Malware researchers have identified a new version of the ransomware Wannacry which comes without the killswitch. Hundreds of computers keep getting infected every minute as we speak. Pic related, green dots are the new infections in the last minute or so.
Wcrypt seems to be hitting Europe, Russia, and China the hardest
Christian Powell
So can we expect microsoft to release a security update outside of the monthly patch day?
Ryan Powell
>It's Happening!
Gabriel Murphy
>that feel when Y2K was 17 years late
Eli Jenkins
The problem is windows update often fails, many people with updates turned on will see this if they look at their update history.
Jayden Cruz
No, the problem is that in Russia and Asia in general, lots of big businesses are running on pirated versions of Windows that have no updates available whatsoever.
Nathan Perry
Just to be clear the MS update and other fixes still work right? This is merely another more aggressive version without the weakness to turn it off.
Basically this is all as planned like Cash 4 Clunkers for PCs but you just get fucked in the ass.
Justin Edwards
The patch that fixed the main exploit has been out since april.
Andrew Walker
But my Windows PC keeps itself up to date out of the box.
Caleb Miller
That's hilarious
Andrew Reyes
frindly reminder
Samuel Adams
that's actually true; don't know about businesses but almost every home user uses cracked windows or is upgraded to botnet10
Landon Wood
>No, the problem is that in Russia and Asia in general, lots of big businesses are running on pirated versions of Windows that have no updates available whatsoever There's even windows 10 user getting infected due to windows update being sloppy.
Josiah Long
>Not patching your Winblows when MS released the patches in March to kill NSA's zero days
SASUGA WINBLOWS USERS
Nicholas Diaz
botnet10 updates perfectly for me and every cracked windows worth their salt should be cracked in a way which enables windows updates. only fucking russians download pre-cracked .iso which uses outdated KMS servers or something which prevents updates.
Luke Nguyen
It's weekend, user. Most sysadmins are not working.
Aiden Perry
what do pirated versions of windows have to do with no updates being available
i use one and i still can update without problems and it's more likely that windows update died instead of it being somehow the fault of a pirated version
Hudson Edwards
I have an original windows and I've been suffering trying to update it fully for the last few days. updates keep failing, and then reverting takes at least an hour. Fucking windows, now I gotta apply them one by to see which one is causing problems because god forbid they get installed separately so wangblows reverts all 30 of them instead of the one that's causing problems.
Leo Russell
Can anyone post the exact update from MS in order to prevent Wannacry?
I disabled updates when MS pushed telemetry from w10 into w7. I don't want to enable that
Gabriel Perry
>WU hangs forever >end up turning off smb1 and manually download the march update roll >now WUSI is hanging doing the same thing
nice update service, really makes me wonder why i didn't let it run auto in the first place
Ryder Morris
>WU tangs forever
Juan Nelson
yes i know the copies can use windows update i ment that everybody uses unlicenced copy
Carson Sanchez
Don't need NSA zero days, if you get the company to build a back door
Alexander Sullivan
The Apple Macbook Pro with TouchID doesn't have this problem.
Parker Carter
Just download the approriate security update or disable smb v1 yourself, is it that hard to do?
Cost me less than 5 minutes
Jayden Allen
> typical fleshwaste fucking Sup Forums import
Go and fucking google it you dense cunt, you have no place on Sup Forums
Bentley Nelson
>is it that hard to do? You're on Sup Forums - AMD Vs Intel. What the fuck do you expect?
Robert Clark
I actually did google it
Aaron Martin
will smb1 being shut off be enough? i dont have the patch and it'll probably take my PC 24hrs+ to finish checking for updates so I can then install it.
Jaxson Sullivan
>approriate security update
WHICH ONE, NO ONE EVER SAID IT
People only say just enable updates
Lincoln Stewart
...
Tyler Long
They will never get Australia,
Our internet is too slow
Jayden Torres
AYY AHAHAHAHAHAHAHAHAHAHA
David Watson
disable smb1, block port 445, a quick google search will tell you how
Luke Ortiz
So what exactly has been happening? I haven't seen much news lately apart from the NHS getting ransomware on their system. What is wcrypt and what's it do? Should I be worried?
