Thread replies: 357
Thread images: 51
Thread images: 51
File: WanaDecrypt0r.jpg (148KB, 867x660px) Image search:
[Google]
148KB, 867x660px
How the fuck are people getting infected with this? I thought ransomware was for only old people and retards.
>>
>people stop updating windows 7 & 10 due to increased bloat
>microsoft continues to push bloat but with a few security updates
>hackers rek everyone who doesnt update
>>
>>60354142
Wikileaks released NSA's tools to the public, hackers are using them to attack windows PCs, mainly older operating systems and Windows 7 systems without the patch released in march.
Mainly targetting systems on internal networks with shitty security.
TL;DR don't carry your hipster ass to the local starbucks and connect to their wifi.
>>
>>60354221
>Wikileaks
It was shadowbrokers you moron
>>
>>60354142
People still fall for email attachments and Nigerian prince scams
>>
This is what happens when you visit any website without disabling scripts. Forbes had ransomware embedded in their advertisements 2 years ago.
This isn't from just downloading random stuff. If you think you're safe because you don't download shady stuff then you're mistaken, malicious code can execute from any script enabled website and install ransomware.
>>
It's mostly businesses and hospitals that don't upgrade their shit due to the cost.
>>
>>60354142
normies are illiterate retards that would even disable antivirus if some site says that you have to do that to run their program.
>>
>>60354520
How to disable?
>>
>>60354596
There's extensions for browsers that work in different ways. People have been talking about having some sort of adblock, and adblock blocker blocker, and a script killer since around that forbes thing.
It's pretty nice not seeing ads, and after a while when you whitelist enough scripts and websites just work without taking too long to load and process... It's almost like breathing fresh air, or drinking cleaner water and wondering how you ever lived before.
>>
>>60354520
>malicious code can execute from any script enabled website and install ransomware.
If the attacker also has an unpatched browser RCE exploit, sure.
>>
>>60354596
NoScript on Firefox.
Chrome has built-in script JavaScript blocking, but ScriptSafe add-on gives you more control over third party scripts.
>>
File: 42FE1E27-BEA5-476E-A6CB-A25A8BF2DAB3-297-000000404EFE478D.jpg (47KB, 564x400px) Image search:
[Google]
47KB, 564x400px
>>60354574
>>60354596
Example one
>Tfw /g/ is being ruined by these idiots
>>
>>60354704
t. windows 10 user
>>
File: Shadow Broker.png (373KB, 712x712px) Image search:
[Google]
373KB, 712x712px
>>60354270
Do you really think this could leak something so damaging? Honestly, Anon.
>>
>>60354142
If you didn't get the windows patch from last week you are vunable and don't even have to go to any website or open any email attachments. All an attacker has to do is send an infected attachment. That attachment gets scanned by windows defender automatically. And you are infected. The worm can then spread across your network via smb to other unpacked machines.
That is why you need to patch daily instead of this once a week or month shit most companies do.
>>
>>60354781
Good thing I disabled it last month.
"ALL YOU NEED IS WINDOWS DEFENDER" will always be a meme.
>>
>>60354142
NSA backdoors were a mistake.
>>
>>60354781
>>60354210
I'm on Windows 7, which patches do I need?
>>
>>60356966
There are so many damn updates on Windows I have no idea, it's not like you can just check a version number.
I have a windows 7 vm on my macbook with access to the main files. Probably won't have this since I hardly use it. But still worrying
windows is cancer
>>
>>60354596
>>60354142
deactivate your atoms
>>
>>60354520
>This is what happens when you visit any website without disabling scripts
This has nothing to do with JavaScript and everything to do with a) people running any random exe or file that downloads without second thought, and b) browser exploits, especially plugins -- Flash and Adobe Reader in particular have historically been easy targets for those kind of malicious ads.
>>
>keep nothing important in my windows install
>only games
>everyth8ig that actualy matters is in linux/on an external formated with ext 4 so windows cant automount it
>literallly laugh at this and reinstall windows
>>
>>60357027
>it's not like you can just check a version number.
You can though. For example, I'm on Windows 1073, OS build 15063.250
>>
I have a comp with Vista I haven't patched in a year, how fucked is it?
>>
>>60354221
Windows 7 was patched last year. It was nice of Microsoft to let the NSA continue exploiting Windows 10 until March, though.
>>
>>60354142
Open SMB port exploit
>>
>actually having a computer
>>
>>60354520
Fuck off. Ads are a core component of internet culture and the internet experience. If you disable all ads and Javascript you might as well never even browse.
>>
Notice a sudfen drop in the amount of people on this site complaining windows 10 forces updates on them?
Because most computer users, especially lot's of /g/ have to be babbied
>>
>>60357197
These exploits were intended to be permanent and to be used by jewish intelligence services only, but the guys who leaked them to the public ruined (((their))) plan.
>>
>>60357138
I removed everyone but my own right privileges on my NAS, but i heard there was ransomeware that could still fuck it.
>>
>>60357126
Your a fucking dumb ass
It's a SMB virus
You connect to a network you fucked
Simple
Stop fucking posting you cancer cyst
>>
>>60357269
Doubtfull unless you keep it mounted to your windows machine at all times
>>
SMB has a bug that makes the distro of this shit like Sasser in XP days.
>>
File: getOut.jpg (25KB, 900x900px) Image search:
[Google]
25KB, 900x900px
>>60357224
> Ads are a core component of internet culture and the internet experience
NO IT ISNT
>>
>>60357269
*write. I'm a retard.
>>60357307
I do but I'm on windows 10 with the latest patch and no likelyhood of getting rekt.
>>
>>60357346
This. I too want absolutely no news or entertainment on the internet.
>>
>>60357224
what the fuck am I reading
I've had adblock turned on for like 10 years
>>
>>60357392
ads are the whole reason I use the internet what better to look at then click bait and car insurance
>>
fucks given = 0
>>
How to disable SMB on windows 7? I don't need this crap anyway.
