A virus that infects computers using windows 7 and below has stopped HOSPITALS from working. It has encrypted patients info and is preventing people from getting much required healthcare
If discovered who did this they will get life in jail.
Microsoft patched this in early march as an update for windows 10
If running windows 10 you are safe, if not update now
what's the big deal? Just pay it you cheap schmuck, it's not expensive. What's your data worth to you?
It costs $300 in bitcoin.
false flag against cryptocurrencies
how are people stupid enough to enable this to infect their machine?
A pittance when you consider you may be saving a lifetime's worth of important documents!
Per computer, people have tried transferring the dycription service to USB's and it doesn't work.
idk maybe we should give more power to the gov't to protect us
Its not a virus
It uses the leaked SMB godmode exploit from the shadowbrokers leak
The attack has stopped by sinkholing the next C2 domain
The bug was patched months ago
If the people had up to date software, they wouldnt have been a victim
old news.
Many hospitals still use windows 7 especially England. Australia and Canada are barely affected but Russia have been hit the worst. Over 100 countries are infected
6% of all computers world wide
Microsoft should be fined for this. They leave exploits in their OS for the NSA to use, the NSA loses track of their cyberweapons, and then next thing you know everyone is being hit with this shit. Send the bill for 300 bitcoins to microsoft.
Microsoft PATCHED this in March. If people don't update they are at fault, the main problem is it deletes everything on your computer after 7 days.
Which raises another question
How did Microsoft patch when shadow brokers didnt leak until April?
Did they pay for the dump? How did they know? Micorosft stated 'nobody contacted us regarding the shadowbrokers leak' the day it was dumped.
Microsoft seeking to get everyone to "update" to Windows 10 AKA Windows; the spyware platform I see.
Then why do they offer out of band patches for critical vulnerabilities?
Depends on the order of events (i.e. was the patch released first, or the exploit)
MS patch -> NSA discover exploit -> SB leak
vs
NSA discover exploit -> SB leak -> MS patch
It's already been stopped by some 22 year old basement dweller in my country...
Try harder you pathetic cucks.
wrong.
There is evidence the exploit was first used in 2014 by the NSA.
So ~2014-2017 exploit was unknown.
The new SMB exploit wasnt publicly known until April.
NSA didnt discover shit. They buy 90% of their bugs.
It went
NSA discovers vulnerability -> shadow brokers release NSA code -> Microsoft released patch.
He accidentally set off a kill switch by buying the domain used for 8 quid. Pretty funny, but he admitted himself its pretty easy to make a new one since it was only stopped by a self imposed kill switch.
Luckily my dumbass has accidentally wiped my own data multiple times so now I keep my important shit on disconnected powered off external hard drives and also offline from Windows.
Windows patched the vuln in March. Shadowbrokers dump was in April.
I'm running Windows 7 and been keeping up with updates. Am I safe?
So you're only protected if you're running Windows 10?
I'm running 7 and updated like last week.
How can you avoid getting infected with this?
>Doesn't know about code red or the cold storage problems that came with the code red outbreak
it's false-flag for OS development and more government controls
>Not even remotely educating yourself on what scam/virus emails look like.
people this stupid fucking deserve it. any hospital staff falling for this shit should be fired
someone directly penetrating a system's defenses and hacking it from the inside is a completely different case, but all news sources have confirmed that these scams were brought about by opening links and downloads in emails.
Read the thread.
All versions of Windows were affected.
The bug was in SMB.
Microsoft patched this bug in March.
Did you apply the March update?
You are not affected.
Jesus you people are retarded.
It was not a phishing attack.
It used the SMB bug from the shadow brokers leak.
Fair enough. In that case it would be either one party coming clean to MS, or selling it on for a price. SB did reference the kb article in their dump, so I'd question MS's nobody contacted us line.
Wrong again.
Shadowbrokers attempted to sell this data for a hefty price.
Its unknown if anybody bought it, however shadowbrokers stated nobody bought it.
I cant see a scenario where they told Microsoft.
I think Microsoft paid them to get access to the data, or NSA warned microsoft.
More likely Microsoft paid them off IMO
US (and Isreal?) hardly affected - makes you wonder why. That bullshit explenation with that unregistered website - sure Jan.
