Skip to comments.'Accidental hero' halts ransomware attack and warns: this is not over
Posted on 05/13/2017 9:52:01 AM PDT by Leaning Right
The accidental hero who halted the global spread of an unprecedented ransomware attack by registering a garbled domain name hidden in the malware has warned the attack could be rebooted.
...the spread of the attack was brought to a sudden halt when one UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and inadvertently activated a kill switch in the malicious software.
(Excerpt) Read more at theguardian.com ...
THANK YOU! I’ve been yelling into the wind about this since March. MS17-010 is the main update. Do NOT think you are safe if you have Windows update turned off. Everyone thinks they’re “giving it” to Microsoft by turning off Windows update, when in reality, you’re part of the problem.
For those of us who do not want Windows 10, will an update force it upon us?
I am running GWX Control Panel, fwiw
Running a 10.68 on a MacMini ... sorry for your troubles ...
> For those of us who do not want Windows 10, will an update force it upon us? <
Good question. And another good question is what should people who are still running XP or Vista do? Both of those questions are above my pay grade. I hope some experts here on FR will weigh in.
But the article says that this particular malware is spread by cleverly-worded emails. So the old rule applies. Don’t open suspicious emails.
And now be more suspicious than ever.
Anybody behind these type of attacks need to be found, then publicly tortured on pay per view.
“Internet is Down” ping to the list?
> Running a 10.68 on a MacMini ... <
i think you tagline kind of applies here.
Vista users need to run their Microsoft update even if it’s set for automatic...run it again anyway.
Windows users ARE the problem.
> Vista users need to run their Microsoft update even if its set for automatic... <
It’s my understanding that Microsoft no longer updates Vista (or XP). Am I correct?
Vista and XP are no longer supported by MSFT, so there aren’t any security patches available. Their users are in extreme danger.
Some of the commercial security programs such as Malwarebytes offer protection in their “premium” (paid) versions but users of free security software may not be protected.
Mine is on automatic update..but I’ve been running the Microsoft updater steady now for a good part of the morning and surprised how much better my computer is running.
Could it be Microsoft simply isn’t doing automatic updates on some computers or failed to include certain updates? I have a Vista and really quite surprised the improvement just by running the updater .......
I'm praying the journalists' who wrote this did NOT use real names...
People receive an email, open it, and then click on an attachment.
Unless the original email is a brilliantly created fake from FedEx or some other widely used and completely trusted source, why would anyone click on the attachment?
And why would any large and vital institution like the British Health Service not scan attachments before they open?
My home and business computers use Microsoft Outlook and McAfee security, and they automatically scan every attachment the first time they open.
And why the emphasis on this particular ransomware being something developed by the NSA?
There are dozens of ransomware programs.
Don't open attachments from strangers or visit websites that fail your security scan.
“THANK YOU! Ive been yelling into the wind about this since March. MS17-010 is the main update. Do NOT think you are safe if you have Windows update turned off. Everyone thinks theyre giving it to Microsoft by turning off Windows update, when in reality, youre part of the problem.”
this “patch” business is nonsense.
ransomware programs execute as ordinary programs that need neither privileged access nor a “security hole” in order to function. They run just fine even in a limited user account that has zero privileged access. So I really don’t know what all of this “patch” nonsense is about.
For any windows system that has been “patched” or not, all one has to do is stupidly click the wrong link (or even worse, stupidly open an attachment) in an email and any ransomware program therein will land in the user’s temp file area and automatically execute, accessing every user data file with designated filetypes, reading said files and then writing them back with an unbreakable encryption.
If one has file shares that said user can access and/or usb attached files, then those get encrypted as well.
This has been going on for years. I had one client where one click of one email link encrypted every file on every file share for her entire business.
so-called antivirus programs basically just recognize signature patterns in the virus executable and if they haven’t seen a particular signature before then they are helpless.
microsoft systems are inherently insecure no matter how many “patches” they issue because they allow all users to execute any ordinary program from any location in the user’s file tree. even worse, by default, all users on a microsoft system are supersusers with full privileged access at all times.
microsoft systems can be secured only by making ordinary user accounts limited-privilege accounts by default, and taking all execute privilege from limited users except for programs that have been installed by the system itself into system areas of the file system that are not write-accessible by limited users, but microsoft refuses to do that.
As a consequence, almost all microsoft home systems are riddled with viruses sooner or later and most people find it cheaper to buy a new computer (with a new microsoft operating system and office program) than to have their system restored to factory state, all updates applied, all programs reinstalled and all data copied and restored. Thus, microsoft (and its oem partners) profit enormously from selling grossly unsecured systems, which means selling insecure systems is a deliberate profit-making strategy by microsoft.
Get some bitcoin, you'll need it...
No you misunderstand the intent of the tag line ... sorry for the confusion.
> I have a Vista and really quite surprised the improvement just by running the updater ....... <
I’m a bit confused. I’ve read that Microsoft no longer supports Vista. Yet you ran an updater with some success. Did you do that recently? Please explain, as I have a Vista machine also.
Microsoft came out with a patch for the no longer supported versions XP, Vista.