Skip to main content

Here's what a VPN can't protect you from (but you need to use it)

The abbreviation " VPN " has slowly become established among average Internet users, which is certainly good, but the problem is that people have started to see VPN as the ultimate solution to all problems.

How to protect yourself from the Ransomware WannaCry virus that has shaken the world ?!

How to protect yourself from the Ransomware WannaCry virus that has shaken the world ?!

Ransomware Wana Decryp0r, also known as WCry, WannaCry, and WannaCrypt, is a virus that has traveled the world and infected hundreds of thousands of computers in 99 countries.

This virus is known to us before, but it was not so widespread. During the weekend, the virus broke out and infected many computers, including the computers of health institutions in the UK, which made it impossible for their systems to function properly.

But the virus does not choose, so it attacks computers from average users to the Russian Ministry of Internal Affairs. However, they protected themselves in time and thus infected "only" 1,000 computers, which is less than one percent of the computers they use.

How to protect yourself from the Ransomware WannaCry virus that has shaken the world ?!

WannaCry has spread so rapidly thanks to a tool created by the National Security Agency (NSA) that was released last month by the public hacker group Shadow Brokers. This tool works by providing access to a computer via the SMBv1 protocol.

The virus first downloads the TOR client and places it in the TaskData folder. It communicates with the management server using the client's TOR. Then, it encrypts the files on the computer and adds the.WNCRY extension to them, and in the encrypted folder creates the file @ Please_Read_Me @ .txt which contains questions and answers and the file @ WanaDecryptor @ .exe

Then, WannaCry deletes Shadow Volume Copies and disables Windows startup recovery, and clears Windows Server backup history. Finally, Wana Decryptor 2.0 is displayed with information on how to pay the ransom. The victim is promised that the files will be returned if he pays $ 300 in bitcoins. If you do not pay on time, the amount increases.

How to protect yourself?

Because of the way WannaCry is expanding, Microsoft has released patch updates for older versions of Windows, including Windows XP, Windows 8, and Windows Server 2003. A month ago, MS released an update (MS17-010) for current versions of Windows, ie. Windows Vista, Windows 7, Windows 8.1, Windows 10, and Windows Server 2008/2012/2016.

If you are using an older version of Windows and you are not sure if you have received a security update for this virus, you can download and install it manually from THIS link.

Manually disable SMBv1:

  1. Control panel \ Programs \ Programs and functions
  2. Turn Windows features on or off
  3. Disable "SMB 1.0" in the list
  4. Save and restart your computer
Manually disable SMBv1:

To check if SMBv1 is disabled, open CMD (win + r> cmd> enter), copy this code and type enter:

Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol

To check if SMBv1 is disabled, open CMD (win + r> cmd> enter), copy this code and type enter:

The first item should be "False" and the second "True". This means that v1 is disabled and v2 is enabled. If v2 is not enabled, run this command:

Set-SmbServerConfiguration -EnableSMB2Protocol $ true

More detailed instructions on the Microsoft site - link.

WannaCry is currently being stopped by a person signing up online as  MalwareTech. How? He looked at the virus and found an interesting domain iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com which registered for ten dollars and thus extinguished this virus.

The way this "switch" work is simple: WannaCry checks every time it starts to see if the domain is registered, if not - it continues to run. When MalwareTech registered the domain, the virus stopped spreading and thus permanently disabled the spread of this version of the virus. But, he warns that this solution is only for that version, hackers only need to change a piece of code and run the virus again.

Therefore, the best solution is to update your system regularly and use an updated Antivirus. Avast says that their anti-virus has a "software behavior" protection module and can detect this virus in time, and the module is available in all versions, even free.

You can view the current map of infected computers at this link:

https://intel.malwaretech.com/botnet/wcrypt

Comments

Popular this month

New Google mobile internet saving application - Datally

I wrote an article on how to save internet traffic on an Android device and I suggested the Onavo Extend and Opera Max apps because they were the most popular back then. Meanwhile, Opera Max has been discontinued and Onavo has been completely redesigned and is now a VPN application with the option to save internet traffic. Their compression technology is probably now used by Facebook in its application because they bought Onavo - link . Google has decided to seize the opportunity and "push" with a new application called " Datally ".

SOPA and PIPA are slowly losing support, the protest yielded results

Controversial U.S. anti-piracy laws, known by the acronyms SOPA and PIPA lost the support of eight members of Congress after major protests by the Internet community. Support was denied, among others, by Marco Rubio of Florida, a rising star of the Republican Party, and his party colleague Roy Blunt of Missouri - who were among the signatories of the bills.

How to change IMEI number on Android phone?

IMEI is an abbreviation of "international mobile equipment identity" and each mobile phone should have a unique IMEI number. You cannot change this number with the operator, but you can temporarily change it on your device. It allows the operator to accurately identify your device and thus enable/disable network services. Also, you can use the possibility of changing the IMEI number, at least for a short time, if you know exactly what you want, but I leave those ideas to you because this is an educational article.

Twitter is celebrating its sixth birthday

Exactly six years ago, one of the founders of Twitter posted his first tweet - " just setting up my twttr ". Although the popularity of this service was modest in the first few years, today Twitter has over 500 million users who send tweets, and messages 140 characters long.

Wireless phone chargers - where, which and how to buy?

Wireless chargers are purchased separately from the device itself, and the user often does not know which Wireless charger to buy or where. Of course, they can be bought from us, not everywhere, but some stores sell them,  which I already wrote about .