+977-9849845061

Stay safe from WannaCry Ransomeware

by Nishan Aryal

1573total visits.

WannaCry malware is a scary type of Trojan virus called “ransomware.” As the name suggests, the virus in effect holds the infected computer hostage and demands that the victim pay a ransom in order to regain access to the files on his or her computer. [Reference]

What WannaCry does?

WannaCry encrypts most or all of the files on the computer and asks to pay certain fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.

The software asks to pay ransom of $300 at the time of infection for first time. If the use doesn’t pay the ransom within 3 days, the ransom amount is doubled to $600. Are worst part is if user does not pay within seven days, WannaCry will delete all those encrypted files and all data will be lost for forever.

Major global companies said they also came under attack.

Two big telecom companies, Telefónica (TEF) of Spain and Megafon of Russia, were also hit, as was Japanese carmaker Nissan (NSANF) in the U.K. [Reference]

How to disable SMB in WIndows to stay safe from WannaCry Ramsomware

Filetypes that are targeted and encrypted by WannaCry:
  • .123
  • .3dm
  • .3ds
  • .3g2
  • .3gp
  • .602
  • .7z
  • .ARC
  • .PAQ
  • .accdb
  • .aes
  • .ai
  • .asc
  • .asf
  • .asm
  • .asp
  • .avi
  • .backup
  • .bak
  • .bat
  • .bmp
  • .brd
  • .bz2
  • .cgm
  • .class
  • .cmd
  • .cpp
  • .crt
  • .cs
  • .csr
  • .csv
  • .db
  • .dbf
  • .dch
  • .der
  • .dif
  • .dip
  • .djvu
  • .doc
  • .docb
  • .docm
  • .docx
  • .dot
  • .dotm
  • .dotx
  • .dwg
  • .edb
  • .eml
  • .fla
  • .flv
  • .frm
  • .gif
  • .gpg
  • .gz
  • .hwp
  • .ibd
  • .iso
  • .jar
  • .java
  • .jpeg
  • .jpg
  • .js
  • .jsp
  • .key
  • .lay
  • .lay6
  • .ldf
  • .m3u
  • .m4u
  • .max
  • .mdb
  • .mdf
  • .mid
  • .mkv
  • .mml
  • .mov
  • .mp3
  • .mp4
  • .mpeg
  • .mpg
  • .msg
  • .myd
  • .myi
  • .nef
  • .odb
  • .odg
  • .odp
  • .ods
  • .odt
  • .onetoc2
  • .ost
  • .otg
  • .otp
  • .ots
  • .ott
  • .p12
  • .pas
  • .pdf
  • .pem
  • .pfx
  • .php
  • .pl
  • .png
  • .pot
  • .potm
  • .potx
  • .ppam
  • .pps
  • .ppsm
  • .ppsx
  • .ppt
  • .pptm
  • .pptx
  • .ps1
  • .psd
  • .pst
  • .rar
  • .raw
  • .rb
  • .rtf
  • .sch
  • .sh
  • .sldm
  • .sldx
  • .slk
  • .sln
  • .snt
  • .sql
  • .sqlite3
  • .sqlitedb
  • .stc
  • .std
  • .sti
  • .stw
  • .suo
  • .svg
  • .swf
  • .sxc
  • .sxd
  • .sxi
  • .sxm
  • .sxw
  • .tar
  • .tbk
  • .tgz
  • .tif
  • .tiff
  • .txt
  • .uop
  • .uot
  • .vb
  • .vbs
  • .vcd
  • .vdi
  • .vmdk
  • .vmx
  • .vob
  • .vsd
  • .vsdx
  • .wav
  • .wb2
  • .wk1
  • .wks
  • .wma
  • .wmv
  • .xlc
  • .xlm
  • .xls
  • .xlsb
  • .xlsm
  • .xlsx
  • .xlt
  • .xltm
  • .xltx
  • .xlw
  • .zip

As you can see, the ransomware covers nearly any important file type a user might have on his or her computer. [Reference]

Protect Ransomware Attack in Microsoft OS Devices.

Install all the available security updates immediately available from Microsoft Security Alert. If you did not update your windows just turn off SMB

How to disable SMB in WIndows to stay safe from WannaCry Ramsomware

 

There are two methods to turn off SMP manually or Tools

Step 1: Go to Control Panel => Programs => Programs and Features.

How to disable SMB in WIndows to stay safe from WannaCry Ramsomware

Step 2: Disable SMB as shown in figure

How to disable SMB in WIndows to stay safe from WannaCry Ramsomware

Step 3: Restart Computer

You are now safe.

  • Zenith Nepal

    how this ransomware transmit from one pc to another??

%d bloggers like this: