[3rd Update]WCry ransomwsre has possible links to Lazarus Group & PRNK

[Eniqmatic]

11 minutes ago, Slyhawk said:

Where is the update for Win7 can't seem to find it.

All the updates are here:

 

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

[Eniqmatic]

1 hour ago, TheReal1980 said:

This is the problem with Windows. Because so many use them they are more likely to get problems like this. This is one of many reasons why I use Macs for my business as I want to minimize the risks and the "Apple Tax" is fine as I gladly pay it.

That is a pretty strange business decision to say the least, and one that could be viewed in more ways than one. What if I said to you that you could be viewed to less at risk, as these kind of vulnerabilities could take much longer to be discovered on MacOS because less people use them? Meaning you could be at risk for much longer.

 

Not saying this is the case, but saying there is two sides to the coin.

[DimasRMDO]

"Why don't you submit your work on time?"
"Ransomware attack sir...."

---

Anyway I just did system backup, f*ck me.

[Bouzoo]

6 hours ago, leadeater said:

Well Microsoft seems rather pissed off at the NSA/CIA, this is from the President and Chief Legal Officer of Microsoft.

 

https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/

Fool me once, shame on you, fool me twice shame on me. You really hate black theme users. Can't deny it. 

[Foxxer]

I'm starting to think that Microsoft is making all this so they could push creators update.

[vorticalbox]

10 minutes ago, Foxxer said:

I'm starting to think that Microsoft is making all this so they could push creators update.

that would be stupid, this is damaging trust in the platform not building it. 

[Ryujin2003]

10 minutes ago, vorticalbox said:

that would be stupid, this is damaging trust in the platform not building it. 

 Lost trust in those who didn't have trust and confidence in Microsoft with updates? Our didn't have Trust in Microsoft's decision to dump old OS's? Considering the vulnerability had already been patched in W10, i don't really blame Microsoft.

 

I'm not a business owner so I cannot say exactly how any trust has been lost from businesses; however, the company work for hasn't been rocked. We were proactive in fixing vulnerabilities. Yes, upgrading servers can be a pain in the butt; however,  the alternative isn't much better.

[Master Disaster]

15 minutes ago, vorticalbox said:

that would be stupid, this is damaging trust in the platform not building it. 

Well it would be if MS weren't basically pointing a giant arrow at the NSA HQ right now.

[jagdtigger]

21 minutes ago, vorticalbox said:

that would be stupid, this is damaging trust in the platform not building it. 

You still trust in MS? Bad choice...

[rn8686]

23 hours ago, jagdtigger said:

You still trust in MS? Bad choice...

No one does, but trying to blame them is stupid. If they wanted to abandon win 7 and XP completely, then they wouldn't have given it an emergency patch. What your saying has no proof and is pure conspiracy. 

[leadeater]

2 hours ago, Bouzoo said:

Fool me once, shame on you, fool me once shame on me. You really hate black theme users. Can't deny it. 

Hate would imply intent, I just don't think about that at all .

[ObscureMammal]

This guy demo's WanaCrypt0r 2.0 (NHS Ransomware) on a VM

 

 

 

[The Benjamins]

@Master Disaster

 

Here are the 3 know BTC address if you want to add it to the OP. 

 

we can watch the money flow.

https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

[goodtofufriday]

Looking at the tracker it seems its starting to hit America as businesses open up from the weekend. Came in early, made sure every pc was updated, disabled smb1 on all servers, and removed it off all clients. 

 

https://intel.malwaretech.com/botnet/wcrypt

[Foxxer]

4 hours ago, vorticalbox said:

that would be stupid, this is damaging trust in the platform not building it. 

MS = Transparency much

[mynameisjuan]

7 hours ago, TheReal1980 said:

This is the problem with Windows. Because so many use them they are more likely to get problems like this. This is one of many reasons why I use Macs for my business as I want to minimize the risks and the "Apple Tax" is fine as I gladly pay it.

you do realize ransomware affects Macs too right?....Paying more doesnt protect you.

 

This is not an argument of windows vs mac. This is about people keeping their shit up to date. 

[79wjd]

3 minutes ago, mynameisjuan said:

you do realize ransomware affects Macs too right?....Paying more doesnt protect you.

 

This is not an argument of windows vs mac. This is about people keeping their shit up to date. 

macOS is susceptible to malware and ransomware as well, however his point is that there is less of it due to Windows exploits being more profitable.

[TAHIRMIA]

Just now, mynameisjuan said:

you do realize ransomware affects Macs too right?....Paying more doesnt protect you.

 

This is not an argument of windows vs mac. This is about people keeping their shit up to date. 

 

I second this. It is still possible for developers to create this on OSX it's just that majority of the market are on windows so when people are making it they mostly prioritise it for windows. But the developers who want to get everyone would even create a Linux version

[AnonymousGuy]

Can someone answer this question:

 

Can your system get infected "just sitting there" on its own, or does someone on your network have to get compromised first thru email / whatever?  No article I've read explains whether you need to be worried if you know all the computers on your network.

[leadeater]

4 minutes ago, AnonymousGuy said:

Can someone answer this question:

 

Can your system get infected "just sitting there" on its own, or does someone on your network have to get compromised first thru email / whatever?  No article I've read explains whether you need to be worried if you know all the computers on your network.

If there is no system exposed to the internet for SMB (tcp 445) then you would need that initial infection point triggered by human error, after that it will spread across the network.

 

Edit:

This is why you should NEVER port forward SMB ever, use a VPN or RDP or anything just never expose SMB to the internet.

[TAHIRMIA]

Just now, AnonymousGuy said:

Can someone answer this question:

 

Can your system get infected "just sitting there" on its own, or does someone on your network have to get compromised first thru email / whatever?  No article I've read explains whether you need to be worried if you know all the computers on your network.

 

AFAIK it just searches for anything connected to the internet with the EnternalBlue exploit and then it tries to exploit it.

[mynameisjuan]

9 minutes ago, djdwosk97 said:

macOS is susceptible to malware and ransomware as well, however his point is that there is less of it due to Windows exploits being more profitable.

Actually if you are not logged in as a admin (like unix), keep your system up to date and have AV (or atleast keep defender up to date and running), windows is pretty close to as safe and secure. Most infections are from out of date pcs running full admin access. But since people dont follow basic security rules, yeah it happens way more on windows. 

 

 

[AnonymousGuy]

13 minutes ago, leadeater said:

If there is no system exposed to the internet for SMB (tcp 445) then you would need that initial infection point triggered by human error, after that it will spread across the network.

 

Edit:

This is why you should NEVER port forward SMB ever, use a VPN or RDP or anything just never expose SMB to the internet.

My ISP looks like they don't pass thru port 445 anyways.  We're good.

[79wjd]

15 minutes ago, mynameisjuan said:

Actually if you are not logged in as a admin (like unix), keep your system up to date and have AV (or atleast keep defender up to date and running), windows is pretty close to as safe and secure. Most infections are from out of date pcs running full admin access. But since people dont follow basic security rules, yeah it happens way more on windows. 

 

 

I'm not even commenting on the security of either platform (and neither was @TheReal1980)......Less people use macOS. Less businesses use macOS. Developing an attack against macOS is less profitable. Therefore there are less attacks against macOS.

[Zodiark1593]

In the interest of security, I shall sacrifice a couple GB of my data plan and update my systems.