>CIA finds exploit
>instead of "hey we should patch this up, it could negatively effect untold millions
>"lets keep it for ourselves and use it to invade people's privacy"
>CIA gets their shit leaked
>someone goes to Wikileaks and sees exploit
>fucks windows users in the ass hard
>govt wants to blame someone else
>even tho it's their fault
This is why open source is better, stuff like this would be found and patched really fast.
Alright, cool.
Thank you for being clear.
>It used the SMB bug from the shadow brokers leak
explain for a retard please
How did so many people get infected? Who the fuck leaves SMB exposed to the open internet? Have these companies never heard of a router?
>using windows without any actual precautions against malware whatsoever
They deserve it
Feds do not find bugs.
They buy all their shit from 3rd parties.
So it can infect anyone connected to the internet regardless of what they're doing (if they didn't do the update)? Explain plz.
Reading the msm are we? How come a Pc dataguru defender xmen accidentally buys a domain that happens to be ((allready active)) boting viruses? Can someone give some rundowns on this ?
Infected PC remotely places file on target PC without authentication. In this case it places them in the startup folder which autoruns when a user logs in. User logs in, gets infected.
Microsoft did it to sell more copies of Windows 10, i have proof, going to authorities in 30 minutes
SMB is a service that is built in to ALL windows computers.
SMB is used to pass information easily between windows computers.
'Shadowbrokers' are a group of 'hackers' who supposedly got their hands on a bunch of NSA exploits and tried to sell them. Supposedly nobody bought it so they slowly are leaking everything out.
Just google it.
You dont need to leave SMB open to internet to get hit by the bug. lrn2computer
Any protections can be defeated. It only makes exploitation more difficult, but never impossible. NX, stack cookies, ASLR, DEP, SEHop, etc. Any protection mechanism can be bypassed.
post progress with the feds, and be careful, for what we know they could be involved in that case if microsoft was behind this
It only affects you if you've sinned in the eyes of Kek
He didnt accidently buy it.
Botnets many times use different c2 servers based on age. They will change their c2 servers so they dont have a single point of failure.
They caught the ransomware and reversed it, they found out the next c2 domain it will use.
They bought the next c2 domain it will use.
They now control the c2, and the bots.
Didnt some random Brit stopped it?
>Microsoft patched this in early march
Maybe those hospitals should just get fucking shut down then.
No not some random brit. He is a well known malware researcher.
Nor was it just him, but a team of people.
Oh we got a MS shill here, too bad even XP got patched against this exploit.
>got their hands on a bunch of NSA exploits
That's one way of saying the NSA leaked them.
Nice. And that confirmes the news article is a fucking lie.
I remember ten years ago, I was at the hospital, and the computer that the nurse was typing my data into was still using windows 95/98. Furthermore, the computer was clearly filled with viruses, as there were popups everywhere on the desktop.
It blew my mind how little security there must be around this. Perhaps only the tech illiterate nurses are using the pc.
I regret to inform you all that has passed away due to an unfortunate accident involving a leather belt and a piece of rebar
yes, very good, but what does that mean ??
Never trust computer security articles. 90% of them are bullshit.
tinfoil_hat.png
wrong
most likely the shadowbrokers got onto a server that is used to stage attacks.
How else will Sup Forums fund the fourth reich?
It means the attack is thwarted for now.
But just wait, alot more malicious software will be using this SMB exploit.
Patch your shit.
How much shekels did he make?
The windows patch keeps it from SPREADING automatically to other machines it can discover on the network. If the wrong person opens the phishing email it will still encrypt their machine and potentially disrupt services.
You can't patch stupid
lmao if you get hit by this you're a retard including all the big guys. you should always have a anti root kit that starts up at boot. the bigger story here is the gross incompetence by IT departments who over look these machines, you don't need to upgrade to windows 10 at all.
thanks. i bet you most of those hospitals will not be patched when the updated virus strikes again
>anti-rootkit
Have you reversed it or wrote it yourself to know exactly what is going on?
If not you installed a rootkit by choice.
Okay wise guy, how are you going to get into my windows system running SMB behind my plain old home router. Explain to me in detail, I'll wait.
