/WannaCry/ WannaCry General

It causes your ass to implode.

Woah a bunch of numbers, I'm scared

>letting them know you REALLY NEED those files

It apparently does with other ransomware. No clue if this one does.

shit, i was scared for a second there

You idiots using Windows, you are using an already backoored OS you niggers

anyone?

We can assume their profit through it.

does the start menu need to make tcp connections??????????

>Windows 10
Not my problem :^)

after you pay the ransom pay less than a third of the ransom for an external hdd and start backing your shit up like a responsible computer owner

it is if you enable updates on windows 7 through 8

>enabling automatic updates after Microshaft tried pushing no-ask """upgrades""" on its users once

>not just auditing security updates and installing them from wusaoffline

lol :^)))))))

HELP

To download the recommended Candy Crush ads.

low level damage control

What happens if I am on a starbucks wifi and I have this on my laptop?

Nothing because everyone else will be using a Mac, iPad, or iPhone

Someone give me the script

...and linux.

>banned for "hacking"

>RSA_Decryptor
I don't think that's how it works, but I don't know enough about RSA to dispute it.

blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/

This actually explains how it works quite well.

If they setup the Wifi right, the Guest network won't be able to touch anything inside of Starbucks. It will however try to exploit other machines in on the wifi. Someone running a Windows PC unpatched for the exploit would then get the virus as long as the PC was on and connected to the same wifi. They would then take the PC home or back to the corporate network and the process starts again.

It would hit corporate and government systems mostly. They usually hold patches until they can be approved through a testing process. The average person clicking next and default through their setup options probably have automatic updates setup already.

There's 2 ways it could work:
>RSA_Decryptor knows Microsoft's super secret spyware RSA private key
>RSA_Decryptor is actually a time-travelling quantum computer from the future

Is there any source to the claim that people have forked the ransomware and taken out the killswitch?

>Someone found our killswitch
>Well, we're done here
Said no hacker ever.

Well yeah, no shit. I just want someone with le degree saying it so I can link it to normalfags and keep them scared.

When the next hospital or something gets hit then they'll have a scary news story.

What's this program?

probably tcp dump or whatever on the router

you can just use wireshark to get the same thing

Updated :It's now 52000$

pastebin.com/JZHZkyWe
Here's the sauce
Check it yourself

why does your OS use inflation symbols instead of backslashes?

The exploit will be patched soon anyway, you're not going to have time to spread it.

people wont fall for it if everyone think it's a scam

(well, actually it's a scam

>only USD 46433
Not too much tbqh considering it probably costs quite a fair bit to run an operation of this scale, didn't original CryptoLocker make much much more?

I'm using Korean language pack, so backslash is replaced with inflation symbols.

After some scams people just stopped paying for it.

Original Crilock had C2 servers raided and keys made public due to author incompetence, nothing else.

Good thread. It's 10:40 in Europe right now, so a lot of money should come in shortly.

$50000 is not so bad for an exploit they didn't have to discover themselves

Considering it's >muh biggest cyber hacker attack and >over 160 countries, yeah it is. Original crilock made MUCH more, millions+

>muh biggest cyber hacker attack and >over 160 countries
Who said that? Surely not the malware authors.

The funny thing is they are not using personalized wallet adresses for each victim so it's impossible to determine who paid the ransom and who didn't. I doubt they have any plans to decrypt the files.

Swedish media, at least. It's pure trash though, so I don't know what I expected.
kek fucking clowns, somebody managed to register a domain used as a c2 before they did
You don't even need one for this, can encrypt the individual file keys with an included pubkey (change modulus for each machine) and then make a decryptor service available upon paid ransom.

They should have made it WanaCum and blocked all adult content until you paid up

>upon paid ransom.
They don't know who paid the ransom.

So is it mostly Romanians made this worm?

>You don't even need one for this, can encrypt the individual file keys with an included pubkey (change modulus for each machine) and then make a decryptor service available upon paid ransom.

But they have no way of determining who paid the ransom because all the coins are pooling into couple a wallets.

For example I could see their transaction history and claim I was one of the addresses who sent them money and demand decryption even if I didn't pay.

I'm only hearing of this today. Some guy I spoke with had it but couldn't tell me what it's actually doing. What does it do except for be in your face?

