Cyber attack alert! Malware ‘Wannacry’ is spreading: Know all about it

1487017434-9808.jpg
 
Nearly 100 countries, including India, have been hit by a massive cyber-attack, which, according to experts, was carried out with the help of “cyber weapons” stolen from the US’ National Security Agency. The cyber attack was first reported from Sweden, Britain and France, US media outlets reported. Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files.It has been reported that a new ransomware, “Wannacry”, is spreading widely. Wannacry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems. This exploit is named
 
According to cyberswachhtakendra, the file extensions that malware ‘Wannacry’ is targeting contain certain clusters of formats like:
 
Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi).
Less common and nation-specific office formats (.sxw, .odt, .hwp).
Archives, media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)
Emails and email databases (.eml, .msg, .ost, .pst, .edb).
Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd).
Developers’ sourcecode and project files (.php, .java, .cpp, .pas, .asm).
Graphic designers, artists and photographers files (.vsd, .odg, .raw, .nef, .svg, .psd).
Encryption keys and certificates (.key, .pfx, .pem, .p12, .csr, .gpg, .aes).
Virtual machine files (.vmx, .vmdk, .vdi).After infecting, this Wannacry ransomware displays following screen on infected system:
1494673456-1144.jpg
 
Ransomware is writing itself into a random character folder in the ‘ProgramData’ folder with the file name of “tasksche.exe” or in ‘C:\Windows\’ folder with the file-name “mssecsvc.exe” and “tasksche.exe”.
Ransomware is granting full access to all files by using the command:
Icacls . /grant Everyone:F /T /C /Q
Using a batch script for operations:
176641494574290.bat
 
It also drops a file named !Please Read Me!.txt which contains the text explaining what has happened and how to pay the ransom.(READ MORE)

Comments

Post a Comment

Popular posts from this blog

Before Bahubali 2, makers to release Bahubali 1 again

Image
Rana Daggubati and Prabhas are overwhelmed with the response to the trailer of Bahubali 2 Director S S Rajamouli wants the audiences to revisit the world of "Bahubali" before the release of " Bahubali 2: The Conclusion" . Rajamouli today said they are planning to show the first part a week before the second edition hits theatres on April 28. "We are planning to release part one maybe one or two weeks before the release of part two in southern states so people can get back into the narrative," Rajamouli said at the trailer launch of the Hindi version here. Both Rana Daggubati and Prabhas are overwhelmed with the response to the trailer. "The fans are happy with it. It's overwhelming to be a part of the film," Rana said. The Tamil version of the trailer had leaked online hours before its official release and the makers called it "technical glitch". "This particular thing is neither due to leakage or pirac
Read more

Samsung rolls out 'Made in India' privacy app for Galaxy A71, Galaxy A51

Image
  Smartphone maker  Samsung  on Monday said it has rolled out privacy app AltZLife developed at its India R&D centre on select handsets in the country. The app allows users of the Galaxy A71 and Galaxy A51  smartphones  to quickly switch to privacy mode from normal mode by double-clicking the power button and also automatically save images and videos in private folders based on the usage pattern. "The AltZLife feature will be available to the existing as well as new users of Galaxy A71 and Galaxy A51 through a software update on August 10, 2020,"  Samsung  said in a statement. According to a research conducted by Samsung, 79 per cent of generation-Z (those born between mid-90s and early 2000s) users admit to having content such as images, applications and private chats on their  smartphones  that they do not want family or others to see. Samsung  India Senior Director (Mobile Business) Manu Sharma said the app helps eliminate the anxiety that consumers usuall
Read more

Truecaller version 12 with new features for Android users launched

Image
  Swedish caller identification app  Truecaller  on Thursday rolled out its latest version 12 with a new Video Caller ID feature addition, call recording for free users, and a redesigned user interface (UI). A total of five features have been announced as part of the  Truecaller  Version 12 update. " Truecaller  is a vital part of communication for over 22 crore Indians, for both their professional and personal needs. We are humbled by the level of trust people have shown in us but we are also driven by the goal of transforming communication," Rishit Jhunjhunwala, Chief Product Officer and Managing Director, Truecaller India said in a statement. Video Caller ID feature allows users to set a short video that plays automatically when they call friends and family. Users can choose from one of the built-in video templates or record their own video. Another feature is Call Announce. Once enabled, the new optional feature will speak the caller ID for incoming phone calls ou
Read more