The WannaCry Ransomware Attack across 150 Countries.


Ransomware

Ransomware is a type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it.Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. It may also Encrypt Master File Table (MTF) or the entire hard drive.

WannaCry Ransomware

The WannaCry Ransomware is basically developed by the WannaCry Team. Over 150 countries all over the world Including India is also affect cyberattack by the WannaCry ransomware cryptoworm (also known as WanaCrypt0r 2.0) which targets computers running the Microsoft Windows operating system, encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.

[img]https://3.bp..com/-zUIp-h3hKl4/WR0Dg3kWpAI/AAAAAAAAAKk/OU-5rNqdshk33YnRKBGsIP4IXH4WVcQhQCLcB/s1600/Wana_Decrypt0r_screenshot.png[/img]

The Ransomware campaign was unprecedented in scale according to Europol, which estimates that around 200,000 computers were infected across 150 countries. According to Kaspersky Lab, the four most affected countries were Russia, Ukraine, India and Taiwan.

Microsoft released a statement recommending users install update MS17-010 to protect themselves against the attack. In an unusual move, the company also made security patches available to the general public for several out-of-support versions of Windows, including Windows XP, Windows 8 and Windows Server 2003.
Coding

Although cybersecurity companies Kaspersky Lab and Symantec have both said the code has some similarities with that previously used by the Lazarus Group, (believed to have carried out the cyberattack on Sony Pictures in 2014 and a Bangladesh bank heist in 2016 – and linked to North Korea), this may be either simple re-use of code by another group, or an attempt to shift blame – as in a false flag operation.

How to protect your System from the Ransomware attack

The WannaCry Ransome ware affect the Microsoft windows due the vulnerability in the microsoft windows. the latest update of microst soft includes the patch of the WannaCry Ransomware. So, the best and the easy way to protect your system from it is to update it to the latest version of Microsoft Windows if you have a genuine (Purchased) windows otherwise follow the steps down below

Wanna Cry Ransomware Guidelines to stay safe :

Be careful to click on harmful links in your emails.
Be wary of visiting unsafe or unreliable sites.
Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
Keep your files backed up regularly and periodically.
Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
Use anti virus and Always make have the last update.
Make sure your windows have the last update close the gap.
The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open.
if you did no't update your windows just turn off SMP

There are two methods to turn off SMP manually or Tools .

First Method :
Control Panel\Programs\Programs and Features.
Remove check Box SMB1.0/CIF Filse Sharing Support.
you must be restart your computer.
Second Method :

Download the SMB2 Diabler Tool

1. Run as Administrator.
[img]https://fud.community.services.support.microsoft.com/Fud/FileDownloadHandler.ashx?fid=7801eddb-2e65-4402-a4f2-b3b329c17c04[/img]

2. First check if the Features is turn on !. when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it
[img]https://fud.community.services.support.microsoft.com/Fud/FileDownloadHandler.ashx?fid=4be64f6b-ffa3-4c0c-a09e-e5aff273e3e8[/img]

3. SMB2 IS currently disabled.

[img]https://fud.community.services.support.microsoft.com/Fud/FileDownloadHandler.ashx?fid=4f89eee4-d6e6-4da5-89f3-36dbc4c4bfa6[/img]

4. You must be restart your computer.

Done! Now you are safe.

Don't forget to share this to your friends and protect them from the Ransomware attack.


-Sources taken from Wikipedia and Microsoft

Another form of fraud
mkmyers45 UjSizzle