X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wanna Cry Ransomware Kenya

    Hey T-Spotters

    So, if you have been following what has been happening in the technology world of late, you'll know that there is a cyber attack that is currently happening all around the world.
    The attack carried out by nefarious individuals is a ransomware that encrypts everything on a users computer.
    A ransomware is a malicious software that infects a computer and restricts the user to get access to the computer until a ransom is paid to unlock it.

    So on 12th May the world was introduced to the WannaCry or WannaCrypt0r or WannaDecrypt0r.
    This is a ransomware that targets computers running Windows OS.


    RansomWare like WannaCry works by encrypting most or even all of the files on a user’s computer. Then, the software demands that a ransom be paid in order to have the files decrypted. In the case of WannaCry specifically, the software demands that the victim pays a ransom of $300 in bitcoins at the time of infection. If the user doesn’t pay the ransom without three days, the amount doubles to $600. After seven days without payment, WannaCry will delete all of the encrypted files and all data will be lost.

    Click image for larger version

Name:	wcry.jpg
Views:	1
Size:	78.7 KB
ID:	7916

    Symantec, the Anti-Virus makers of Norton have released this list of files that are affected by the WannaCry Ransomware.
    Here is the list
    • .123
    • .3dm
    • .3ds
    • .3g2
    • .3gp
    • .602
    • .7z
    • .ARC
    • .PAQ
    • .accdb
    • .aes
    • .ai
    • .asc
    • .asf
    • .asm
    • .asp
    • .avi
    • .backup
    • .bak
    • .bat
    • .bmp
    • .brd
    • .bz2
    • .cgm
    • .class
    • .cmd
    • .cpp
    • .crt
    • .cs
    • .csr
    • .csv
    • .db
    • .dbf
    • .dch
    • .der
    • .dif
    • .dip
    • .djvu
    • .doc
    • .docb
    • .docm
    • .docx
    • .dot
    • .dotm
    • .dotx
    • .dwg
    • .edb
    • .eml
    • .fla
    • .flv
    • .frm
    • .gif
    • .gpg
    • .gz
    • .hwp
    • .ibd
    • .iso
    • .jar
    • .java
    • .jpeg
    • .jpg
    • .js
    • .jsp
    • .key
    • .lay
    • .lay6
    • .ldf
    • .m3u
    • .m4u
    • .max
    • .mdb
    • .mdf
    • .mid
    • .mkv
    • .mml
    • .mov
    • .mp3
    • .mp4
    • .mpeg
    • .mpg
    • .msg
    • .myd
    • .myi
    • .nef
    • .odb
    • .odg
    • .odp
    • .ods
    • .odt
    • .onetoc2
    • .ost
    • .otg
    • .otp
    • .ots
    • .ott
    • .p12
    • .pas
    • .pdf
    • .pem
    • .pfx
    • .php
    • .pl
    • .png
    • .pot
    • .potm
    • .potx
    • .ppam
    • .pps
    • .ppsm
    • .ppsx
    • .ppt
    • .pptm
    • .pptx
    • .ps1
    • .psd
    • .pst
    • .rar
    • .raw
    • .rb
    • .rtf
    • .sch
    • .sh
    • .sldm
    • .sldx
    • .slk
    • .sln
    • .snt
    • .sql
    • .sqlite3
    • .sqlitedb
    • .stc
    • .std
    • .sti
    • .stw
    • .suo
    • .svg
    • .swf
    • .sxc
    • .sxd
    • .sxi
    • .sxm
    • .sxw
    • .tar
    • .tbk
    • .tgz
    • .tif
    • .tiff
    • .txt
    • .uop
    • .uot
    • .vb
    • .vbs
    • .vcd
    • .vdi
    • .vmdk
    • .vmx
    • .vob
    • .vsd
    • .vsdx
    • .wav
    • .wb2
    • .wk1
    • .wks
    • .wma
    • .wmv
    • .xlc
    • .xlm
    • .xls
    • .xlsb
    • .xlsm
    • .xlsx
    • .xlt
    • .xltm
    • .xltx
    • .xlw
    • .zip
    As you can see the Ransomware affects nearly all important files that a user could possibly have. The virus then installs a text file on the users desktop asking them to pay for their files to be decrypted.

    Click image for larger version

Name:	2cry.png
Views:	1
Size:	11.5 KB
ID:	7917

    If you are looking for someone to blame, well, You can thank the NSA for discovering the “EternalBlue” exploit that would later be used by the WannaCry trojan, and then for keeping under wraps to use for its own intelligence gathering purposes. The security hole was then made public last month when a group of hackers called Shadow Brokers released the details of the exploit to the public.
    The Communications Authority of Kenya (CAK) through the National Kenya Computer Incident Response Team Coordination Center released a press statement to discourage people from paying the ransom in case they are attacked and advised the public to ensure their Windows devices are up to date.
    If you want to protect your system you should:
    • Keep your most important files backed up off-line so that in the event you are attacked, you can safely restore your files.
    • Ensure that you have an updated and working anti-virus software for your PC.
    • This is very important, but it really should apply all the time, AVOID CLICKING ON LINKS OR OPENING ATTACHMENTS FROM EMAIL SOURCES THAT YOU DON'T KNOW!!!
    • Do not download anything that you are not sure of its content.
    Sadly, there is no fix for WannaCry available at this time. Antivirus companies and cybersecurity experts are hard at work looking for ways to decrypt files on infected computers, but no means of third-party decryption are available right now. Hopefully affected users have backups of their data available, because the only other option right now is to follow the instructions offered in the software to pay the ransom.

    If you want to read more about the attacks you can check out this links:
    Symantec https://www.symantec.com/connect/blo...cry-ransomware
    About the guy who slowed down the spread of the ransomware https://www.malwaretech.com/2017/05/...r-attacks.html

    So, be careful out there guys .
    Cheers.



  • #2
    long note, but thanks for the head up

    Comment


    • #3
      thanks so much

      Comment


      • lewismathu
        lewismathu commented
        Editing a comment
        You are welcome.

    • #4
      thanks

      Comment


      • #5
        Thanks that was timely and explanatory information.<br />
        keep it up!!<br />
        ዳንኤል

        Comment


        • lewismathu
          lewismathu commented
          Editing a comment
          Thank you.

      • #6
        Thanks

        Comment


        • #7
          I know now, thanks for the info

          Comment


          • #8
            Nice info

            Comment

            Advanced Options
            Working...
            X
            Download the App for a More Fluid Experience
            DOWNLOAD