>>
This software has nothing to with installing malicious exes or running shady scripts. You can get infected just by being connected to the internet and having certain windows features enabled without the most recent security patches. No user interaction required whatsoever.
>>
>>60354702
>NoScript
Seriously nigger? uMatrix is far better.
>>
>>60357224
.t marketer
>>
>>60357481
why do you spout bullshit you know nothing about? you need to have port 445 enabled to be vulnerable.
if you have your own router and not some ISP router + modem bullshit combo then it's virtually guaranteed that the port is disabled by default.
>>
>>60357572
>if you have your own router and not some ISP router + modem bullshit combo
Pretty much every ISP router+modem combo comes with almost every incoming port blocked
>>
>>60357572
That's true on the WAN side of things.
However, you can still get fucked if the virus gets via an alternate method on another PC in the same LAN (e.g. infected email attachment) which THEN does a SMB scan on the local network.
If the PC you use has no need for printer/file sharing, it's best to block the smb ports entirely... or just install the patch.
>>
>>60354142
Let's say that there are 2 computers in a network, one is patched and up to date the other is not.
Can this worm still infect the up to date computer if the other gets compromised?
>>
Daily reminder that this would be a non-issue if you kept proper backups.
>>
File: 1488467322443.jpg (60KB, 500x551px) Image search:
[Google]
60KB, 500x551px
What's the KB patch that was supposed to protect Win7 from this in march?
>>
>>60357664
i have like 10TB worth of storage how could i possibly back that all up frequently. it's not worth the effort anyway.
>>
Do windows 10 get infected?
>>
>>60357746
Yes anon, Windows 10 do infected unless security patch is applied
>>
>>60357746
yeah you're fucked there's no way to block it and being on win10 even allows it to get on your machine with no network access or infected file transfer you need to destroy your machine immediately by dousing it with holy water while it's running
>>
>>60357664
Lots of things would make this a non-issue. Not opening email attachments received from randoms on your work PC, for example.
>>
>>60357664
Data changes between last backup and time of infection would still be lost. Hospitals can't afford to lose that data.
>>
>>60354704
don't come here for advice if you got ransomware.
>>
Will I get this shit from just turning on my computer? I never updated for almost a year.
>>
>>60357873
Turn on computer check for updates let them run and then let it reboot
>>
>>60354142
i think is rather simple. yesterday was a thread about a utorrent ad using a flash exploit to install malware on retards
easily that malware, instead of adware or something "harmless", could be the file you ignore but old fucks open when the prince of nigeria wants to confirm a voucher that gives them super aids and encrypt all your shit.
>>
>>60357712
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
>>
Browse using a Linux VM. No one needs Windows to browse the fucking internet.
Use your Windows hosts for Windows things. Easy as fuck. Free too.
>>
>>60357903
Where in there
>>
>>60357924
>browsing the internet on a virtual machine
literally why
>>
So in theory, if I just shut down my computer and dont use it for a week or if I disconnect it from the internet and make some back ups, am I alright?
I also think I recently (two days ago) I put a windows update, but I dont know which one.
I have 20GB of memes and I dont want to lose them.
>>
>>
>>60357736
>i have like 10TB worth of storage how could i possibly back that all up frequently
Incremental/differential backups, like literally everything has been doing for at least a decade now
>>
>ransomware
Lame. At least make embarrassing files public
>>
>>60357903
There's a fuckton
>>
>>60357435
DISABLE SMB1 NIGGA WTF?!
>>
>>60357937
just check your exact OS and download the necessary patch
>>
>>60358009
For pete's sake, do I have to spoonfeed you all?
>>
>>60358013
There's a bunch of duplicates
>>
File: 1335572241479.jpg (56KB, 610x456px) Image search:
[Google]
56KB, 610x456px
>virus becomes a worm to infect other computers without user knowledge
>>
>>60354596
umatrix.
>>
>>60357435
What a nigger
>>
>>60358028
>>60358013
P-please.
>>
File: 1470889197949.png (439KB, 541x427px) Image search:
[Google]
439KB, 541x427px
Do I have to open an infected mail or can you get this just by being connected to the internet?
>>
File: en.wikipedia.org_2017-05-13_02-35-43.jpg (635KB, 1123x842px) Image search:
[Google]
635KB, 1123x842px
>>
>>60358028
I'm trying to download the specific update, but it keeps saying that "it's not compatible with my version." Even though it's 64 bit, same OS, and all that dealie.
>>
File: win7patch.png (4KB, 768x39px) Image search:
[Google]
4KB, 768x39px
>>60358029
>>60358079
>>60358124
I literally downloaded two of those for my Windows 7 64-bit SP1. I'm good to go
4012212
4012215
>>
>>60358099
Second one. I hope you have a router and not connected to some idiots on lan. Might want to install the patch or manually disable SMB1 anyway.
>>
>>60358099
Latter.
>>
>>60354142
Executives of companies are run by old people, dumb admins give them too much access to critical information, and they don't test their backups to boot
>>
>>60358146
>>60358148
Fug
Time to hit the panic button
>>
can i get this if i don't use a computer
>>
>>60358099
that ransomware scans SMB ports connected to Internet. We are doomed!
>>
File: tonykornheiserpanijc.png (598KB, 600x878px) Image search:
[Google]
598KB, 600x878px
>>60358164
>>
>>60358164
Ive been very paranoid few hours ago when it started.
>read through horrors of the malware affecting people everywhere over the world
>think i might be fucked
>accidentally hover mouse cursor over youtube link
>suddenly video starts playing
I almost had heart attack.
>>
>>60354142
The only W7 update I have is SP1. I have no antivirus software and I click on every advertisement and email attachment I see. How fucked am I?
>>
File: 1494385173305.jpg (93KB, 534x534px) Image search:
[Google]
93KB, 534x534px
>>60358144
>I literally downloaded two of those for my Windows 7 64-bit SP1.
