|
Joined: Aug 2014
Posts: 4,189
Campfire Tracker
|
OP
Campfire Tracker
Joined: Aug 2014
Posts: 4,189 |
... A massive "ransomware" attack is spreading globally on a scale never seen before. Called "WannaCry," it is based on an NSA hacking tool known as "eternal blue" that was released by the Shadow Brokers. Apparently, eternal blue exploits a secret backdoor into Windows (developed by the NSA) that allows the ransomware to infect Windows computers. $300.00 in bitcoins is demanded, and if not paid within the stated time, the files on the computer are deleted. So far, between 45,000 - 57,000 attacks in 74 countries, including hospitals and universities. See: http://www.zerohedge.com/news/2017-05-12/massive-ransomware-attack-goes-global-hugehttp://www.zerohedge.com/news/2017-...ssive-cyber-attack-hackers-demand-ransomhttp://www.foxnews.com/tech/2017/05...ountries-some-uk-hospitals-crippled.htmlSome of the impact:
|
|
|
|
Joined: Oct 2011
Posts: 59,134 Likes: 23
Campfire Kahuna
|
Campfire Kahuna
Joined: Oct 2011
Posts: 59,134 Likes: 23 |
I'm not worried, I don't do windows. I hope everyone here does a backup so they can tell them to FO.
Paul
"I'd rather see a sermon than hear a sermon".... D.A.D.
Trump Won!, Sandmann Won!, Rittenhouse Won!, Suck it Liberal Fuuktards.
molɔ̀ːn labé skýla
|
|
|
|
Joined: Jan 2001
Posts: 28,388 Likes: 1
Campfire Ranger
|
Campfire Ranger
Joined: Jan 2001
Posts: 28,388 Likes: 1 |
I just got a call about 15 minutes ago to assist in emergency patches of our largest shared servers for the hospital chain. Due to the widespread and critical need for these servers they are only brought down for patches at 2 AM early Monday mornings but we'll be doing it at 5 PM locally today.
Thanks, NSA...
Gunnery, gunnery, gunnery. Hit the target, all else is twaddle!
|
|
|
|
Joined: Jan 2005
Posts: 1,978
Campfire Regular
|
Campfire Regular
Joined: Jan 2005
Posts: 1,978 |
Reinstall Windows and it goes away. It least the version I caught a few years ago did. I would have bought a different computer before paying those thieves anything.
|
|
|
|
Joined: Jun 2004
Posts: 11,116 Likes: 1
Campfire Outfitter
|
Campfire Outfitter
Joined: Jun 2004
Posts: 11,116 Likes: 1 |
Got a 2 Tbyte external drive, and backed up all my files (E: drive) and an image of my Windows boot drive (C:). Plus Windows pushed out a major update a few days ago. Like to find the folks that do this, dress them in fur coats, strap antlers to their heads and turn them loose in the woods in October.
Be not weary in well doing.
|
|
|
|
Joined: Apr 2009
Posts: 33,971
Campfire 'Bwana
|
Campfire 'Bwana
Joined: Apr 2009
Posts: 33,971 |
This may not just be with Windows.
We just moved our global cyber security to Alert Con 3. Our best and brightest are on this because it's predicted to be widespread and nasty.
Coming out of Europe.
Proud to be a true Sandlapper!!
Go Nats!!!!
|
|
|
|
Joined: Aug 2014
Posts: 4,189
Campfire Tracker
|
OP
Campfire Tracker
Joined: Aug 2014
Posts: 4,189 |
I'm not worried, I don't do windows. I hope everyone here does a backup so they can tell them to FO. People on MAC's are usually spared this BS ..... but the real key is having a backup .... either in the cloud or locally on a drive. What is worrisome is that now these NSA tools are in the wild and in the hands of the computer criminals, this sort of stuff is probably just the beginning ...
|
|
|
|
Joined: Oct 2011
Posts: 59,134 Likes: 23
Campfire Kahuna
|
Campfire Kahuna
Joined: Oct 2011
Posts: 59,134 Likes: 23 |
I'm not worried, I don't do windows. I hope everyone here does a backup so they can tell them to FO. People on MAC's are usually spared this BS ..... but the real key is having a backup .... either in the cloud or locally on a drive. What is worrisome is that now these NSA tools are in the wild and in the hands of the computer criminals, this sort of stuff is probably just the beginning ... I don't do macs either, Ubuntu and Mint. I think you're right, it's just the beginning. Those boyz at Microsoft are going to be busy closing holes for the next couple years. Who knows Windows might not even survive this, well see. But even if it did effect me I'd be OK as I do backups regularly.