Also typical that media outlets are saying it's [illegal] torrenting.

I guess it's mostly ads and weather updates

and stealing your data of course

Sorry I don't understand how this works, how are you guys tracking it? Can't people use it to trace it back to the ransomware creators?

It encrypts your files

No shit, but one could make a C2less ransomware was my point. Yet these people manage to fuck it up this badly.

Kek

Look up how bitcoin work

so the entry point is a open rdp session?

Am I understanding right that the addresses are nodes or the blockchains and you're just checking off those?

so. it's monday. did the wannacrapocalypse happen yet?

There are so many linux and mac bummers on Sup Forums. I must have used about 20 + distros though the years.
One thing that is always a problem is GAMES.

wait few hours until burgers wake up

It usually does, since if they don't unlock shit after you pay, they lose the profit. Why give them your money AND still lose your files, when you can save the money since you'll lose your files anyway. They need to hold their part of the bargain, otherwise no one would bother paying

I imagine a bunch of scared and desperate people might still pay despite not getting their files back.

Can you get infected just by opening the email? or as long as you don't open the attachment you're safe?

Anyone know a good website where I can see stocks in real time? I want to see what this does to companies stocks and how much if any this will hurt Microsoft.

You can get infected by being on the same network as an infected computer.
How the first computer in a network gets infected is by the usual vectors.

But for large, unpatched networks like hospitals and businesses, it increases the risk of it getting into the local network.

Wtf, this is retarded, why do they turn off internet at arcade centers too?

Hey man can you update? Yuropoors are awake by now

Google finance

That I know, but I mean if you're an individual user that got the spam mail, can you get infected if you open the email but not the attachment? or are you safe as long as you don't open the attachment?

Have you even seen the functionality of Cortana?
It doesn't do anything until he starts typing, which is exactly what it should be doing. Cortana will search for relevant Internet results as well, if enabled.

I'm on the same internet as a lot of infected computers, why am I not infected yet?

Because you're probably patched. The image that you're on may have automatic updates applied, or you hit [tab] a million times when you were setting it up yourself.

If you want to be nice, though, tell your IT folks that you're ok. They'll take your shit and use it for forensic purposes. In fact, they'll probably take it anyway, so take off any files you don't want your boss to see.

I haven't seen a copy of it yet. It may be executed the moment you open it.

Don't get in the car with strangers.

So how much USA is going to pay for leaking this exploit and causing billions in damages to rest of the world?

zero my dude

>I'm on the same internet as a lot of infected computers, why am I not infected yet?
Probably because you have a router that is blocking incoming packets on port 445.

Welcome to the future people. Security patch Monday every week.

And holy shit the amount of smoke this has blown up up everyone ass. The RFC are non fucking stop.

We're talking midday server and desktop restarts across the board my boys! Patch patch patch like never before!

I would laugh if the sudden wave of updates caused microsoft's update servers to implode.

Too late. Reports yesterday of being unable to access Windows Update.

This is our modern age. The US invested heavily in computer offence, not realising that in a few years every other country would be able to do the exact same shit.
The NSA is a organisation that specialises in making computers less, rather than more secure. Which was an advantage when no other country had the resources or the expertise to run their own NSA, but now it is a disadvantage since the US does not have an agency (at all) that tries to make computers more secure.

>Yuropoors
>Poors
But they sent about 8000$.

Wouldn't be surprised given everyone is reviewing their infrastructure now. Literally pinging for anything and everthing. So far I've heard that a outwards facing rogue Windows 2003 server and two, two fucking blackberry servers were just sitting doing nothing because nobody knew they existed!

you are not clever, are you?

This is no surprise, really. Much as I hate Change Management, the Configuration Management portion of it really uncovered a shitton of stuff in our environment, including mail servers running on a box under someone's desk.

This was 12 years ago.

Is that from today? Not bad, he earns about 20k/day. Still laughably small amount for such damage but still good for some lowlife retard

Surely they can't spread ransomware through IoT devices, ri-right guys?

I can't open my fridge
help

If those IoT devices run windows, yes, yes and very yes.
technet.microsoft.com/en-us/library/security/ms17-010.aspx

Most people would ask someone who knows something about computers. 5 minutes of googling will show that the only way to get the files back is to pay and that they are at least honest enough to decrypt your files.