the crime. No! That would be silly. And don't blame the user for failing to keep his or her computer updated when updates are available to stop the bad guy. No! That would naive. So of course, blame Microsoft for the actions of the bad guys. Sure. That makes perfect sense.


----------



## bogmali (May 13, 2017)

Well thread derailed once again by the usual suspects......Closing up shop


----------

