Random meme part 5

So closing port 445 and SMD 1 fixes this shit right?

File: 61107_1.jpg (281KB, 1024x1024px) Image search: [Google]

281KB, 1024x1024px

>blocked port 445 in windows firewall but still says its listening in netstat -a
what gives?

File: Capture.jpg (19KB, 1084x60px) Image search: [Google]

19KB, 1084x60px

Win 7 Ultimate Edition (pirated ofc) master race here (all other Windows is cancer and Linux is dog turd, Macfags kys)

Also, Microsoft go fuck yourselves I ain't getting 10, it's shit and this marketing stunt pretend ransomware won't make me budge.

>have not updated since 2014
>thanks to everyone trying to be constructive and helpful in these threads I got what I needed fast
>even with all the trolls it's easy to get all relevant info from /g/ if you are a tiny bit tech literate
>blocked port
>pic related, installed the security update manually just now

Thank you guys.

Who else /comfy/ and /safe/ here?

>tfw you have no data worth backing up

all this time on computers and nothing to show for it

No one is being affected anymore, idiots

You think Governments are looking at the effects this had with great interest?

So they could use something similar themselves? or do they have more potent weapons?

File: 658fd8170576fc0a9a3d297e76f6f8e18512167d96b5eaefe0ad6c780957ad0f.png (148KB, 958x920px) Image search: [Google]

148KB, 958x920px

YOU ARE SAFE, THE VIRUS HAS BEEN KILLSWITCHED.

TECHNICAL INFO @ https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168

What are the chances of Microsoft being behind the attack so they can force everyone to switch to Win10 with its forced updates?

File: 1494336584540.png (30KB, 354x286px) Image search: [Google]

30KB, 354x286px

>mfw every single computer in the Brazilian Social Security System was affected

Feels good knowing that the favela scum will not get their welfare because of hackers.

File: in.jpg (87KB, 1425x277px) Image search: [Google]

87KB, 1425x277px

someone explain

>>60357470

They are wondering what to do if the attacker is known and state sponsored/connected and not in an extradition country.

File: ss (2017-05-12 at 09.07.13).png (8KB, 378x305px) Image search: [Google]

8KB, 378x305px

is this enough or does remote port have to be specific to 445 as well

How to check if I correctly disabled smbv1?

>>60357547
The spread is over

>>60357535
How can we know that for sure? Maybe there's another domain?

File: 56416784.png (633KB, 1280x720px) Image search: [Google]

633KB, 1280x720px

>use SMB to sync music and photos between phone and PC
>disable SMB1 thinking syncing would still work because SMB3 is enabled
>syncing no longer works

>>60357535
So what? The hackers will just change a single line in the code and release an updated version of the virus.

Remembering that one time supernigger decided to make phone calls and it was very funny.

https://www.youtube.com/watch?v=B4AOvYLkUfw

>WannaCry
Are those hackers 15 years old?

>>60357538

Forced updates prevents stuff like this from happening.

That's why it's not affecting end users with updates auto enabled.

At least it's decent of these to actually decrypt your files should you pay. Ransomware could live up to it's name of being malious and just take your money and destroy the files anyway.

>>60357507
there's a service listening on that port

>There are people who are so autistic they feel the need to produces viruses

Why?

>>60357539
So they managed to hijack rocks and sticks? Based hackers.

File: IMG_20170508_213823.jpg (19KB, 476x345px) Image search: [Google]

19KB, 476x345px

>>60357547
First of all it has been dead for a while.
Second, think for a moment, why would it matter if you weren't specific? A nuke will work if a grenade will.

What's a sinkhole

>>60357566
Just re-enable it tomorrow or so? Do you need to sync those files right now?

>>60357561

If he mitigates that will show he is either State or a hardened EBoss who doesn't give a flying fuck. Instead of a 14 year old hicker on steeroids.

>>60357542
Then WWIII begins not with nuclear bombs but with exchanges of increasingly sophisticated worms that target the participant countries' civilian populations

>>60357539
I'm sure, abruptly switching off the entire Brazilian Welfare System will have no unintentional and deadly side effects down in the ole favelas, nope.
>NervouslyGrinningMonkey(encrypted).jpg

>>60357566
>not just using a paid cloud service
Nerd

>>60357538
Windows forces updates precisely for this reason. 99% of computer users, especially those on this board, need to be babbied.

>>60357584
I may have misread, but I though only like 5 payments have been made to the wallet

>>60357584

When crews are getting near to an end of a run or freaking about because of "whatever" they sometimes stop decrypting.

>>60357603
A sinkhole is a depression or hole in the ground caused by some form of collapse of the surface layer.

