WANNACRY/WCRYPT/RANSOMWARE GENERAL

Aka how to get the FBI to buttfuck you

I thought it was over already?

Well lets hope they have their shit backed up on updated servers.

"Update your systems" then implies not running XP.

>I thought it was over already?
It's only just beginning.

DEVILISH

Oh no, not at all. Wait until tomorrow and you'll see.

amen bro

>buttfuck
Good thing the male anal canal is designed to derived pleasure from prostate stimulation then.

I dunno.
Just saw pic on Sup Forums.

how can it encrypt admin files if I'm not using the admin user?

It hasn't even begun, user.

How do you make backups anyway? Do I have to set up a Linux powered machine copying files every night at 3.00 am to a special HDD? What if the HDD runs out of space?

It gives itself admin

Question: Is it the same amount of ransom regardless of country?

It doesn't encrypt admin files though does it

It encrypts user file, aka data that you actually want to be available

The SMB bug probably allows them to escalate privileges as well.

so it's over, cool

Get more HDD or replace old backups.

A Taiwanese dude actually contacted the ransomware writer saying that his monthly salary is only $400.

He was given a decryption key afterwards. (The ransom was $300)

Another confirmation for killswitchless variant.

Spotted the faggot.

I'm safe from all of this if my OS is currently up to date right?

R-Right?

That seems stupid. Why would you be replying your victims. All that does is give the authorities a chance a learn more about you.

But the patch is nothing else but from custom support.

>tfw 666 KB, of all fucking sizes it could have

Damn, the guy's a cuck. I was hoping he could cripple India's entire infrastructure when no one in the country can afford ransom.

You are.

Most importantly

>don't trust closed source software

What does this mean? Did the largest recorded ransomware attack only fetch 100 actual victims?

Ransomware confirmed for ded.

It only encrypts your own files, aka the data you actually care about. Why would it care to encrypt system and program files that you can just reinstall anyway?

youtube.com/watch?v=BhtyEdhepIc

If I find out my medical files were compromised could I sue the NHS? They did mention how very secure their system was when they wanted to put them into their computer system.

The most important thing to avoid falling to the SMB exploit is make sure that no Windows machine is connecting directly to the internet without a hardware firewall (home router / residential gateway should do if it does not forward TCP/UDP 445 to any host on the network). Don't use any hotspots with you Windows laptop, disconnect your Windows computer from the internet if you currently have no means to get it behind a hardware firewall.

I'm waiting for a variant that doesn't use SMBv1 and instead use SMBv2 or SMBv3.

IIRC the NSA leak has those as well.

It'll be much more interesting as disabling SMBv2 or v3 would actually cause current supported versions of Windows to have parts of their core functionality not working (e.g. symbolic links and 10gb ethernet)

Its the weekend
It has only been 48 hours
The deadline isn't anywhere near yet.

>without a hardware firewall
Pretty sure you're safe with Windows' built-in software firewall too. The reason it works is that Windows' firewall doesn't block SMB connections on home/corporate networks, only from the Internet.

Pretty sure all the leaked exploits has been fixed. All this does is affect people who didn't patch and just disabled SMBv1

Is it worth installing the windows updates with telemetry to protect against this?

But if I update windows it installs telemetry!

blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
>Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download

>microsoft starts forcing updates down peoples throats since vista, annoying everyone in the process
>even so, most people manage to run non-updated version of windows vulnarable to a two-month-old exploit
Microsoft just fails with whatever they're doing, don't they?

yes, as you will also receive future security patches

You can choose not to update windows, then have a proper firewall in place and don't let random devices onto your local network.

Well yes, after the fact.

>IIRC the NSA leak has those as well.

Unfortunately, yes.

No, it means normies are sitting on their couches checking Facebook on their phones. Alot of victims probably aren't even aware yet.

how is it microsoft's fault that their users are a bunch of retarded tinfoil hat wearing autistic menchildren?

>implying Stallman would use a propertiary car instead of compiling his own

>ECHOWRECKER
>SAMBA
>LINUX

Is this patched?

So let's discuss the timing of this virus. Doesn't it seem a little odd to anyone else? I definitely think it MAY have had some connection to ETH which was skyrocketing in value last week but now stocks are plummeting, also we've got the elections going on in the UK. Making it even more suspicious, this was not just a random accident upload but I believe carefully planned and intricate.

The patches were made in February, and that includes the XP/2k3/8.0 ones. Modification date of modules inside patch package and digital signatures confirm that. They simply didn't make them public, as they are given only to custom support subscribers for big bucks.

...

I'm also surprised North Korea haven't been hit considering they've got worse systems than Windows XP which should've meant they could've been pretty vulnerable.

Don't they mostly use Linux?

Any war epic war stories out there? Like sysadmins recovering stuff from backups and saving lives?
During hurricane sandy there were sysadmins saving servers from flood, migrating to high ground.

>block 445 at router level
>block 445 at firewall level
>turn off client for microsoft and printer sharing at internet properties
>turn off SMB in registry
>update latest Windows security bundle for this month
Pretty sure I'm good from any future ones.

