Entradas

Mostrando entradas de 2017

WanaCryptor Fix and Recovery

Imagen
What you need to do: If you've not installed the March, April or May Windows Update bundles, do so immediately. It's worth shutting down your system for a few minutes if it gives you a chance to avoid this. If you're still using Windows XP, you're out of luck, but the March and April update bundles should be available to Windows Vista. (UPDATE: Microsoft has released a patch for Windows XP and its server counterpart Windows 2003.)
The ransomware, variably called WanaCryptor 2.0, WannaCry, WCry or WCrypt, seemed to be using an exploit that was developed years ago by the U.S. National Security Agency (NSA) and revealed publicly in a data dump last month. Microsoft secretly patched Windows against the attack in March, but many systems in large organizations had apparently not been updated.
MORE: What Is Ransomware and How Can I Protect Myself?
Global impact Several hospital systems in England reported that their computer screens displayed a message demanding $30…

What is ‘WanaCrypt0r 2.0’ ransomware | How recovery and Fix Wana Decrypt0r 2.0

Imagen
HOW RECOVERY FILES ENCRYPTED BY WANACRYPT0R
We have observed a massive peak in WanaCrypt0r 2.0 (aka WCry) ransomware attacks today, with more than 80,000 detections, so far. According to our data, the ransomware is mainly being targeted to Russia, Ukraine and Taiwan, but the ransomware has successfully infected major institutions, like hospitals across England and Spanish telecommunications company, Telefonica.


Below is a map showing the countries being targeted most by WanaCrpytor 2.0:
how to prevent getting infected by Wana Decrypt0r ? 
We saw the first version of WanaCrypt0r in February and now the ransomware is available in 28 different languages, from languages like Bulgarian to Vietnamese. Today at 8 am CET, we noticed an increase in activity of this strain, which quickly escalated into a massive spreading, beginning at 10 am.
The ransomware changes the affected file extension names to “.WNCRY”, so an infected file will look something like: original_name_of_file.jpg.WNC…