Good because figuratively downloading them wouldn't have helped you at all.
>>
>>60358232
With the amount of shit you must already have I doubt you'd even notice
>>
>>60354142
Women click on, open, and run everything.
>>
>>60358243
why wouldn't I? It's not my problem anymore if these babbys can't patch their own system after I gave the link for the patch.
>>
>>60358263
Oh I'd notice a ransomware.
>>
File: veri-sad.png (86KB, 330x260px) Image search:
[Google]
86KB, 330x260px
>>60354142
>Don't update since december
>Activate Windows Update, download all the updates and install them
>Restart computer
>Installing updates, gets to 100%
>"Failure configuring Windows updates. Reverting changes"
>Sheeit
>Try to manually download the files and try again
>Same thing happens
>Try updating through PowerShell
>Same thing happens
Welp, I am fugged. Time to install Puppy Linux on a thumb drive and use that instead.
>>
>>60358296
The problem is that I'm on win 10, so that win 7 update doesn't help me. Yes, I know,
>falling for le botnet
What am I supposed to do? Use Gaybuntu?
>>
File: 1491308263327.jpg (47KB, 515x500px) Image search:
[Google]
47KB, 515x500px
>>60354333
WTF the Nigerian prince is not real?
>>
>>60358323
Check for updates
>>
Does anyone have a link to that tool for installing only security updates?
There was one like that and they made sure not to include any of the telemetry stuff.
>>
>>60354781
>attachment
>windows defender
is he using outlook?
>>
>>60356966
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
>>
>>60358409
>download doesn't load
OH SHIT NIGGER THEY'RE TAKING OVER MICRO$HAFT AND ARE DOWNLOADING IT NOW! RUN FOR YOUR LIVES!
>>
>>60354781
>He thinks people can just send files to your computer unsolicited
>>
>>60358451
They can. Wannacry can inject itself into your computer silently. No internet activity, no processes running, no CPU or RAM usage. It's like spontaneous generation.
>>
>>60357382
they'll have to find a way to adjust their business model to the 21st century famalam
>>
>>60358466
It can only do that if it has SMB to exploit, which it doesn't if you're not on an infected network.
>>
>>60358490
How do I tell if my network is good or not? Can I disable SMB and what are the side effects of doing so?
>>
What do I need to do on win 7 to prevent this?
>>
>>60358308
I had the same problem once I think. I had to start into safe mode and delete the downloaded updates from a folder. The next time the updates worked again. Maybe this will help you to find the solution on Google.
>>
>>60358507
>How do I tell
Have you been grypto?
>Can I disable SMB
yes
>Side effects
You can't network share.
>>
>>60358529
>Have you been grypto?
Have I been what now?
>>
>>60354781
>business
>patch daily
could you make it any more obvious that you have never worked a day in your life?
many CAD programs are old and dont work on modern systems since not every place can afford new versions
>>
>>60357382
if their business model revolves around stealing my information, spying on me, exposing me to propaganda and psychological attacks, and giving me fucking viruses... It's not my fault when they go out of business, and they are NOT entitled to have me let them do those things.
>>
>>60358466
inb4 they went through AMT
>>
>>60358544
Can't find the spurdo rendition of cryptolocker but it was a reference to that. If none of the machines on your network are fucked yet you're fine.
>>
>>60357736
Should be in the cloud, hidefag
>>
>>60354333
>>60354142
It's actually funny because I've gotten a number of clear as day scam emails recently all of a sudden and I bet it's for this.
>>
>>60358494
>>60358028
Spoonfeed me I don't have any updates through windows update butwmic qfe listand KB4012212 (standalone) OR KB4012215 (update rollup) is not there
I went ahead and downloaded http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212 from here and im installing
>>
>>60358578
Really? Cause I think MS's website has been hijacked. I'm trying to download the patch now and it's taking quite a while to load. Am I fucked in the ass by a black man?
>>
>>60358593
Yes, really. Well, assuming you're not connected directly to a modem or something moronic like that.
MS website is getting raeped by 4chan and reddit right now.
>>
>>60358593
It's just under heavy load. As long as you disabled SMB and have noscript enabled, you should be fine.
Just to be sure, I'm doing some scans.
>>
>>60358579
I'm not trusting full backups of my entire hard drives full of sensitive shit with the Jews who control the cloud. I already give them enough data when I use (((Google))).
>>
>>60358593
NK is ddosing so people cant patch
>>
>>60358611
>noscript not available for chrome
>don't know how to disable SMB because tech noob
And you're still saying I'm not fucked?
>>
File: 34324352.jpg (35KB, 330x330px) Image search:
[Google]
35KB, 330x330px
>>60358630
>chrome
>>
>>60357224
you wot mothofocko ?
>>
>>60354142
why is everyone bitching about free encryption software? at least micro$hit and NSA can't backdoor this one
>>
>>60354142
If you're hoarding data you're mentally ill. Back up your important shit to the cloud.
>>
Haven't updated W7 since 2012 and you're telling me Super Mario Bros has a virus? I'm sorry I don't emulate
>>
>>60354221
This is the exact reason you don't maintain back doors in the first place.
>>
>>60358308
I hadn't updated since 2015
>>
>>60358352
You can just go to the MS link twice linked in this thread and get the security update appropriate to your system.
>>
>>60354210
First post best post
>>
I just installed KB4012212, am I too late and is that even the right one?
>>
>>60358674
>Back up your important shit to the cloud
worst advice ever
>>
>>60358765
I've already done that I was just wondering if anyone had the tool. I've seen it posted before but have no idea what it's called.
>>
>>60354142
No idea, but I'm not taking any chances. Wasting my first waking hours of the day updating windows for the first time in 2 years, as if I didn't have enough reason to hate spics already.
>>
File: 1418769997043.jpg (35KB, 419x441px) Image search:
[Google]
35KB, 419x441px
>>60354142
>I thought ransomware was for only old people and retards.