Jaxson Miller
nice try Kaspersky nobody is going to buy your crapware anyway you fucking scams
Angel Perry
Fuck you shill, Windows Update keeps failing, useless piece of shit. I should've listened to Linux shills.
Aaron Brown
The biggest ransomware attack in history. Hundreds of thousands of computers affected worldwide.
Jose Peterson
How will I know if I got it? Is it like a typical pic related that will pop up?
Kevin Brown
you do realise that means prebuilt garbage?
Jose Lee
Saudi Telecom Company has fallen. Stupid sandniggers.
Easton Harris
even if it's not prebuilt. it's entirely reasonable to see this. Every house in the world already has a computer, the market is saturated. Tablet that only exist few years are already seeing declining sales
Smartphones will see the same shit in the future
Henry Brown
How come so many people have port 445 open?
What do they need it for?
Jason Williams
...
Owen Miller
yup if you have it you'll get that popup, most likely after it forces a restart.
Three ways to get it: >Someone uses a remote execution exploit to put it on your machine and run it, (if you are fully patched and not running XP/2003/Vista then this is unlikely but not impossible) >Someone on your local network gets it and it jumps around the network (Only works in networks with SMB 1 enabled which is only needed if there are XP/2003 systems still around) >You get a dodgy email and run it yourself by opening the attachment
Adam Howard
They use SMB1 to share files between company computers.
Connor Myers
I disabled smb1 by going into control panel, programmes, turn on or off windows features, then unchecked the smb1 box
Do you reckon thatd work? Cause I see people posting commands to run to disable it
Nolan Sullivan
What about home computers, i seriously doubt normies even heard of smb1, let alone use it?
Nathan Rodriguez
...
Xavier Wright
What the fuck's up with japan? Are our baka gaijin malware not good enough for them?
Logan Ramirez
>australia not getting infected feels good
Owen Green
There's one, but really they still use fax machines to communicate.
Carter Williams
Windows 8.1/10 and Server 2012 R2/2016 included the option within the Features list as you describe.
The commands work on all versions (except XP/2003) but are really only needed for Vista-8 or 2008-2012 as there's no GUI option
Unless they run XP at home, their system will be using whatever SMB version was included in the OS or the lowest compatible with others on the network (SMB2 = Vista/7 and SMB3 = 8/10)
SMB only matters for it spreading, not the initial infection.
Lucas Collins
If it pops up it is already too late
Ayden Nelson
>Pic related, green dots are the new infections in the last minute or so. no you dumb fuck. that's an old variant. because only old variant is sinkholed.
Cooper Collins
OP we will need a source on that, seeing nothing about any new variant, only warnings that a new one is inevitable at some point
Easton Ward
The funny thing is that the old variant is still popping up.
So you know these are people who deliberately got themselves infected because the old variant's SMB infection vector has been neutralised already.
Anthony Hughes
This is like watching fucking Die Hard 4.
Aaron Gray
trump supporters kek.
Chase King
need an another update, so it can bypass the bugfix too.
>sir, i am calling from windows, sir! u have a wirus in your pc computer sir! what is this sir, wot u did to my wondows pc sir oh dear vishnu, sir, my supervisor is going to murder me sir
i hope every call-scamming curry nigger gets this shit on their computers
Grayson Scott
>The funny thing is that the old variant is still popping up. they're fine. right now you're observing just new connections made to killswitch which is sinkhole too. that means they get infected but nothing is encrypted.
Jeremiah Scott
Oh hey! an email from a random person with no text, but asks me to click a link? Everything is coming up Millhouse!
Jaxon Parker
The real cyberarmageddon will come once Intel ME is cracked (or keys to it are leaked). Once that happens, the only way to thwart the vulnerability will be to unplug all Intel systems (and wrap them in tinfoil if they have built-in radios).
Easton Baker
I wonder if the new variant can be sinkholed and monitored?
IIRC it doesn't ping the "killswitch" domain. How could it be monitored if all external connections it make are opportunitistic SMB ones on the LAN?
Mason Parker
>implaying it's not cracked already
The intelligence agencies just sit on it because it's too big a trump card to use unless absolutely needed.
Isaac Lewis
>pirated versions of Windows that have no updates available You are a retard. Pirated Windows updates just fine you retard.
