If updates were completly off, too bad. Winblows can take days to install all updates when you're months late.
Benjamin Martinez
>Screenshot from 2017-05-1(...).png >not Capture.PNG 0/10
Alexander Cook
Guys how can I recover the data?
Easton Jenkins
Revert to backup or pay the ransom and hope it works.
Grayson Reed
I'm posting from Linux because my boss says the windows computers are "too insecure" to use.
He says he's upgrading to all macs and Linux but wants to try to get the data.
will paying the ransom really work?
Andrew Johnson
Why do I get the feeling this is a false flag to get the mainstream to support the banning of encryption? Seems a bit weird that this hack/virus/whatever uses the term "encryption" so heavily. You would think they would simply say 'your files are being held ransom' or something similar, considering 90% of the oldheads who will get this problem have no idea what encryption is. Now they will see 'encryption' in the news or whatever and think 'encryption = bad because of that one virus i got'
Bentley Bell
It might. There's no known solution for Wannacry at this point that I'm aware of, but you can try here: nomoreransom.org/
That being said, if no backups and the nomoreransom site does not have free decryption method, you either pay no money and kiss your files goodbye and pay, might get a decryption key, might get burned.
Aiden Hall
And whose fault is that?
Leo Myers
Here's the truth (source: I'm a time traveler)
>The NSA and Microsoft work in collusion (always have, lookup PRISM) >The NSA and MS coordinated together to release these exploits >Windows 10 collects more data than the NSA ever did/could >by forcing everyone to update to windows 10 the NSA doesn't need to use exploits, just get the data from MS >By making people fear encryption and cyber terrorism they will be able to crack down on it >darkweb, torrents, etc will all be watched >raids on hackers will become more and more common
it's all over Sup Forums.
We need to annex a part of canada and create a new utopia.
At least pick an image that hasn't been posted in every forum and news article on the fucking internet.
Hudson James
Sounds like your boss is a smart guy. Finally treating the disease instead of the symptoms.
Gavin Stewart
1) Restart the computers. 2) Before the windows starts press F8 3) Choose Safe Mode with networking 4) Find the ransomware files and registries and delete them 5) Install your favorite antivirus, scan the computer and delete the viruses 6) ??? 7) If that doesn't work, [spoiler]cut your dick[/spoiler]
Ethan Hill
This does not seem too far off, sadly.
David Ramirez
>macs >paying extra for a picture of a half eaten apple and the inability to work on your own machines
Camden Roberts
>he thinks he will be able to run his computer and access ransomware files when all files get encrypted
Dominic Cook
He should have done it immediately and quickly or just reinstall the OS.
Aiden Adams
how can i prevent this (windows 7)?
does this encrypt files on all drives, or just main drive?
and would reformatting fix it?
Alexander Jenkins
>WTF do I do now?
Enjoy your new utopia of an all-OSX userbase. It's fuckin lit compared to the shitshow that is Windows AD
Christopher Gomez
install linux
Eli Clark
>update to latest >yes all files connected on the same network >format fixes everything
Carter Morris
The popup doesn't happen until the files are already encrypted, ya dingus.
I swear, Sup Forums sure likes giving out advice about shit they don't know anything about
Ayden Walker
>for my company
Jacob Hughes
Goddamn, this whole thing makes me glad I am in charge of the patching procedure of our Windows machines at our company. I patch those bitches every month. Pretty sure the desktop monkeys also patch my laptop every month too. It amazes me how many professional organizations run an outdated version of Windows.
Hunter Lewis
Even a Mac is cheaper than Windows when accounting for shit like this that seems to plague Windows constantly. Though I would stick with the same machines and just install Linux, desu
Henry Moore
R u boss retarded? Isn't easier teach them how to use Linux? Something close to Windows like kubuntu or mint?
Colton Morales
I never understood the price argument when it comes to buying Apple products. It's usually a difference of
Jaxon Lee
>in house techs can't do shit with them >thinking finance people aren't going to be asking questions about extra cost for the same power of equipment to say nothing of all the extra costs for mac only software
Carter Powell
Look at me, I'm a mental who pays a thousand extra for a 200 bucks hardware
Logan Turner
Every Windows PC which has NOT booted then infected over the LAN may be safely booted using a live Linux USB, CD, or DVD to rescue the data.
Wintards should know Linooks. Lintards should know Winshit.
Windows can be protected using Faronics Deep Freeze on workstations for where you need Windows apps.
OP could use boxes he'd have to format anyway as test machines.
Everyone even slightly into computers should know these basic concepts.
Nathan King
You're acting like paying an extra $1000 for a product you will have for at least several years is at all significant? That's like buying shitty generic 1-ply toilet paper because it's $1 cheaper than 3-ply Charmin Ultra-Soft
Jose Perry
I dealt with ransomware like this when I was working at a repair shop. Encrypted my ass, boot from usb and delete whatever was at startup. Done.
