Author Topic: World hacker attack in progress  (Read 15813 times)

0 Members and 1 Guest are viewing this topic.

Offline ehmen

  • Poster
  • *
  • Posts: 498
Re: World hacker attack in progress
« Reply #30 on: May 15, 2017, 01:11:53 AM »
1) Does Avast protect against this ransomware?
2) Does is require the victim to download some kind of file, or can it infect a device even without that?

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: World hacker attack in progress
« Reply #31 on: May 15, 2017, 01:15:14 AM »
Ehmen, go read the posts in this thread (and the others about this subject) and go read the links that have been posted.

Offline ehmen

  • Poster
  • *
  • Posts: 498
Re: World hacker attack in progress
« Reply #32 on: May 15, 2017, 04:16:31 AM »
Having this patch makes one immune to the threat, or it just reduces the chances of getting it?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37504
  • Not a avast user
Re: World hacker attack in progress
« Reply #33 on: May 15, 2017, 07:16:39 AM »
Having this patch makes one immune to the threat, or it just reduces the chances of getting it?
https://forum.avast.com/index.php?topic=52252.msg1394233#msg1394233


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: World hacker attack in progress
« Reply #34 on: May 15, 2017, 07:46:36 AM »
But no-one here saw a link with the new positioning of Microsoft in the market. Recent blocking of torrenting, no more right to tinker (resource hacking), making the switch to linux harder: https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_boot_criticism

First they had to fear the anti-monopoly EU measures that guaranteed  browser choice for you end-user. Now they come with more of the same or you have to pay for the Premium version. The globalists dictating on your choice, your freedom of information.
All platforms are gonna look the same like on an android and not everyone can afford a Mac or Premium Windows.

Just a couple more of these NSA inspired cybercriminal ransomeware attacks and they can further their agenda(s) much easier.
Dumb down the masses and feed them more of the same, away with Modern Renaissance, hello back Dark Feudal Middle Ages.
Time for the Rise of Dajjal  :o

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: World hacker attack in progress
« Reply #35 on: May 15, 2017, 12:04:13 PM »
‘Like letting Tomahawk missiles get stolen’: Microsoft slams NSA mishandling of exploits

  https://www.rt.com/usa/388374-microsoft-ransomware-tomahawk-attack/

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: World hacker attack in progress
« Reply #36 on: May 15, 2017, 02:19:59 PM »
Just stumbled unto this info online: Hi,

Just to have it stopped before anything can do it's work:
In powershell and leave powershell open:
https://gist.github.com/N3mes1s/afda0da98f6a0c63ec4a3d296d399636

$createdNew = $False;
$mutex = New-Object -TypeName System.Threading.Mutex($true, "MsWinZonesCacheCounterMutexA", [ref]$createdNew);

It blocks the process that encrypts.

Infocredits go to: Alex Warmerdam

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: World hacker attack in progress
« Reply #37 on: May 15, 2017, 03:58:21 PM »
For good explanation of how it works see this
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: World hacker attack in progress
« Reply #38 on: May 16, 2017, 03:18:46 PM »
Block those WannaCry IP's: https://secure.dshield.org/forums/diary/WannaCry+Do+your+own+data+analysis/22424/

List:
'188.166.23.127','91.219.236.222','46.101.166.19','193.23.244.244','62.210.124.124','2.3.69.209',
'144.76.92.176','91.121.65.179','146.0.32.144','148.244.38.101','91.219.237.229','50.7.161.218',
'149.202.160.69','217.79.179.177','87.7.10.93','163.172.149.155','212.47.232.237','192.42.115.101',
'171.25.193.9','81.30.158.223','178.62.197.82','195.22.26.248','79.172.193.32','212.47.244.98',
'197.231.221.221','38.229.72.16','5.35.251.247','198.96.155.3','46.101.166.19','128.31.0.39',
'213.61.66.117','23.254.167.231'


polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: World hacker attack in progress
« Reply #39 on: May 16, 2017, 04:31:28 PM »
I have to say that trying to block individual IPs which are likely to be constantly changing is like trying to shoot a moving target. Unless there is some form of updated browser add-on, trying to update these manually is a bit crazy.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: World hacker attack in progress
« Reply #40 on: May 16, 2017, 06:18:28 PM »
Hi DavidR,

Yes, know there are other ways to skin this proverbial animal, but as I stumbled upon the IP blocking by DShield, I would not like to have the info withheld from our users, just to be complete on the Wannacry related info and some here may appreciate this info. I know some of our good friends on these forums  here are into IP blocking. That's all and why.

Damian

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: World hacker attack in progress
« Reply #41 on: May 18, 2017, 11:34:04 PM »
Decryptor tool for WannaCry-ransomeware on XP: https://github.com/aguinet/wannakey

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: World hacker attack in progress
« Reply #42 on: May 20, 2017, 04:17:15 PM »
Going over the Ooniprobe censorship and blocking reported IPs:
http://money.cnn.com/2017/02/08/technology/ooniprobe-censorship-mobile-app/ 

I stumbled upon this in Germany:
https://explorer.ooni.torproject.org/measurement/20170520T002129Z_AS680_bOmWCjhuoFhTdDyTbkO5o7QsVTzozuSQLhW0RebwGY2GsqStrN?input=128.31.0.39:9131

setting out clearly that the initial NSA tools were being positioned against tor-users, read also this:

https://security.stackexchange.com/questions/42751/attack-on-tor-with-stolen-private-keys-of-main-nodes

See also: https://otx.alienvault.com/indicator/ip/128.31.0.39/http://www.malware-traffic-analysis.net/2015/09/18/index.html
and this report: http://trapx.com/wannacry-thoughts-and-threat-intelligence/  (info credits for links by, Moshe Ben Simon, VP ofServices and TrapX Labs, StackOverflow's trankvilezator on insider NSA attacks against the general public's infrastructure.

Now after this has been going on for 5 years, we all should be aware what the proliferation of such official guv malware used in these actions has brought us all: threats and threats and new threats. These spooks have turned the Interwebs in an even more insecure place for all users.

polonus
« Last Edit: May 20, 2017, 04:18:46 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: World hacker attack in progress
« Reply #43 on: May 21, 2017, 05:06:51 PM »

WannaCry - Don't get caught, be prepared.
https://youtu.be/6Ad-eXoQVIk


WannaCry - An Easy Fix
https://youtu.be/1p62X8MBpF4
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: World hacker attack in progress
« Reply #44 on: May 21, 2017, 06:27:02 PM »
Hi bob3160,

Apparently mankind does not learn from history. This should never have happened after what we remember of the Blaster disaster.
It still did. There were people that were willingly sitting on exploits, they better had shared with the community to be patched.
And I asume also in the AV industry there is insecurity that has not been shared with those it should have been shared with.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!