Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Community
Technology
[Urgent] New Ransomware Windows Exploit
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Logic" data-source="post: 409395" data-attributes="member: 12691"><p>Hello,</p><p></p><p>As most of you have heard, there is a new ransomware windows exploit that has been abused and used infecting 70,000+ computers worldwide and also taking down the UK NHS and Telefonica. During this infection, its been noticed that it abuses Windows 7, Windows Server 2008, Windows Server 2012 via the SMBv1 server. A lot of desktop computers and servers around the world have been and are currently being infected at the moment, including my personal server.</p><p></p><p>First and foremost, if you run on the above operating systems, it's highly recommended to run <strong>Windows Updates</strong> and then the following within <strong>Windows PowerShell</strong>.</p><p>[code]</p><p>Set-SmbServerConfiguration -EnableSMB1Protocol $false</p><p>Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force</p><p>[/code]</p><p></p><p>This should protect you against this malicious software/attack.</p><p></p><p><strong>What is Ransomware?</strong></p><p>Ransomware is a very dangerous type of malware that stops you from using your PC. It holds your PC or files for "ransom". There are different types of Ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something like pay money (a “ransom”) to get access to your PC or files. They can target any PC users, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider.</p><p></p><p><strong>Ransomware can:</strong></p><ul> <li data-xf-list-type="ul">Prevent you from accessing Windows.</li> <li data-xf-list-type="ul">Encrypt files so you can't use them.</li> <li data-xf-list-type="ul">Stop certain apps from running (like your web browser).</li> </ul><p>Personal screenshot from my VNC of my server: <a href="https://imgur.com/MNavgST" target="_blank">https://imgur.com/MNavgST</a></p><p></p><p><strong><span style="color: #ff0000">* </span></strong>If you're currently infected like my server is, I'm not sure how to remove the infection. However, it's advised you follow the steps above to prevent the attack. Please also keep updated with this thread in regards to it: <a href="https://www.bleepingcomputer.com/forums/t/646476/wncry-wcry-wanacrypt0r-wana-decrypt0r-ransomware-help-support-topic/" target="_blank">https://www.bleepingcomputer.com/forums/t/646476/wncry-wcry-wanacrypt0r-wana-decrypt0r-ransomware-help-support-topic/</a></p></blockquote><p></p>
[QUOTE="Logic, post: 409395, member: 12691"] Hello, As most of you have heard, there is a new ransomware windows exploit that has been abused and used infecting 70,000+ computers worldwide and also taking down the UK NHS and Telefonica. During this infection, its been noticed that it abuses Windows 7, Windows Server 2008, Windows Server 2012 via the SMBv1 server. A lot of desktop computers and servers around the world have been and are currently being infected at the moment, including my personal server. First and foremost, if you run on the above operating systems, it's highly recommended to run [B]Windows Updates[/B] and then the following within [B]Windows PowerShell[/B]. [code] Set-SmbServerConfiguration -EnableSMB1Protocol $false Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force [/code] This should protect you against this malicious software/attack. [B]What is Ransomware?[/B] Ransomware is a very dangerous type of malware that stops you from using your PC. It holds your PC or files for "ransom". There are different types of Ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something like pay money (a “ransom”) to get access to your PC or files. They can target any PC users, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider. [B]Ransomware can:[/B] [LIST] [*]Prevent you from accessing Windows. [*]Encrypt files so you can't use them. [*]Stop certain apps from running (like your web browser). [/LIST] Personal screenshot from my VNC of my server: [URL]https://imgur.com/MNavgST[/URL] [B][COLOR=#ff0000]* [/COLOR][/B]If you're currently infected like my server is, I'm not sure how to remove the infection. However, it's advised you follow the steps above to prevent the attack. Please also keep updated with this thread in regards to it: [URL]https://www.bleepingcomputer.com/forums/t/646476/wncry-wcry-wanacrypt0r-wana-decrypt0r-ransomware-help-support-topic/[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Community
Technology
[Urgent] New Ransomware Windows Exploit
Top