Parker Flores
The patches were made in February actually (even those for XP/2k3/8.0). Those for still actively supported systems were publicly released in March, while the rest was only made available to third parties who pay for extended support. Given the shitstorm that happened, MS decided to make that one patch publicly available.
tl;dr: all Windows versions including XP and up are still being patched, but MS won't give patches for "out of support" systems to those who don't pay big bucks for it
Ryder Bailey
Win 7 does update, but what he probably means is that there are some updates which check if it's legit win7 then if not bricks your computer, makes it boot to blackscreen iirc
James Roberts
>work in IT >one client constantly whine they can't upgrade their kit because muh costs >one XP machine still on the network >mfw monday morning an entire school gets ransomware'd
Julian Walker
Wrong. Port 445 is THE standard SMB port, not just SMB1.
Any Windows computer that is sharing folders on the network has 445 open.
Blocking port 445 will block all sharing of files from your computer, so if you want to share files that is not an ideal solution. Rather disable SMB1 like said because it is the old version that is only available for legacy support.
Also, as some other faggot mentioned SMB1 is the method it uses to spread once it infects a host, it can arrive through other vectors which is probably how most businesses get it because it is very unlikely it would spread from an Internet facing machine to the internal network through SMB.
Owen Brooks
Who else /hype/ for Monday crash and burn as the whole office/institute/corporation gets set ablaze due to a single infected computer spreading throughout the whole network?
Aaron Clark
...
Nathan Rogers
The initial attack vector is usually different (mostly phishing email probably). Then once inside a LAN, the secondary vector being the SMB vulnerability is exploited.
Logan Brown
I heard some researchers talk on twitter that in the case of Wcrypt, there are no samples of infected email attachments / secondary vectors found.
Lucas Wright
Some fucking whiteknights just hate fun.
Camden Hall
so the only way to get it is to having an outdated version of windows? some of the pics look like w7 but it could be vista. fucking cheap bastards not updating their systems
Connor Taylor
Shut up. I already dread booting that shit up. My plan is pulling the network plug, backing up everything and then hoping for the best.
Asher Johnson
>tfw any coming vault7 or shadowbrokers leak could release the doomsday exploit
Logan Gray
>tfw running Linux on my work laptop
I'll be enjoying the absolute shitshow tomorrow.
Christian Reed
why couldn't they wait a few days until it affects millions?
David Wilson
It's not just SMB1 that's vulnerable though.
Josiah Rodriguez
It doesn't matter. Anyone could have taken the original binary, edited the killswitch with a hex editor into an unregisterable domain and released the virus back in the wild. Probably already happened.
Jose Johnson
I really don't believe it could spread as wide as it has if there wasn't some standard email spreading going on.
I do believe it has been using the SMB exploit over the Internet to spread as well but the problem is that it has to go from the Internet side to the Intranet side to get on a lot of these PCs we have been seeing it on, and that's just hard to believe that so many company networks were set up in such a way that Internet facing machines can go directly to Intranet machines. It goes against the basics of security.
Gavin Stewart
Then every compromised network has at least one machine that exposes a vulnerable SMB service on the standard port directly to the internet without any sort of firewall?
Fucking symbolic links and 10GB ethernet are dependent on SMB2!
Thomas Brooks
>fun
You do realize shit like this could literally lead to world war 3 if the wrong systems are affected? Or what if some nuclear power's strategic supply or production systems are impacted, and an unstable leader chimps out over this pushing the red button?
Angel Lee
Is this the pajeet who gets syskey'd, pretends to be a rich man, and then cries when he fucks his call center up?
Brayden Torres
fucking microsoft. Seriously, get your shit together
Aiden Turner
In the early XP days there was no good way to keep windows activated, the easier way to avoid WU undoing your activation was to disable updates
Noah Davis
Did you really think a nigger would save the world?
LAMO
Aaron Young
Try WSUS Offline, it sometimes can unfuck WU by installing everything by itself
Ian Rogers
>You do realize shit like this could literally lead to world war 3 You're saying that as if it's a bad thing.
Christopher Brooks
Current profit = 40k USD
Isaac Martin
>In the early XP days there was no good way to keep windows activated the first pirated version to become available, came out ~25 days before release, and was the 'corporate edition', which didn't even need activation the only reason activating home/pro was a pita, is because pirates weren't even using those