Speaking of, SB are frog memers.
The ride is never over. Nothing is safe. NOTHING IS SECURE. You're fucked.
shutup
>update that was patched out in march
I wonder who's to blame here...
this is like complaining about the Y2K bug.
so all I have to do is get past your shitty ISP given router? lol
Yes. Go ahead and tell me how you are going to do it.
If I have a computer with cracked w7 and I haven't used it in a few weeks am I fine?
Not that guy but you don't. The smb vuln is not how this initially gets into machines, the users infect themselves and the smb let's it spread.
I worked a regional ISP call center that day.
So very dark.
You'd be amazed at how many international businesses use Windows XP
I wouldnt even need to use an exploit.
Your authentication page for your router is accessible via internet
$20 says your creds are admin:password or admin:admin
Thats how most botnets spread. Shitty creds
>it's acceptable for MS to force you to reformat your Computer
I think Microsoft did this since people refused their shitty 'free' Malware system.
So how does it infect computers? You have to open email attachments to get infected? Not opening strange emails is literally internet security 101
Death penalty for the hackers if they're caught. Need to send a message so computer science inclined kids don't screw around and decide to do this shit and ruin lives.
Not even shitty dlink routers expose the login via hitting the public ip. You are referring to other exploits which vary greatly from device to device whether they are applicable
If you really don't want to update or change OSes, never let anyone on your network, and don't use public wifi.
So what happens when they spoof their email headers to make it seem like the email came from from someone legitimate?
It's easy to make a malicious email look legitimate.
Are you sure his internet connected car didn't mysteriously drive into a tree?
I know that, that's my point.
No, it isn't, and no, my username/password are different. Anyone with half a brain would change the password for their home router and not expose some kind of web admin page to the internet.
My point is that this SMB bug isn't some magic thing that lets anyone hack into any machine, neither are any of the other exploits that the NSA/CIA/whoever uses. But people like make exploits sound like magic spells, which leads to idiots like believing that "hackers" and the government can do anything.
DON'T SAVE OPS IMAGE
The worm is saved within the binary of the file, and it will infect all PCs on your network.
lol look at shodan to see why you are wrong
I think you are right about the death penalty. This is effecting hospitals and is stopping chemo patients from getting dosages because their files are encrypted
>Anyone with half a brain
The people who got infected with this dont have half a brain
>SMB bug isn't some magic thing
Its not magic, but its a huge deal. There hasnt been a bug this big in the MS world since MS08-067
but he didn't actually stop it, he just disabled the ones that can reach the domain he registered, which means countries that filter US sites for censorship purposes (lol china) are still fucked unless they pay up in bitcoin (a thing that is heavily bought up by chinese) HMMMMMMM
How is anyone still using Windows 7?
It's literally impossible. To formally use a Windows operating system at your business, Microsoft shoves a contract down your throat in 99.9% of cases demanding you upgrade to their new OS whenever it's released. Most businesses right now are using 8 or 10.
most companies are still running windows 7
Well now we agree, I was pointing out that you'd have to be an idiot to leave SMB exposed to the internet: Of course I realize that nobody probably got infected this way and that the reality is the same as every other virus: dumb people clicking on some cutecatpicture.jpg.exe attached to a shady email. The SMB thing just allows it to spread over a LAN easier.
>The people who got infected with this dont have half a brain
Most of the world are NPC normies
Why the fuck did I connected to the Internet yesterday. I kept my computer offline all month and just now Theres a Major fuck up god damnit
I am scared of turn it on
that probably only applies to place with more than 50 or 100 licenses or something, most small businesses wont have a contract with Microsoft
I believe, knowing what I know, that this is actually a racket by backup companies and Cloud computing providers.
It's a way to encourage people to move to their services since there's always some magical hero that appears that lets you unlock the info for free. In that way it's scare-ware.
Fuck that, this is just an elaborate way to force windows 7 users to switch over. Microsoft did this.
You are thinking of dvrs and ipcams which are exposed. I don't even think I can get one of mine to actually provide access from the wan.
This is correct.
Data is free. You're not losing anything if you don't pay and you're paying for something free if you do pay.