FYI Latest Virus: WannaCry ransomware

Started by Professor Marvel, May 14, 2017, 01:23:03 AM

Previous topic - Next topic

Professor Marvel

WannaCry ransomware running wild.

Microsnot even cut a patch for Win XP !

Here is the U.S. CERT link https://www.us-cert.gov/ncas/alerts/TA17-132A

be careful out there

yhs
prof marvel
Your Humble Servant

praeceptor miraculum

~~~~~Professor Algernon Horatio Ubiquitous Marvel The First~~~~~~
President, CEO, Chairman,  and Chief Bottle Washer of


Professor Marvel's
Traveling Apothecary
and
Fortune Telling Emporium


Acclaimed By The Crowned Heads of Europe
Purveyor of Patent Remedies, Snake Oil, Powder, Percussion Caps, Cleaning Supplies, Dry Goods,
and
Picture Postcards

Offering Unwanted Advice for All Occasions
and
Providing Useless Items to the Gentry
Since 1822
[
Available by Appointment for Lectures on Any Topic


Professor Marvel

Update -

FYI this virus is one of the RANSOMEWARE dealies. It encrypts everything on your hard drive and then demands $300 or more in
untraceable internet money aka BITCOINS.

This is mainly spread thru email that looks like it's from someone you know or have already corresponded with.
that's one of the cute tricks in this delivery: the Bad Guys apparently bought the user data that was hacked from Yahoo Mail about 2+ years ago. they used the address books to "spoof" the ID of the sender to look like, say , my yahoo email address, then used the adress book to send the virus  to people "I" would know and have sent email to.   

Fortuantely I taught Mrs Marvel and my friends well - they looked at the raw email, saw the link was obfuscated , and THEN noticed it was my old, now dead and abandonned yahoo email adress that had been previously stolen!

Oh yeah, they also tried sending me several emails that look almost exactly like an official email from amazon or paypal.
But I could tell, and forwarded them to the appropriate authorities.

That's one reason why I stopped using server-based adress books . If you use a local machine-based email reader and local address books & etc, lilke Mozilla Thunderbird, it keeps MORE of your stuff off the "cloud" ... which we can see is so easily compromised.

The patches are all well and good, but they only come out AFTER a virus or worm attack. Closing the door after the horses ran off.
If you run your browser and email INSIDE a service like SANDBOXIE anything a virus can do inside sandboxie is stuck inside that "sandboxed area" - it  can collect passwords you used in the sandbox or use your email from inside the sandbox, but it can't
affect your harddrive.

yhs
prof marvel
Your Humble Servant

praeceptor miraculum

~~~~~Professor Algernon Horatio Ubiquitous Marvel The First~~~~~~
President, CEO, Chairman,  and Chief Bottle Washer of


Professor Marvel's
Traveling Apothecary
and
Fortune Telling Emporium


Acclaimed By The Crowned Heads of Europe
Purveyor of Patent Remedies, Snake Oil, Powder, Percussion Caps, Cleaning Supplies, Dry Goods,
and
Picture Postcards

Offering Unwanted Advice for All Occasions
and
Providing Useless Items to the Gentry
Since 1822
[
Available by Appointment for Lectures on Any Topic


© 1995 - 2024 CAScity.com