Hospitals, schools, companies and governments around the world were assessing the damage Saturday after a massive cyberattack hit almost 100 countries, infecting computers with malware that demanded ransom payments.
No one has yet claimed responsibility for the worldwide attack, which some experts believe was inspired by a National Security Agency tool kit that was leaked last year.
Antivirus provider Avast reported that some 100,000 computers had been infected by the crippling malware and that the "WanaCrypt0r 2.0," as it is called, ransomware had been detected in 99 countries with Russia, Ukraine and Taiwan the top targets.
More than 20 British hospitals and major companies, including FedEx and Spain's largest telecom, were affected in Friday's hack. British Home Secretary Amber Rudd said 45 public health organizations had been hit and admitted that her officials had no idea who was behind the attack.
Auto makers Renault and Nissan were the latest multinationals to announce their computer systems had been compromised.
In Germany, customer information screens at railway stations were hit but there was no impact on services.
Russia's Interior Ministry also confirmed it had been hit, while Russia's central bank said it had thwarted the attack.
The malicious software — known as the Wanna Decryptor, or WannaCry — locks a system and its files from use unless money is paid to hackers.
The malware typically spreads through email phishing programs and had exploited a known bug in Microsoft Windows' operating system.
Malware on the march!
Moderators: Bakhtosh, EvilHomer3k
- Isgrimnur
- Posts: 82287
- Joined: Sun Oct 15, 2006 12:29 am
- Location: Chookity pok
- Contact:
Malware on the march!
WannaCry?
It's almost as if people are the problem.
- Isgrimnur
- Posts: 82287
- Joined: Sun Oct 15, 2006 12:29 am
- Location: Chookity pok
- Contact:
Re: Malware on the march!
More coming
And there's worse news: At least two new variations of the malware have already been detected.
...
All it takes is for one computer on a network to be infected for all of the computers on that network to be compromised.
While Microsoft had stopped supporting older versions of Windows, it said it is pushing out special automatic updates to those systems to block the worm.
Unfortunately, those so-called legacy systems are disproportionately used by smaller companies with small technology staffs, which are unlikely to have blocked the infection before Microsoft's patch began rolling out, the cybersecurity firm Proofpoint Inc. said.
Even then, Microsoft's updates can be loaded only if a computer is powered back on — something that won't happen for the first time at potentially thousands of companies until Monday.
...
Chinese state media reported Monday that more than 29,000 institutions across the country — including universities, railway stations, hospitals and gas stations — had been infected. It cited the Threat Intelligence Center of Qihoo 360, a Chinese internet security services company.
Japanese broadcaster NTV reported 600 companies in that country had been hit, and automaker Nissan and the Hitachi conglomerate said they were addressing the problem at their units that were affected.
...
Analysts said you should not click the "check payment" or "decrypt" buttons in the popup message. Instead — if you're able to — download and install Microsoft patch MS17-010, available here, which should work on Windows systems going all the way back to Vista.
It's almost as if people are the problem.
- xwraith
- Posts: 1085
- Joined: Mon Mar 21, 2005 6:42 pm
Re: Malware on the march!
Spent the weekend patching all systems, fortunately no issues.
I forgot to call it "a box of pure malevolent evil, a purveyor of
insidious insanity, an eldritch manifestation that would make Bill
Gates let out a low whistle of admiration," but it's all those, too.
-- David Gerard, Re: [Mediawiki-l] Wikitext grammar, 2010.08.06
insidious insanity, an eldritch manifestation that would make Bill
Gates let out a low whistle of admiration," but it's all those, too.
-- David Gerard, Re: [Mediawiki-l] Wikitext grammar, 2010.08.06
- Daehawk
- Posts: 63743
- Joined: Sat Jan 01, 2005 1:11 am
Re: Malware on the march!
Using Win 7 64 thats not been updated in 2 years. Shall see what happens.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
- killbot737
- Posts: 5660
- Joined: Wed Mar 02, 2005 11:19 pm
- Location: Next to America Jr.
Re: Malware on the march!
Get ze patch! And ONLY that patch.Daehawk wrote:Using Win 7 64 thats not been updated in 2 years. Shall see what happens.
There is no hug button. Sad!
- Daehawk
- Posts: 63743
- Joined: Sat Jan 01, 2005 1:11 am
Re: Malware on the march!
I dont trust MS enough to do that. Most likely it will start nagging me to upgrade or will mess something up forcing me to upgrade. Im not leaving Win 7.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
- Blackhawk
- Posts: 43862
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
- Daehawk
- Posts: 63743
- Joined: Sat Jan 01, 2005 1:11 am
Re: Malware on the march!
Perhaps. I just dont think it will bother me. I have been smart enough not to open bad files for 23 years.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
- Moliere
- Posts: 12367
- Joined: Sun Sep 03, 2006 10:57 am
- Location: Walking through a desert land
Re: Malware on the march!
WannaCry and Lazarus Group – the missing link?
The cryptic message in fact refers to a similarity between two samples that have shared code. The two samples Neel refers to in the post are:
A WannaCry cryptor sample from February 2017 which looks like a very early variant
A Lazarus APT group sample from February 2015p
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
- gilraen
- Posts: 4321
- Joined: Wed Sep 04, 2013 7:45 pm
- Location: Broomfield, CO
Re: Malware on the march!
Linux ransomware worm, anyone?
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines.
[...]
While Linux distribution vendors, including Red Hat and Ubuntu, have already released patched versions for its users, the larger risk is that from NAS device consumers that might not be updated as quickly.
Craig Williams of Cisco said that given the fact that most NAS devices run Samba and have very valuable data, the vulnerability "has potential to be the first large-scale Linux ransomware worm."