Breaking News

India vs WannaCry. Steps taken to prevent it.

WannaCry ransomware: Govt activates mechanism to prevent cyber attacks; CERT-IN to collect info

WannaCry



The ransomware called WannaCrypt or WannaCry encrypts the computer's hard disk drive and then spreads laterally between computers on the same LAN. The ransomware also spreads through malicious attachments to emails.

In order to prevent infection, users and organisations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.

https://technet.microsoft.com/library/security/MS17-010

After infecting, this Wannacry ransomware displays following screen on the infected system:

It also drops a file named !Please Read Me!.txt which contains the text explaining what has happened and how to pay the ransom.

WannaCry encrypts files with the following extensions, appending .WCRY to the end of the file name:

  • .lay6
  • .sqlite3
  • .sqlitedb
  • .accdb
  • .java
  • .class
  • .mpeg
  • .djvu
  • .tiff
  • .backup
  • .vmdk
  • .sldm
  • .sldx
  • .potm
  • .potx
  • .ppam
  • .ppsx
  • .ppsm
  • .pptm
  • .xltm
  • .xltx
  • .xlsb
  • .xlsm
  • .dotx
  • .dotm
  • .docm
  • .docb
  • .jpeg
  • .onetoc2
  • .vsdx
  • .pptx
  • .xlsx
  • .docx
The file extensions that the malware is targeting contain certain clusters of formats including:

  • Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi).
  • Less common and nation-specific office formats (.sxw, .odt, .hwp).
  • Archives, media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)
  • Emails and email databases (.eml, .msg, .ost, .pst, .edb).
  • Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd).
  • Developers' sourcecode and project files (.php, .java, .cpp, .pas, .asm).
  • Encryption keys and certificates (.key, .pfx, .pem, .p12, .csr, .gpg, .aes).
  • Graphic designers, artists and photographers files (.vsd, .odg, .raw, .nef, .svg, .psd).
  • Virtual machine files (.vmx, .vmdk, .vdi).
Read Also:
Impact of WannaCry in India
Ransomware Cyber attack first hits Berhampur city hospital in Odisha.
Ways to protect your company from Cyber threats.






No comments