Sebastian Anderson
Just use CCleaner to clean up the infection.
Isaac Edwards
ITT: literal fucking morons
If the files weren't encrypted then why would this even make the fucking news.
Nolan Baker
"like" is not "identical"
You don't know anything about this particular ransomware. Go prove your assertion or FOBTR.
Owen Campbell
>WTF do I do now? something-something-gentoo
Juan Long
You can't be serious. What pc r u using that u have to change every time? I have the same fucking pc since 2013 and it works great for everything I need, even gameplay. And I paid 400 USD on that
Isaiah Hughes
Are you expecting actual tech knowledge from news of all things? It made the news because it was a large scale infection. Also.
>If A is true then why does B happen?
You know that's the most used argument when people don't know what they're defending, right?
Jace Carter
Proof that wannacry doesn't actually encrypt the files or gtfo
Nathan Robinson
Apple Macbook doesn't have this problem
Easton Lee
way to fuck it up.
Adrian Lee
RIght. No possibility this is different than your repair shop days...
Jace Perry
As far as ive heard nobody that has payed the ransom has gotten their files. But for the love of god disconnect ur computer from the internet dont let this shit spread.
Nathaniel Murphy
Instead of tracking down the perpetrator and bringing him to justice, the media is telling the people that they are the problem and must be cleansed of their sins
Logan Cook
>browsing darkweb >using windows you might as well ask around for drugs in the NSA HQ, not much difference
Gabriel Cox
To be fair, you fucks spreading about the "turn off auto update to avoid the windows botnet" meme caused a lot of Normies to turn off auto update...
...so, they missed the security update.
Good going, Sup Forums.
Jeremiah Evans
>As far as ive heard nobody that has payed the ransom has gotten their files
How's this any different to pic related? From what I can tell it's the exact same virus it's just more widespread because goys are moronic.
Jason Davis
>Being THIS naive as to how the news works
Am I on reddit?
Cooper Reyes
you still have provided NO proof that wannacry doesn't encrypt the files bucko
Nolan Johnson
Does this malware use the same exploit? Wannacry can spread on a local network without any user action.
Isaac White
update happened after it got out in the wild
Nolan Hernandez
Internet as well, depending on how retarded they were with opening ports. Windows update was in March, before the shadowbrokers leak.
Noah Thomas
Yours, of course. Should've updated to Windows 10 Good Goy Edition right away. Microsoft did nothing wrong.
Blake Bennett
Shadowbroker approached Microsoft. The patch came out in March. Shadowbroker released EternalBlue in April. WannaCry hits in May. Microsoft realises they forgot to release patches for XP, 2k3, and Vista and does so.
Oh shut up, install windows 10, and swap drives or dual boot with some Unix-like like the rest of us for your non-gaming needs.
Hudson Turner
Vista, 2k3, and XP were all out of support completely and ordinarily do not get security patches at all. The problem is that some companies (and individuals) still run machines with important duties that run these out of maintenance OSes, thus Wannacry was able to infect them automatically
Oliver Thompson
What are you talking about? That's exactly my point lol. You only buy a computer once every several years, so an extra $1000 (max) is hardly significant.
Landon Jenkins
Running those OS's is not inherently bad though. It's only bad when they're connected to the internet in some form.
Grayson Garcia
The problem is that even if they're not directly internet connected, if one person runs wannacrypt or another malware that has self propagation across the network and the exploit for SMB, then those machines that are not directly internet connected can be infected.
If they're airgapped from the internet it can still be okay but you have other infection vectors.
Colton Brown
>$CURRENT_YEAR >not using EMET
Anthony Watson
I meant airgapped. Sure there are other methods of infection, but they're irrelevant for this specific case, and would require other unsafe actions like plugging in external hardware or something.
Tyler Cox
Well aware. I used to be a sysadmin response for the management of a ton of servers responsible for backups. A major regional energy company and an IRS subcontractor are still on 2k and 2k3.
We kept trying to get them to migrate. No luck.
Nolan King
EMET is being discontinued with EOL mid-2018
Logan Cox
Boy, an IRS subcontractor? They do like playing with fire eh?
Benjamin Barnes
You have nothing to fear if you weren't directly audited. However, if you were, I'm pretty certain your financial info has been stolen at some point or another.
Fucking USB in parking lot attacks, man.
Justin Bell
Either bait or you are fucking tech illiterate. Just because it looks similar, it doesn't mean it is the same thing.
Jace Hernandez
My father's was for many years and I was as a dependent. IRS said it was laptop theft and they couldn't even say if it was encrypted or not. We got a year of credit monitoring and that was it.