Paul
"I'd rather see a sermon than hear a sermon".... D.A.D.
Trump Won!, Sandmann Won!, Rittenhouse Won!, Suck it Liberal Fuuktards.
molɔ̀ːn labé skýla
|
|
|
|
Joined: Aug 2014
Posts: 4,189
Campfire Tracker
|
OP
Campfire Tracker
Joined: Aug 2014
Posts: 4,189 |
... I don't do macs either, Ubuntu and Mint. ... Cool! The last unix computer I used was a SGI Octane2 .... you don't want to know how much that little puppy cost back in the day.
|
|
|
|
Joined: Feb 2014
Posts: 1,781
Campfire Regular
|
Campfire Regular
Joined: Feb 2014
Posts: 1,781 |
They can have my files. Everything important is downloaded to a thumb drive after I receive it and then deleted from my computer. I had one of these hijacks around ten years ago and after the time limit expired, they did delete my files and returned my computer. Too bad for them that we had a automatic back-up every night and only lost files for that day. So after that I do as stated above and don't worry about it.
|
|
|
|
Joined: Aug 2014
Posts: 4,189
Campfire Tracker
|
OP
Campfire Tracker
Joined: Aug 2014
Posts: 4,189 |
|
|
|
|
Joined: Jan 2002
Posts: 12,856 Likes: 5
Campfire Outfitter
|
Campfire Outfitter
Joined: Jan 2002
Posts: 12,856 Likes: 5 |
Backup, and then backup the backups. Real ones, too, not just "cloud" ones.
Then tell them to GFY.
Sic Semper Tyrannis
|
|
|
|
Joined: Aug 2004
Posts: 69,659 Likes: 14
Campfire Kahuna
|
Campfire Kahuna
Joined: Aug 2004
Posts: 69,659 Likes: 14 |
I'd throw my computer in the trash and buy a new one before I gave those criminal fuchs a dime.
Molɔ̀ːn Labé Skýla!
|
|
|
|
Joined: Jun 2002
Posts: 131,738 Likes: 20
Campfire Sage
|
Campfire Sage
Joined: Jun 2002
Posts: 131,738 Likes: 20 |
Thank goodness for the NSA, eh?
|
|
|
|
Joined: Sep 2004
Posts: 29,383
Campfire Ranger
|
Campfire Ranger
Joined: Sep 2004
Posts: 29,383 |
Thank goodness for the NSA, eh? They can't blame this one on Trump. We have so many safeguards at the NSA , yeah right
Last edited by Oldelkhunter; 05/12/17.
|
|
|
|
Joined: Apr 2009
Posts: 33,971
Campfire 'Bwana
|
Campfire 'Bwana
Joined: Apr 2009
Posts: 33,971 |
Thank goodness for the NSA, eh? YUP...developed by us and stolen! You guys would be amazed by the smart folks we have on staff that could easily go either way at any time.....
Proud to be a true Sandlapper!!
Go Nats!!!!
|
|
|
|
Joined: Aug 2003
Posts: 13,945
Campfire Outfitter
|
Campfire Outfitter
Joined: Aug 2003
Posts: 13,945 |
Microsoft security patch: https://technet.microsoft.com/en-us...4)(TnL5HPStwNw-A8TBU9kBEG2QUcO0BuCzeA)()Today’s Massive Ransomware Attack Was Mostly Preventable—Here’s How To Avoid It
Ransomware may be mostly thought of as a (sometimes costly) nuisance, but when it hinders the ability of doctors and nurses to provide aid to those in need of emergency medical care, then it qualifies as armed robbery.
