Protect from WannaCry Ransomware Hackers
 |
| WANNACRY What to do if you're Infected |
WannaCry is an Ransomware programme targeting Microsoft Operating Systems.
WannaCry is believed to use the EternalBlue exploit, which was put into open access and was allegedly developed by the U.S. National Security Agency (NSA) to attack computers running Microsoft Windows operating systems. Although a patch to remove the underlying vulnerability for supported systems Windows Vista and later operating systems) had been issued on 14 March 2017,delays in applying security updates and lack of support by Microsoft of legacy versions of Windows left many users vulnerable.
Due to the scale of the attack, to deal with the unsupported Windows systems and in an effort to contain the spread of the ransomware, Microsoft has taken the unusual step of releasing updates for all older unsupported operating systems from Windows XP onwards. The patch for the same can be downloaded from the below link.
Microsoft Patch- https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Following are the link for different antivirus which would help you in protecting your environment.
McAfee : Have released a special dat file which can be downloaded from the following link and apply as per the KB article mentioned. https://kc.mcafee.com/corporate/index?page=content&id=KB89335
Symantec : Symantec have released special tools to detect the same into your network. Following is the link for the cleaning if you are using Symantec.
Trend Micro : Kindly follow the below link for the
McAfee is aware that several customers are impacted by a new ransomware. Ransom-WannaCry (also known as WannaCry, WCry, WanaCrypt and WanaCrypt0r) is encrypting files with the .wnry, .wcry, .wncry, and .wncryt extensions. Encryption is occurring on the local host and across open SMB shares. Impacted systems might also show a blue screen upon system reboot.
For more information about the threat and preventive measures see: https://kc.mcafee.com/corporate/index?page=content&id=KB89335
Following are the process which you would have to take care immediately :
- Disconnect the PC from the Network if infected.
- Stop RDP connections into your network with immediate effect.
- Don’t open any mail in Spam or Mail which has come from Unknow Source.
- Search for the following exe into your network “taskche.exe” and remove it.
- Scan with the latest virus definition.Apply latest Microsoft Security Patches.
If you find this article is useful don't forget to share on google plus & facebook for more social awareness.