Landon Bailey
tru tru
Camden Cook
Sounds about right.
We kept telling them to stop sticking strange USB sticks into their work computers.
Did not listen.
So glad I do not work there anymore.
Anthony Thomas
>company
I know this is bait and all but any competent admin would have backups ready to roll in for the sitaution like this.
Really, ransomware shit happens rather frequently for companies, the bigger the more often targeted, which is why IT have everything on backups.
Jaxson Hernandez
...
Alexander Wood
>he thinks "the fucking news" are tech literate Oh boy. Look a DDOS attack on the rampage too. The end nigh
Carson King
It wouldn't surprise me if this actually works
Robert Nelson
>not paying the fine It's like you don't want to be a speedy speed boy.
Wyatt Carter
>tfw decide to pay ransom so I can get all my documents back >tfw I transpose the "l" and "I" (that's lower-case 'ell' and upper-case "eye") in the bitcoin address
back to coinbase :-(
Josiah Bailey
>not using the copy button
Justin Hughes
>clicking on a virus
Lucas Ross
How much computing power is necessary to break the encryption?
Dominic Wood
Probably around the same as to break into one of the btc wallets.
Lincoln Gutierrez
is it sha256?
Carson Rogers
More than we have available here on Earth. It's 128-bit AES.
>SHA-256 >encryption
Dylan Phillips
Even with all the computers in the world clustered together it would still take until well past the heat death of the universe to decrypt a single file. They are encrypted with a 2048-bit public key. So, around 6 quadrillion years.
Henry Scott
>It's 128-bit AES.
Say what? It's not AES, is it? Pretty sure all the Cryptolocker variants use 2048-bit RSA pairs. Unless they are just using RSA for the key exchange and are generating symmetric AES keys?
Caleb Thomas
>128-bit >2048-bit
which one?
Aaron Turner
kiss your sister, you'll feel better afterward
James Walker
"The Trojan generates a random symmetric key for each file it encrypts, and encrypts the file’s content with the AES algorithm, using that key. Then, it encrypts the random key using an asymmetric public-private key encryption algorithm (RSA) and keys of over 1024 bits (we’ve seen samples that used 2048-bit keys), and adds it to the encrypted file. This way, the Trojan makes sure that only the owner of the private RSA key can obtain the random key used to encrypt the file. Also, as the computer files are overwritten, it is impossible to retrieve them using forensic methods."
So, it uses RSA 2048 bit for encryption of the AES key. The AES key has been reported as 128 or 256, depending on which loltechjournalist is writing about it. AES128 will still take a billion billion years to brute force, though.
>Each infection generates a new RSA-2048 keypair. >The public key is exported as blob and saved to 00000000.pky >The private key is encrypted with the ransomware public key and saved as 00000000.eky >Each file is encrypted using AES-128-CBC, with a unique AES key per file. >Each AES key is generated CryptGenRandom. >The AES key is encrypted using the infection specific RSA keypair.
There. It's not rocket science.
Cameron Watson
I was considering this idea last night (except fuck Canada). There are a whole lot of machines on mostly private networks that just got a whole mess of new code dumped onto them.
You just can't trust these fucks. If the NSA or (((them))) wanted access to something, they are getting the globe to DL a bunch of shit for free. Meanwhile MS will sell some updated licenses, while they screech about getting fucked by big brother.
Ryder Brooks
>wants to try to get the data is your company doing regular backups? Because you'll need to restore the data from backups.
Jackson Richardson
Yes, because obviously the answer of "someone used a well-known $2900 commercial malware variant and some Shadow Broker EXEs he found on github and hit a jackpot" is just totally unbelievable compared to "This is a false flag by intelligence agencies worldwide to get people to switch off of Windows 7 onto Windows 10"
Ayden Gray
It's not the switch to w10, it's the downloading of new code via the update system, into normally dark networks. It's also not a worldwide conspiracy, just a single agency is needed to do it.
I think you protest too much.
Aaron Walker
>dark networks >running a proprietary OS
Parker Allen
It happens all the time. Industrial plants running PLC's (Iranian centrifuges anyone) would need windows machines to run the programming software. Networks of workstations for intelligence analysts. The office machines for government employees. Most of this stuff would have to run Windows.
How to get new code into these dark networks? A global scare, with some pajeet mole dropping malicious code into an update.
Lincoln James
Except what we're telling you is that they're the same thing.
Your shitroll analogy fails because it assumes you're buying 1-ply to save money, when in reality they're both 2-ply and they're both equally comfy.
What you're not paying for is print on paper you're just going to put in your asshole that says "you're super cool and super smart for buying this."
Jaxon Myers
Its just a patch to the software installed by the Patriots claiming to fix Y2K.