Reminder that it is not even necessary to recompile it, all it takes is a simple edit to the binary and it is alive again. Which is, by the way, what has already happened, source:
view-source:thehackernews.com
Also, the NSA exploit it uses is only one of its vectors, just patching the systems does not make them 100% safe.
Other urls found in this thread:
intel.malwaretech.com
warosu.org
grc.com
support.microsoft.com
twitter.com
>Also, the NSA exploit it uses is only one of its vectors, just patching the systems does not make them 100% safe.
but the spreading mechanism was the only really noteworthy thing about it, there are tons of other equivalent ransomwares.
Which still do cause some damage, just less.
And, if it does, it will keep looking for someone else still vulnerable.
Wincucks BTFO once again
Just don't click shady emails or links.
Disabling SMB1 was easy, but when I looked at my fiancees machine she didn't have a SMB1 entry in the regedit. How's that work?
Easy enough for the average Sup Forumsentooman but it doesn't mean Normie McRetard won't execute it by accident in the university computer lab or library network you happen to be shitposting on Sup Forums from, destroying your Wangblows and everyone else's on the network.
what even was the infection method they used? wasnt it flash or some shit?
default windows behavior is to have SMB enabled, even without a reg entry-- just add the registry entry manually, with a value of 0 of course
>but Linocks can nut support gaymes
I'm still flabbergasted from the outrage at M$ and not the US Government and the NSA for "leaking" their "tools."
Apple doubled down on not giving into the FBI's demands for their backdoors and it's paying dividends in still being one of the most secure platforms to operate on.
There are three methods. One is a normal spam package, the original one they used.
Another is scanning some random internet ips for the vulnerability.
And the third is scanning the whole ip range of the local network the device is connected to for the vulnerability.
The third one is the one that is the novelty and the reason why it is causing so much damage.
Windows admins need better firewalls
I thought about this too. Is there solid proof that the exploit and spreading mechanism was developed by the NSA?
>going on Sup Forums in public
Nah
>He doesn't browse Pol while riding the train with all the smelly Indians just to make them feel uncomfortable.
that makes sense, I used power shell to disable it and then I verified it in regedit afterwards. Thanks user.
Yeah the shadow brokers released these tools for free when Trump betrayed his voters /w Syrian missile strike because no one wanted them when they auctioned it
Yes.
>Sup Forums
>Pol
His voters? More like his handlers GRUnigger
Time to stop playing csgo and switch to linux i guess
>Capitalizing the c
Also, after a while, you stop caring. If I'm sitting on my ass waiting for a friend or while on my long bus ride to work, I'm not going to change my browsing habits just because I'm outside.
The Apple Macbook Pro with TouchID doesn't have this problem
but csgo has native support on linux
Jokes on you, i don't leave my house.
touchid is bad and apple should feel bad
The custom built PC with Common Sense Advance 2017 doesn't have this problem either
>the shadow brokers
So who are these NEET faggots with their edgy h@xx0r name straight out of CSI: NY? And how long until one of them winds up in federal "pound me in the ass" prison?
>And how long until one of them winds up in federal "pound me in the ass" prison?
never, rumor has it they're NSA contractors pissed at management and the leak was a threat was a warning
But would it surprise you if there was one retard tech working for NSA who happened to have the exploits on his PC and left his shit wide open and vulnerable to a remote hack?
Regardless, fuck whoever leaked it. Access to that exploit is a huge responsibility. Whoever it was must have known what would happen. This shit is bringing down fucking hospitals.
> FBI asks for funding
> trump says no
> ransom-everyware.exe
>this is your average Sup Forumsfag
Just stay in your containment board
I just got a window on startup to update flash player and never got a follow up window for installation.
How fucked am I?
Yeah, let's give money to more retards so they too, can create and unleash, more of this shit. not even a Trump supporter, so stifle yourself.
Potentially very, but not from this threat in particular.
I want to follow up but I think I'm happier living in ignorance.
I think I'll just go back to problems more my speed. Like why X is fucking up my laptop.
lol my work is screwed we just got hit. guess thats what they get for using windows vista.
Can Sup Forums do a wannacry reskin with cute anime girls?
so how are people getting this and how do I avoid it? I don't do a whole lot of anything on the internet but I've gotten some spooky shit just from malicious advertisements before.
Is there a description how the encryption works? From what I heard it is very fast to encrypt files, but that would take too much time. Is it a change of permissions?
PRETTY MUCH THIS
Just fucking back your files up to a hard drive and unplug it. If you get hit by it, oh well, just reinstall windows.