It is, pic related.
>>
File: 1489393141119.jpg (70KB, 576x494px) Image search:
[Google]
70KB, 576x494px
>>60358674
Sheeeit, looks like I'm mentally ill bills now.
>>
>>60354142
>Backup PC with FOG weekly
>Zero fucks given
>>
It only takes one infected Windows machine to fuck up every other not updated windows machines.
Nothing would've happened if the retard IT people would update every PC.
>>
>>60358674
Please don't judge me ,I can stop at any time. I am not addicted, I am not mentally ill. It's just that I don't like throwing away useful data.
>>
>>60358308
Try Knoppix instead. Much more fun than Puppy yet light and fast because it's designed purely as a live distro. You can boot it into RAM by using the toram cheatcode.
http://knoppix.net/wiki3/index.php?title=Cheat_Codes
For latest driver support I boot Xubuntu live.
>>
>>60358826
What the fuck kind of data do you even need? Pictures from 10 years ago? Cheese pizza? Delete that shit you mentally ill fucktard. Love your life with no dependencies.
>>
>>60358886
How is it useful? Don't tell me: it's not. Stop clinging to shit because of your emotions.
>>
I just need this and Common Sense 2017 right?
Should I remove my anime HDDs for now until the wave ends?
>>
>>60358931
You need to install KB4012212 and I would definitely pull any spare hard drives of significant value.
>>
File: C_pfnkeXcAAm2ZB.jpg-small.jpg (66KB, 680x510px) Image search:
[Google]
66KB, 680x510px
And there are STILL people on /g/ that haven't switched to GNU/Linux because "muh games".
>>
>>60354142
Have win10 and haven't updated in almost 10 months. Everyone getting infected is retarded.
>>
>>60358951
>they translated it into german
Didn't expect them to be that thorough. But I stay on Windows because it just works, and it runs muh non free software like Autodesk and Adobe.
>>
>>60358968
Your IP is in the queue.
>>
>>60358906
50,000 books, for one.
>>
>>60358948
Welp KB4012212 is taking hours to download
Fucking M$
>>
>>60358995
Can they infect you if you disable the SMB protocol?
>>
>>60358984
One word: WINE.
>>
>>60358999
You are never going to read them anyway.
>>
>>60359010
Yes. They can infect you even if you're disconnected from the internet. Even if your computer is unplugged and all components disconnected. There is no cure for Wannacry.
>>
>>60359025
That's what butthurt believers actually believe. Cry more.
>>
>>60358999
Subtract the amount that you've read or don't care to read. Then subtract whatever is available on bittorent. Back the rest up on the cloud. Absolutely no one cares if you steal books anyways. If it's on bittorent then who cares?
>>
>>60359025
That is impossible. There's no way for them to access you if you're not on a network and have wifi disabled.
>>
>>60354142
Windows
>>
I haven't updated windows 7 since like 2015 and I'm fine. Just don't be stupid.
>>
>>60359037
Books are small compared to my anime
He can just put them on a drive
>>
>>60359064
You won't be laughing when you wake up tomorrow to find that screen on your PC.
>>
Can anyone upload KB4012212?
I don't want to wait hours on Microsoft's website
>>
>>60359064
The only reason you haven't been infected is chance. If you left your computer alone for long enough, it WILL be affected. Update or disable, or be stupid and wait
>>
File: 4666774.gif (697KB, 320x240px) Image search:
[Google]
697KB, 320x240px
>>60359025
>they can infect you even if you don't own a computer
>>
>>60359050
Well, there is, but this isn't it.
>>
>>60359064
yolo yeah bro she'll be right
>>
>>60359074
Because I can't laugh in scenarios that won't happen.
>>60359093
Which update anyway?
>>
>>60359093
I have a router firewall.
>>
>>60359127
KB4012212
>>
File: 15027982_1166981030016165_7283979433550695059_n.jpg (108KB, 960x720px) Image search:
[Google]
108KB, 960x720px
>be stupid
>Cut IT budget and resources
>Get hacked
Hahahahahha
When will they learn?? Id help spread this at work desu
>>
>Microsoft releases critical updates
>Write an emergency change, have the national manager sign off on it bypassing the standard change process
>Release the patches two hours later
WOWEE THAT WAS HARD
>>
Do you think this was a big group or some guy in his basement?
I would piss myself if I seen my cryptolocker all over the news like this. EVERYONE would want to kick down my door.
>>
Those faggots that aren't paranoid like me and don't backup everyday got btfo
>>
File: 1448495551705.jpg (573KB, 1247x809px) Image search:
[Google]
573KB, 1247x809px
>>60359100
wannacry infected my garden. everything wilted, said i had to pay $300 in buttcoins for new seeds :c
>>
>>60357482
uMatrix is a fucking nightmare to use if you ever want to stream anything from seedy streaming websites.
>Just torrent faggot
Streaming is faster
>>
>>60359158
If a hacker group names themselves with a videogame reference you are looking at a basement dweller.
>>
>>60359216
Or you could just use yt-dl+MPV
>>
>>60359216
Just use jdownloader
>>
>mfw I recently switched from dual-booting with a Windows 7 that hadn't been updated in 5 years to Linux only
>>
>>60358561
>psychological attacks
ur not supposed to know about those anon
pls, take your meds, they'll make u nice n fuzzy
>>
File: install what.jpg (111KB, 1134x700px) Image search:
[Google]
111KB, 1134x700px
>>60359248
Implying smartypants leet crackaz don't play six-dimensional underwater penis ping pong and name themselves ironically to ruse the uninitiated.
>>
>>60354574
Kys faggot
>>
LOL @ WINDOWS USERS
Seriously, if you're not using a distro why are you even on this fucking board except to jerk off to your retarded consumerism with all the other idiots?
>>
Can someone provide non-FUD information on what the possible attack vectors are?
