猎小豹

Learn Tips to Defend YourSelf from WannaCry, a New Ransomware that creates Havoc Worldwide

2019-12-03 20:35:25

CM Security Research Lab warns you to pay extra attention to the news regarding “WannaCry”, a new ransomware that wreaked havoc across the world, putting hundreds of millions of Windows PCs under security risk last night. Windows users are strongly advised to update your PCs  to the most recently released security patch from Microsoft immediately; Otherwise, this ransomware locks up and encrypts files on your computer and asks you to pay a ransom amount of $300.

WanaCrypt0r 2.0 (WannaCry) is a kind of ransomware which infects PCs by locking files and the victims will not be able to unlock them unless a ransom is paid. Unfortunately, there are chances that your files won’t be rescued even if a ransom was paid.

WannaCry is using similar approach used by Equation Group which utilizes Windows SMB remote program to attack security leaks such as EternalBlue and EmeraldThread across various versions of Windows servers.

Microsoft has announced a Windows SMB security update (MS17-010) in March this year. However, severe infections across 11 countries/regions including Russia, UK, Taiwan, Spain, Turkey, Vietnam, Philippines, Japan, Italy, Portugal and Ukraine have been noticed due to the failure of frequent system update. Organizations such as the British National Health Service as well as its hospitals and Telefonica in Spain are suffered from the attack.

As Microsoft  no longer provide security updates or technical support for older versions, and the attack is mainly coming through port 445, we would like to recommend users some self-protection procedures to ensure data safety.

-Disable TCP/IP NetBIOS Helper and server

-Activate Windows Update

-Make sure your software is up-to-date

- Avoid clicking on links or opening attachments in emails from unknown sources