On Friday, a quickly spreading, nasty piece of malware crossed mountains and oceans to infect more than 70,000 machines around the world in a matter of hours. Among those infected were more than a dozen hospitals in England, a telecom in Spain, FedEx’s offices in the United Kingdom, and apparently, the Russian Interior Ministry. Within half a day, there were instances detected on six continents.
What’s sad is that this was all largely preventable, had more Windows users simply installed the security patch Microsoft released for it two months ago. (Unless you’re one of the 8.45 percent of users still running Windows XP, which hasn’t been supported for three years.)
Here’s what happened: Unknown attackers deployed a virus targeting Microsoft servers running the file sharing protocol Server Message Block (SMB). Only servers that weren’t updated after March 14 with the MS17-010 patch were affected; this patch resolved an exploit known as ExternalBlue, once a closely guarded secret of the National Security Agent, which was leaked last month by ShadowBrokers, a hacker group that first revealed itself last summer.
The ransomware, aptly named WannaCry, did not spread because of people clicking on bad links. The only way to prevent this attack was to have already installed the update.
Through the ExternalBlue exploit, the malware installed an NSA backdoor payload called DoublePulsar, and through it went WannaCry, spreading rapidly and automatically to other computers on the same network—potentially hundreds at a time.
“Whereas ransomware such as Locky normally requires user interaction, such as opening a word document, WannaCry has the capability to spread automatically,” AlienVault threat engineer Chris Doman told Gizmodo. “Thankfully a weakness in the method of propagation has allowed researchers to take control of a piece of attacker infrastructure and limit new infections—it could have been a lot worse.”
Unfortunately, it looks like attacks might make some serious bread for their efforts. Researchers combing through samples of the ransomware have already discovered several bitcoin wallets in which thousands of dollars have been deposited. It’s fine to say we shouldn’t negotiate with hackers demanding ransom—though the people who say that almost always do—but when the target is an emergency room, and lives are at stake, there’s really no choice.
If you think you might be vulnerable to WannaCry, or you don’t remember installing any updates over the past month, your first step is to address that issue immediately. As Sean Dillon, the RiskSense security analyst who reverse engineered DoublePulsar, told ThreatPost: “This is the most critical Windows patch since [Conficker],” which is one the largest similar infections to date.
Despite having been patch nearly a decade ago, the Conficker worm is still in circulation. “I find it everywhere,” says Dillon, adding that WannaCry, too, “is going to be on networks for years.”
The importance of downloading and installing security updates (as opposed to just clicking “remind me tomorrow” for several weeks in a row) cannot be overstated. Just ask the patients of the 16 hospitals in England whose delay in care could have been easily avoided.
http://gizmodo.com/today-s-massive-ransomware-attack-was-mostly-preventabl-1795179984
|
|
|
|
Joined: Dec 2003
Posts: 86,245 Likes: 25
Campfire Oracle
|
Campfire Oracle
Joined: Dec 2003
Posts: 86,245 Likes: 25 |
How does the malware gain access? Is it through email, bogus links, porn?
If you take the time it takes, it takes less time. --Pat Parelli
American by birth; Alaskan by choice. --ironbender
|
|
|
|
Joined: Jul 2010
Posts: 1,341
Campfire Regular
|
Campfire Regular
Joined: Jul 2010
Posts: 1,341 |
If you are connected to an infected server and have not updated your system you will be infected. It's automatic.
Originally Posted By: P_Weed
I never met a gun I didn't like.
SEdge,
I have an AMT Hardballer I can fix you up with.
|
|
|
|
Joined: Feb 2013
Posts: 21,801 Likes: 8
Campfire Ranger
|
Campfire Ranger
Joined: Feb 2013
Posts: 21,801 Likes: 8 |
I'd throw my computer in the trash and buy a new one before I gave those criminal fuchs a dime. ...and MOAB the MOFOs
If you are not actively engaging EVERY enemy you encounter... you are allowing another to fight for you... and that is cowardice... plain and simple.
|
|
|
|
604 members (01Foreman400, 160user, 1beaver_shooter, 16gage, 007FJ, 16Racing, 60 invisible),
2,958
guests, and
1,265
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
Forums81
Topics1,192,358
Posts18,488,022
Members73,970
|
Most Online11,491 Jul 7th, 2023
|
|
|
|