>>
How is this anything but just another generic ransomeware thing? Why the fuck are people here of all places shitposting about it?
fucking reddit
>>
>>60359338
you answered yourself there fucktard
>>
>>60359170
Seeding is for losers anyway.
>>
>>60354142
do you really trust none of your coworkers are retard enough to get infected?
that's the problem here
>>
If I have network discovery and file/printer sharing disabled is this a concern? Should I still go through the registry and disable SMB?
Also, is the patch installed along with the normal updates, or do I need to go get it myself?
>>
>>60359338
So you are monitoring the systemd source code permanently so you can be sure Poettercuck hasn't put any backdoors in it?
>>
>>60354142
>and retards
there's your're are answer
>>
>>60359338
>be NSA
>write "patch" for linux
>it gets pushed to everyone
hmm
>>
>>60354142
this is what happens when you don't update windows
>>
>and retards
Lots of people are retards who don't update Windows.
>>
>>60358905
Thanks, I'll check it out.
>>
>>60358741
Ditto. Windows Update just stalls for me now. Either way I don't care much. I have tested backups in place.
>>
Microshaft is behind this to force more people to downgrade to win10
Do not fall for their tricks
>>
>>60359390
Stop using Windows. Install Arch Linux.
>>
>>60359437
Updating Windows is fucking idiotic, the only thing those stupid fucking updates do is slow down the PC, nag and cut off important work.
I haven't updated since 2011 and I sure as hell won't start now because of some pathetic weak ass ransomware.
>>
File: disgruntled pepe.jpg (238KB, 1337x1289px) Image search:
[Google]
238KB, 1337x1289px
>>60354704
way to greet someone who genuinely wants to know more you dipshit
If anything we need people to advance toward tech literacy
>>
Okay /g/. Explain to me how this ransomware can infect my PC if I disable SMB protocol, disable network discovery, turn off windows defender, and don't open any questionable content.
I've literally stopped every single method of them coming in. If they can bypass that, then MS can't patch it out and we're all still vulnerable.
>>
>>60359486
This ain't no laughing matter, anon. This ransomware will get you good.
>>
>>60359417
>implying some autistic stallman follower wont spot it in a second in the sauce code and make every single IRC channel blow up with rage and sweat from fatflaps
>>
>>60359511
Do you have a firewall blocking SMB ports?
>>
File: lZpQGOg.jpg (4KB, 124x120px) Image search:
[Google]
4KB, 124x120px
>>60359351
>Microsoft releases botnet Windows 10
>Anon: "Fuck you, I'll stick with Windows 7/8.1"
>Microsoft releases botnet updates for Windows 7/8.1
>Anon: "Fuck you, I'll cherrypick muh updates and won't install the botnet ones"
>Microsoft makes it impossible to cherrypick updates, providing all-or-nothing update rollups only
>Anon: "Fuck you, I'll stop updating at all"
>entirely (((coincidentally))) exploits for all still usable Microsoft operating systems suface and get loose into the wild
>>
>>60359545
don't ever respond to me again
>>
It's already contained, they found a killswitch.
>>
>>60359536
why wouldn't I have a firewall?
>>
>>60359536
>blocking SMB ports
B-but this anon >>60359093 literally said "If you left your computer alone for long enough, it WILL be affected"
>>
>>60359351
Because it's a Ransomware worm. That *is* pretty novel; typically Ransomware are just trojans.
>>
File: Shitindows 7.png (1KB, 411x23px) Image search:
[Google]
1KB, 411x23px
Is disabling SMB1 on W7 enough or do i need to update this shitshow? I havent for 8 months.
>>
File: for_the_rest_of_them.jpg (356KB, 1920x1200px) Image search:
[Google]
356KB, 1920x1200px
>tfw I deliberately try to get malware so I might have some human interaction with ransomers
>>
>>60359346
>anon asks for some non-FUD info
>literally 0 replies
>>
>>60354142
>Run regedit.exe
>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters
>set "SMB1" to 0 (if it doesn't exist create a new DWORD)
Problem solved. If you're still using SMBv1 and not SMBv2 or SMBv3, you deserve it.
>>
Literally just get a router and make sure port 445 is closed, christ.
>>
File: 1449812973670.png (340KB, 519x453px) Image search:
[Google]
340KB, 519x453px
So should I update my laptop with Windows 7?
Fucking Microsoft.
>>
File: C9gGfvLU0AAUwFs.jpg (129KB, 1199x412px) Image search:
[Google]
129KB, 1199x412px
>>60359675
>>
>>60359012
Two words: Doesn't work.
>>
File: toulette.jpg (12KB, 325x258px) Image search:
[Google]
12KB, 325x258px
>>60359733
>Does not work
>two words
>>
>>60359507
>pepe poster
Get the fuck out faggot, we want less retards here.
And no, spoonfeeding people doesn't fix the inherit cause which is that these people (you) are fucking lazy bastards who won't put in the effort that the rest of us did.
>>
>>60359689
Or, better yet, just filtered (no reply at all instead of a RST one).
>>
File: dontwannacry.png (38KB, 688x253px) Image search:
[Google]
38KB, 688x253px
OY OY OY, the campaign was already shut down. Pic related. Had to deal with this bs all day monitoring the .onion domains it uses as command channels for my own company to look for post infection traffic.
Article:http://archive.is/jjEts
Naturally though, future malware/ransomware campaigns are likely to leverage this same Windows SMB exploit. So right now the time to take a lot of precautions others have been correctly highlighting here before another campaign boots up. However you can't be infected by this particular wave using this exact ransomware sample. The C2 infrastructure is essentially offline.
If you have absolutely no use for the SMB protocol then there is no reason not to disable it. As many have pointed out, your lone PC sitting at home isn't a target nor would it likely be infected due to the main propagation being lateral movement within a network internally through use of the SMB exploit. The initial 'patient 0' within a private network would still have to get infected through more routine methods like scripts running on compromised sites or opening malicious docs/attachments.