Yes but Common Sense 2017 protects against those
pics or it didn't happen
no
I was in jail for the last week. Haven't turned on my desktop yet. Anyone have a source for me to educate myself on this without the snarky remarks of a typical seven year old?
Its was at FedEx. I was off when it happened just saw the news this morning plus i cant even take my phone past security.
If it's near instant it might just mount the disk onto an encrypted mount. That's how most full disk encryption works. Either that or it just launches the gui while AESing all your files in the background. (All that is just speculation though w/ my entry level crypto knowledge)
Yeah if you have not updated your PC to March 2017 security patch then this worm will encrypts app of your files and ask for $300 to unlock them within three days
makes sense, that sucks though. hopefully they fix it soon
ya me to shit got wrecked.
Simple and logical. Thank you.
No problem, you can also check intel.malwaretech.com
Windows admins need to stop being lazy shits. Every time there is a security update, apply it immediately. Not tomorrow, not two weeks from now, not three months from now, right fucking now.
Except that in many cases there are lots of red tape before being able to change anything in production.
question: does anyone have these emails so we could cause this to happen?
Interested in putting the labs at my uni to the test which all run vista.
Don't. Even not knowing which country you are from I am still sure this would be a crime.
There are other means to test this, better ask the administrator about it.
how would it be a crime to open an email? i just blame it on the ransomware, you worry too much bro.
A-at least we have games y-you lincucks
t. bootlicker
I wannaCry because that thumbnail looked like news on VEGA and it isn't.
Does not matter even if there is not specific computer legislation about this where you live, you would willingly and knowingly cause damage. It is certainly a crime.
Besides, from where and how would you get the sample without leaving a trace pointing to you?
so as long as i dont click on stupid shit i wont get fucked in the ass right?
you cant turn that off on phones. its a good way to detect phoneposters.
turn off what? Capitalize words?
I wonder why there ain't Sup Forums version of that ransomware where you have to type "Hitler did nothing wrong" to unlock files.
no, a little phone icon shows up in the desktop version of the site when someone posts from a phone
Honestly hope it hits my schools network.
Sup Forums is the containment board
MODS
>board
...
...
The shadow broker is a character from Mass Effect... which doesn't help much, since Andromeda bombed so hard they "restructured" Bioware Montreal. They named themselves after a character from a newly failed franchise. SAD.
What does P2 have to do with this?
...
Sup Forums doesn't give you viruses though
>rumor has it they're NSA contractors pissed at management
everyone in the government is mad Drumpf got elected who is a racist nazi. Not surprised this happened and probably a whole revolution soon since he doesnt support diversity and LGBT rights like Hillary did because she is a woman.
maybe not viruses but there was this
warosu.org
>I wonder why there ain't Sup Forums version of that ransomware where you have to type "Hitler did nothing wrong" to unlock files.
When we get this if anything just for the lulz and fuck Sup Forums
I miss Cornelia
How does WannaCry spread? Am I "safe" in Windows 7? Does it need for me to click on an email, or is it simply capable of infecting systems that are connected to the net? Should I install Windows 10? (I read W10 is not affected by it)
I don't. Fuck windows users.
grc.com
Proceed and click all service ports. Post screencap.
But she was practically the first sentient AI. It also improved the quality of Sup Forums and /jp/ even made friends with her
I get twitchy when I don't capitalize it.
Thanks. Can confirm smb1 was enabled in my (((patched))) w10 machine.
Iktfb
Well, it says I am safe. (I believe)
>work at a publishing house
>win7 laptops
>ass of updates can't be installed: windows, office
>admins decided to block the updates since they won't install since february
can't wait for the happening.
Or better, have to post Hitler did nothing wrong to your social media accounts to unlock it.
Then you are.
I don't think the patch disables SMB1. Disabling SMB1 is a workaround to mitigating the exploit without patching.
So, yeah, all these corporations who wanted to test updates before implementing them could have disabled SMB1 in the meantime.
>tfw my win10™ auto update © wasn't updating since November and I didn't know until I checked that it had been failing for 4 months.
>tfw I had to troubleshoot and manually install 3 weeks ago
It spreads in two major ways.
The first is the standard email with malware attachment or infected file, etc. Something you download an run.
The second is through SMB, both in the local network and to the Internet.
Per the ((Microsoft)))™ website it doesn't look like I'll miss it.
oh hot dam but that would take some nextlvl programming skill or the installation of a cookie and set it to a group that must be liked would be doable but they would just leave the group after :P
have fun being able to access any official updates or downloads with port 445 disabled.
Shouldn't some of those ports be open?
inbound? nope