Yea right, and shit was supposed to hit the fan on May 13th (i.e. yesterday) anyway. All adds up.

Because the entire NK internet what little of it is protected by firewalls. And they are probably using their own OS and not windows

en.wikipedia.org/wiki/Red_Star_OS

The updates just fail to install on many machines, it seems that when windows update breaks once that's the end, no more updates ever correctly install. I had updates disabled as it was using 100% of the cpu, only for a few months and this is what happens when turned back on. Installing updates one at a time did nothing, had to manually download and install the patch after about 6 hours of boot loops.

There's no information less technical users can figure out in the warnings either. You would think they might include a link to the patch installer on the MS website.

All your ports should be blocked/stealth from the get go.

Do you really think that the people who've failed to keep upgraded are Sup Forums-tards afraid of the botnet?

The FBI buys NSA malware too, didn't you read about playpen? You are in good company if you help propagate it, an act of patriotism.

>fucking around with Windows Update

Just get the patch directly from the MS update catalog.

>Redstar OS > Windows XP

Noice trips. There's plenty of backup info on da web. Study it. If you really need backup a Linux server is a nice thing to have.

Fucking around with NSA playthings is a one way ticket to pound town friend.

People need to remember that even if they don't have any signs of ransomware, it does not mean they weren't hit by this exploit in othe ways. A week after the SMB exploit was released, over 40,000 infected machines were detected and the number was growing exponentially each day. This means someone could be in your shit and you wouldn't even know it. It also means if you only recently updated and are hacked, it's probably not going to stop shit because somebody already owns your machine(s) and can open everything up again.

They don't even have internet or just a dumbed one. They use windows though.

Red Star OS master race.

I work with those shits, it took me a month of nagging to convince a lawyer to at least copy his documents on a separate usb disk.
It boggles my mind, when you walk in you're greeted by mahogany desks and custom made oak shelves and yet a simple NAS is just "too expensive".

Windows Update might just be the worst piece of shit software ever to come out of Redmond. When I've been playing with Windows on spare computers lately, I've been shocked to see how much CPU and disk bandwidth it uses just to download upgrades, not to even say anything about actually installing them. It can easily take like a minute of active CPU time just to check for updates, and downloading them thrashes the disk like crazy. Actually installing updates makes the whole system unusable due to resource usage while it's going on, and even the simplest little updates take like a minute each to install, and a service pack can take several hours.

And then there's the whole thing about needing to reboot after every little update, the bugs where it stalls in an indefinite CPU loop calculating update dependencies or whatever, and now this.

When you compare to APT, it's literally night and day.

It can be convenient and safe at the same time.
Every PC has ti have its own share, which is ocassionally synchronised with the NAS (the NAS reads files from the share, then deletes it on the share).
The NAS has a share as well, which is R/O, and also, it has rollback so you can revert changes and revoke the permissions of synchronising from an infected PC, if it starts encrypting files from a stupid fuck's computer.

>200017
>all companies do this when?

>When you compare to APT, it's literally night and day.
Yeah, and APT might even be the shittiest package manager around. Speaks volumes about the direction Wangdows has taken.

>let me tell you bout this thing that didnt happen

It's been years since I checked out any distro not based on Debian. I'm curious what alternative you find to be better.

Its not as if its a botched operation and youd be joining a very long queue in the event of that anyway.

Good secure backup solutions are a point where almost everyone fails. The reason is that you want some kind of automated backup solution which usually means online servers. Manual backups require some labor so both corporations and regular people fail.

5 external backup harddrives for backup that cycle at regular intervals, weekly or monthly depending on how frequently your data is updated. This way you get 5 revisions of your files and the backups are not constantly connected so they don't get wiped out by malware. This requires you to actually do something regularly and this is why it's unpopular.

>Sudo
>~/Desktop
>python aliased to python2
>no shebang line
>Camel case python script

>what is a class-action lawsuit?

>python aliased to python2
That's the standard setup.

>This requires you to actually do something regularly
Isn't that why most people hire IT and sys admins? I mean if you automate it, how long is it going to take? 5 minutes a week at most to ensure that the backup was successful.

Assuming this end good somehow, what is going to be the aftermath? Tfw:

1) everyone must get on Windows 10
2) everyone must keep their data in TheCloud(tm) only where it won't be ransomware'd
3) encryption banned except for military/government

If your disk to disk backup is not snapshot based, then you deserve to get encrypted.

Lol, on what distro? Debian? Fucking idiots. That shit is gonna EoL in 3 years, fucking everything has already been ported

Most of them, desu. Even FreeBSD has a better manager, imho. I do use Apt on my Ubuntu server, and it works out ok because it doesn't see a lot of excercise with the sparse number of packages it watches over.

What font is that, user? It looks cute

>tfw it rather makes everyone switch to GNU/Linux and computers are free forever.

>tfw can't update windows because it breaks my PC

The problem is that all Python 2 scripts have shebang lines that point to python with no suffix. It's going to be a long time before python3 can be renamed just python.