Now is a good time to port scan the device at the very edge of your network that is the most external facing. Whether that be your router or whatever clunky modem/router gateway device combo shmuks sell now.
From a device NOT on your internal network (can be your phone whatever), port scan your public IP/IPs.
Hell you can even just use: https://mxtoolbox.com/PortScan.aspx
It checks port 445 by default. Close port if open, disable SMB, patch anyway, no worries just keks.
>>
File: 8JFWWma.jpg (63KB, 480x640px) Image search:
[Google]
63KB, 480x640px
>>60359417
>anyone can put anything they want into linux
>>
File: my apologies.jpg (130KB, 963x600px) Image search:
[Google]
130KB, 963x600px
>>60359675
No, he asked to be spoonfed because he's too lazy to read anything.
>>
>>60359780
My English teacher would actually count contracted words as a single word for X words essays.
She was a cunt.
>>
>>60359820
>the NSA is incapable of submitting source code to linux with a hidden backdoor
whatever helps you sleep at night anon
>>
>>60359827
By contracting it, you are making it a single word.
>>
>>60359845
>what is patch sign-off
git rm yourself
>>
>>60359870
I don't think the person you responded to even knows what this "git" thing is.
>>
>>60359827
if you didn't want it to count as one word you shouldn't have contracted it you stupid fuck.
>>
>>60359827
>using contractions in a stupid school essay to begin with
what'st've the fuck is wrong with you
>>
>>60359827
That's how it works everywhere you dumb illiterate fuckweed.
>>
Does anyone know how to get this? I kinda want to see it in a VM
>>
im on windows 7 and i just did an automatic update but the the update was from may not march, am i fine or do i need to install that march update specifically ?
>>
File: 1476551449757.jpg (45KB, 711x669px) Image search:
[Google]
45KB, 711x669px
>>60359889 >>60359870
>they would never accept bad code on my hobby os!
gas yourself
>>
>>60354142
I just booted from my dual boot linux partition
am I safe?
>>
Can it get to my windows 7 part while I'm my linux part?
>>
>>60359980
kill yourself and stop using gnu/linux if you can't figure out such a simple fucking question by yourself.
>>
>>60359963
>hobby os
>shitty meme
>shitty meme image
>blatant lack of knowledge
Let me guess...you use a Mac?
>>
>>60359980
you're fucked, latest reports say it affects linux too
>>
Can i get the ransomware through applications like Steam?
>I'm not on a public network and have SMB disabled.
>>
>>60359963
>hobby os
Oh, a baiting teena/g/er. No thanks.
>>
>>60359997
Yes.
>>
infection map
https://intel.malwaretech.com/WannaCrypt.html
looks like China is hit pretty bad
>>
>>60354142
>one retard clicks it
>spreads to entire internal NHS network
with a windows monoculture it only takes one retard to fuck a shit ton of people
>>
>>60359989
>Linux devs are infallible!
>>
File: devilish.gif (2MB, 425x481px) Image search:
[Google]
2MB, 425x481px
i'm considering not blocking the port anywhere i manage so i can convince people to move to linux easier
is this the future of passive resistance?
>>
>>60359997
all you have to do is update windows
>>
>>60360058
if that's your goal you should personally infect the networks.
>>
Funny that I still panic a bit, it's kinda like a "legacy panic" from using Windows for so much time.
>>
>>60359989
>>60359999
>be condescending linux shitter
>get replied to like one
>continue to be condescending
Don't worry, linux will never have a back door. They can't do wrong. They will never be infiltrated by any three letter agency.
There has, in fact, never been a linux backdoor.
>>
File: 1476920675541.png (325KB, 400x600px) Image search:
[Google]
325KB, 400x600px
How the FUCK do I download KB4012212/4012215 manually? They said it would appear in Win Update, but it's not there at all.
I refuse to let it auto-update, like these niggers want me to.
>>
>>60360074
but that's not passive and i'll feel bad. this way i'm just letting nature happen. avoidance of action is not an action.
>>
>>60359818
>disable SMB
So you aren't supposed to be using SMB/Samba at all anymore? What about all the NAS servers on all the LANs? Just drop it and replace with what? FTP? Fucking NFS?
>>
>>60359417
this is b8
>>
>>60360060
I honestly don't know what is worst, geting the malware or having to sit through a bunch of windows updates..
>>
>>60359818
idgi, if it can't install itself anymore, how are there still thousands of new instances appearing on the tracker
>>
>>60360105
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
>>
File: 1491515407173.gif (335KB, 400x400px) Image search:
[Google]
335KB, 400x400px
>>60360103
>>
>>60354142
>tfw I don't have smb in regedit on XP and Vista.
>>
>>60360127
Thanks, friend.
>>
Can my Acer Aspire with Windows 95 be infected?
I have to use my Encarta 95 to make my homework this weekend..
>>
>>60360183
kill yourself back to wherever you came from.
>>
>>60360183
Yes, you should update to ME.
>>
>>60360126
5k since I posted this in fact
>>
That does it, I'm switching back to linux.
I only went back to windows because of games, which I dont even play anymore
>>
>>60360103
Yes. Even the Intel Management Engine running in ring -3 tips its fedora and kindly shuts off if it sees the Linux kernel booting.
>>
>>60360183
Should have gotten it Never Obsolete
>>
>install windows update
>15 fucking mins later....
>the constant fear of your work station being fucked by the update
>walking out of the room and pacing like your waiting to hear something good from the ER
My personal Linux computer doesn't do this to me and I'm glad for it.
>>
File: 1465221971413.jpg (16KB, 640x480px) Image search:
[Google]
16KB, 640x480px
Is it a coincidence this is a literal NSA virus and it was released the day after Easy D's cyber security executive order?
>>
>>60360183
>I have to use my Encarta 95 to make my homework this weekend..
wtf m8
>>
>>60360143
>>60360281
stop trying, you austist
>>
>>60354142
Is XP and Vista fine if they don't have SMB in the registry?
>>
>>60360292
this is obviously a NSA/CIA false flag, for what purpose, Idk.
>>
>>60357960
For isolation of your Windows host OS from malware exposure when surfing and communicating.
Browser appliance VMs have been a thing for a long time. Google "browser appliance VM" for many examples.
>>
>>60360183
>Encarta 95
You don't need online access to use it, and the online Encarta closed along time ago.
>>
>>60360158
XP only suports SMB1, so the only way is to shut off SMB completely.
>>
>>60360312
XP's not fine at all
>>
>>60357971
You could boot a live Linux from USB and use that to download any updates you want, make backups etc. Everyone should keep at least one live Linux flash drive for rescues, backups and troubleshooting.
https://www.pendrivelinux.com/
I use Xubuntu for it's excellent driver support.
>>
>>60358674
>Back up your important shit to the cloud.
>in the cloud
>cloud
congratulations you are mentally retarded
>>
File: plateu.png (21KB, 475x570px) Image search:
[Google]
21KB, 475x570px
>>60360126
I see why it's conflicting on some of the trackers. Whatever they are using as a metric for the 'new' infections doesn't seem to reflect the fact that it's stopped. However the total number of online nodes has been drastically falling. Intel's tracker shows only a little over 1,500 are online at this point.
https://intel.malwaretech.com/botnet/wcrypt
>>
So I installed the 4012212 update, would it be wise to mess with regedit to disable smb1?
>>
>>60360058
>so i can convince people to move to linux easier
There is not an (insert all hardware ever made here) driver to (insert non microsoft windows os here).
So leaving microsoft is impossible as sad it is
>>
>>60360394
nice. reminds me of hiren's bootcd
>>
I'm safe right?
>>
>>60360373
How?
>>
>>60360455
There are often more drivers for older hardware in Linux. It's easy to see if someone's hardware is supported by booting a live distro from USB.
>>
>>60360378
Isn't there a PoSReady security patch for XP against this?
>>
>>60360466
This is much better IMO than Hiren's. I like WinPEish-live OS too.
http://falconfour.com/category/bootcd/
>>
I download shit from ddl porn sites all the time and never get infected. What are all these normies doing to infect themselves?
>>
>>60360500
There was at least one exploit which was not patched out of XP, I'm pretty sure.
>>
>>60360500
If there isn't it could get ugly.
>>
>>60360484
>It's easy to see if someone's hardware is supported
someone current hardware, not future one
Look, I am not shilling for windows, its not *linux fault, *bsd or whateaver fault, its hardware makers fault.
One of the biggest points of having an os instead of bootable programs is that the developers of the program dont need to give support to every hardware in this universe, you have the os and the hardware maker make the driver for the os.
The thing is if the developer don't make the driver for the oeses then they are fucking with this entire system we decided to follow
>>
Are there actually retards on this board who refuse to install security updates?
>>
>>60360550
Yes. We believe that updates are just the good goy's way of slowing down our OS so we are amazed at the still-sluggish speed of Winblows 10.
>>
>>60354781
>All an attacker has to do is send an infected attachment.
>>
I installed the update, how do I know if I'm actually protected?
>>
File: 1485343385168.jpg (53KB, 440x487px) Image search:
[Google]
53KB, 440x487px
>>60359787
>>
>hackers are using stolen government cyber weapons to ruin people's computers for money
This is cyberpunk as fuck.
>>
>>60360533
>someone current hardware, not future one
"Future" hardware purchases should be planned with Linux support in mind. That's easy enough. I do it.
>>
File: easy-d.jpg (103KB, 750x918px) Image search:
[Google]
103KB, 750x918px
>>60360292
>>
>>60360575
Yes.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1252&desc=5
>On workstations, attackers can access mpengine by sending emails to users (reading the email or opening attachments is not necessary), visiting links in a web browser, instant messaging and so on. This level of accessibility is possible because MsMpEng uses a filesystem minifilter to intercept and inspect all system filesystem activity, so writing controlled contents to anywhere on disk (e.g. caches, temporary internet files, downloads (even unconfirmed downloads), attachments, etc) is enough to access functionality in mpengine.
>>
>>60360614
>"Future" hardware purchases should be planned with Linux support in mind. That's easy enough. I do it.
then you will have to limit your hardware because of the os
>>
>>60357924
>virus exploits windows
>doesn't need user interaction
>user linux in a vm to browse
>with a windows host
retard
>>
>>60360622
>MsMpEng runs as NT AUTHORITY\SYSTEM without sandboxing, and is remotely accessible without authentication via various Windows services, including Exchange, IIS, and so on.
>>
File: 1465680752658.png (67KB, 716x518px) Image search:
[Google]
67KB, 716x518px
How do I use this to download a single update? MS site itself doesn't fucking work
>>
>>60360455
I've only once had issues with internet only working on Windows on a prebuilt, and I don't even think it worked on Windows. Prebuilts are all sorts of fucked.
The worst part of all this is, nothing working is the fault of user convenience. Prebuilts are awful garbage with planned obsolescence. Windows only works out of the box on these prebuilts, otherwise you gotta fuck with drivers. Even with Mint and Xubuntu on prebuilts, I've had issues. The only place I've not had issues is on a custom built pc, running something like Arch. Because this way, you'll end up learning shit about how your system works instead of googling whatever random error XFCE decided to pop up with today.
Sperg rant aside, people need to learn how their shit works instead of ignoring it and then complaining when it breaks. But they won't. And they never will.
>>
>>60360623
So what? IRL that's not much of a constraint. If it bothers you then use Windows.
>>
>>60357224
>Ads are a core component of internet culture and the internet experience
>>
>>60354221
>Wikileaks released NSA's tools to the public
thats not true.
the cia was passing their tools around to contractors without sufficient security. a whistle blower notified wikileaks that the cia lost control of their tools. if wikileaks didnt publish the information we likely wouldnt know where this ransomware came from.
>>
>>60357224
go fuck yourself faggot. adblock till the day i die
>>
>>60360654
you don't use it to download a single update. you find your preferred placebo "antibotnet" list and throw it in the excludelist file in "client"
it downloads everything else and installs everything except what you excluded.
>>
>>60354781
FUCKING MY WIN 7 HASN'T BEEN UPDATING FOR MONTHS BECAUSE OF SOME STUPID ASS BUG.
I use dual boot with Ubuntu but a lot of my important files sit in the Win 7 partition. I'm so scared of even booting up Win 7 now.
>>
>>60360678
fuck it, why are they making my life so hard? I have no idea what you just said I just want to watch chink cartoons in all peace.
>>
They released a patch in March for this. These dumbasses are afraid of muh botnet to update. Serves them right.
>>
>>60360403
>>60360126
Shit, wait wait, it's because they use fuggin' Norse to populate their data. Complete bs and not attributable to locations nor live infections.
http://archive.is/53qQW
>>
File: fuck you.png (149KB, 1955x584px) Image search:
[Google]
149KB, 1955x584px
>>60360690
>why are they making my life so hard?
are you a fucking moron or what?
i won't spoonfeed you any more than this.
>>
>>60357802
You don't have to open any attachments to get wannacry, you nigger loving faggot
>>
>>60360762
i did not understand anything in that image. you suck at explaining
>>
>>60360791
too bad for you then. enjoy the ransomware.
>>
>>60360762
This just downloads everything. Again. How fucking difficult is it to explain something?
>>
>>60360511
It's basically a somewhat updated and enhanced version of Hiren's boot CD. Has been dead since a few years too, though. It's rather tough to keep a boot CD current if it's based on XP.
>>
>>60360825
>How fucking difficult is it to explain something?
i already did explain it. you can force it to not install "botnet" updates by throwing your preferred list of "botnet" updates in the file i highlighted. then you run the installer and it does everything for you.
>>
>>60360606
>>>/cyb/
>>
File: 1494378041179.jpg (130KB, 979x475px) Image search:
[Google]
130KB, 979x475px
>>60359787
>>60360603
>>
>>60354142
Everyone is susceptible to accidents in common computing environments.
>>
>>60357746
I have seen zero screenshots of this happening, only Win7 machines.
>>
What happens if you open port 445 and block www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com?
>>
File: 1276512359600.jpg (25KB, 366x380px) Image search:
[Google]
25KB, 366x380px
>>60360962
>and block www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com?
>>
>>60360877
I think you mean /lainchan/. Come to think of it, that place might be exploding.
>>
>>60360764
What about webmail services such as gmail, outlook.com etc. Can you become infected by logging into your webmail client via a web browser?
>>
>>60360851
I wanted to download a single update. You haven't given me the option to do so. I'll install /g/entoo in time trust me. It's just I haven't done so yet for personal reasons, not because I am too stupid to understand.
>>
>>60354221
it's awesome having the best of the best working for our side, i mean this is a tool that is released, it's out of date, just imagine what they can do now
>>
>>60361116
You can download the single update from the Microsoft link linked three times in this thread.
>>
>>60361116
>I wanted to download a single update.
then go to the website posted multiple times in this thread, but know that you are a moron for doing so.
>>
File: NSA-us-patent-6175625.png (320KB, 4482x3265px) Image search:
[Google]
320KB, 4482x3265px
>>60360292
>Friday, midnight, still at office
>No IT dept, I volunteered to help out once and now I'm IT + myrealshit.
>open server room
>windows 2000 controlling the HVAC
>disable file sharing and wonder what the hell else I could even do at this point
>win7 wont take *.msu updates (installer encountered an error....), 'windows update' crashes
>fuck this, global lan/wan rule blocking 445
>go home
>>
>>60360962
what if some cock ddos that site?
>>
>>60361201
if you aren't getting paid extra for your pseudo-IT position, you're wasting your time.
>>
>>60361261
"So anon, you kinda know this stuff, yet you did NOTHING in this utter case of emergency?! Expect this incident to have an impact on your next employee evaluation. That is all Anon, you can get back to <yourrealshit> now. Shut the door behing you as you leave the room."
>>
Can anyone provide an explanation of what specific installations are vulnerable? What is an appropriate course of action? Should I even worry? I'm on a combination of Win7/Ubuntu/Debian systems.
>>
>>60361362
Y-yes sir...
>>
>>60361366
update Windows
>>
>>60361366
>regedit.exe
>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters
>create a new DWORD: SMB1
>set SMB1 to 0
>>
>>60360837
So is there any modern equivalent of Hiren's boot CD?
>>
>>60354142
ransomware is for wincucks
>>
>>60361707
>muh Linux
How do Linux' SMB/CIFS implementations look from the perspective of these vulnerabilities? How about Samba daemons?
>>
>>60360523
>>60360524
Is there anything like WSUSoffline or Autopatcher that would allow to download all POSready XP updates without using the MS update client?
>>
>>60357549
you caught me, but i'm not that guy. just another marketer on /g/ (((informing))) the masses via ads. hehe u can't stop us we pay big $ to keep those ads up!
>>
Should I even be worried if I update every time the botnet tell me to?
>>
>>60362660
Nevermind, it never installed the shit for SMB.
>>
i havent been infected and i just updated my windows 7 through windows update, dont care about botnet shit at this point. am i safe?
>>
>>60362768
I just heard about this and here's what I found.
Go to Control Panel > Windows Update > View Update History and check if you have KB4012215 Patch on 3/15 and KB4012212 (I don't have it so I have to download it, but the servers are being crap right now).
Next you want to do >>60359678
And you should be fine.
Thread posts: 357
Thread images: 51
Thread images: 51