File: 1492178677844.jpg (53KB, 1024x270px) Image search: [Google]

53KB, 1024x270px

>>60357600

It's actually bananas and chickens. What do we think we are, Africans?

>>60357590
They likely made more money today than you will make in your entire life

>>60357618
Got 36.6tb of cloud hosting for free.
Your point?

>>60357625
le common sense meme

File: 72468395.jpg (405KB, 1920x1280px) Image search: [Google]

405KB, 1920x1280px

>>60357585
So I have to delete the Inbound rules that have port 445 on them and just leave the 445 rule that blocks it in there?
pic unrelated

>>60357463
445 or 455? I'm getting conflicting responses.

>>60357628
Oh probably, but I just meant for ransomware in general. Unless there are some that do just take your money and delete your files.

>>60357637
The three most common wallets have only pulled in 12k.

>>60357643

just update your OS you mongololid

>>60357584

If your files were fucked either way, why would anyone pay the ransom?

>auto updated Windows 10 yesterday
>coincidentally disconnected my USB dongle last night
A-Am I safe?

>>60357643
Just block both.

What's the update name for this?

File: 1457903110117.jpg (83KB, 393x325px) Image search: [Google]

83KB, 393x325px

>>60357637
>They likely made more money today than you will make in your entire life

>>60357643
445

>>60357662
*wifi usb dongle

>>60357538
Yes, Microsoft infected hospitals and killed people in a scheme to get everyone onto W10.

>>60357576
Names are usually assigned by security researchers, and a lot of them are newer generations who lived through the mid 2000's teen angst
Just look at the Vault7 leaks, all the codenames are literally teen bullshit or tumblr/reddit memes

>>60357643
445, 139, 3389

File: 1489562444798.jpg (66KB, 500x509px) Image search: [Google]

66KB, 500x509px

Sky news is reporting, citing a security expert, that the code the ransomware uses is so stupid that it should have never been spread around so easily.

>>60357689
>That page on Japanese emoticons
I can't believe those types of people work at the CIA.

>>60357662
you're fine anon, it only affects outdated systems (a 2 month old update fixed it)

>>60357639
This.
I haven't updated windows 7 since 2012, cause im not a cuck and i am totally doing something it would interupt 24 hours a day 7 days a week. I heard windows 10 has a keylogger and won't let you use steam or something. Anyway i just use common sense 2k17 and read the comments before torrenting porn executables from the pirate bay. P.s. What's javascript, flash, or any other plugin lol?

>>60357688
How many people died in the British NHS chaos?

File: lol.jpg (24KB, 460x276px) Image search: [Google]

24KB, 460x276px

>>60357688

>>60357640
do

netstat -ab

to see which executable is listening on that port.

>>60357703
>sky news
lol

>>60357703
Yes, using Windows in security-critical environments is really, really stupid.

Anyone else find it curious that whoever made this built a kill-switch into it?

false flag / warfare drill?

"Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm."
https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168

>>60357703
What did you expect from the Microsoft Poojeet Security Team?

I'm running Windows 8. Not 8.1. Just vanilla 8. Haven't updated since 2015. How fucked am I?

>>60357703

Never underestimate the end user. NEVER.

>>60357718
Six gorillion and counting

>>60357633
Yes.

>>60357738
There are many functional and pragmatic reasons rolling out linux isn't always the best choice.

>>60357739
It was probably for testing.

>Spend 10 seconds updating OS
>Problem solved

WHy is this so hard for some people?

>>60357739
or a test that became way more successful than it was supposed to be?

File: 1373856071293.png (126KB, 229x345px) Image search: [Google]

126KB, 229x345px

>all the wangblows babbies in these threads scrambling over themselves

File: cs.jpg (4KB, 200x200px) Image search: [Google]

4KB, 200x200px

>>60357703
Oh, is Nate Silver doing CS now?

>>60357535
>3 bitcoin addresses hard coded
If it uses the same bitcoin wallet for multiple computers how can the hacker know who paid and who didn't?

>>60357713
you realize you are exactly the kind of person I was memeing about when I said common sense meme?

>>60357749

RIP Hafiz, Ahmed and baby Mohammed1, baby Mohammed2, baby Mohammed3, baby Mohammed4, baby Mohammed5 et al.

>>60357739
No. It is pretty normal.
What is retarded is only having one control point.

>>60357463
Hey /g/ which update do I need?

>>60357790
Yes? I was just meming along anon.

>>60357670
Gentoo

So how is this shit spread?

>>60357805
Iwill just pretend I never said anything in shame

>>60357767
That's a problem with proprietary software, which the medical industry relies on worldwide.

File: Untitled.png (59KB, 1720x362px) Image search: [Google]

59KB, 1720x362px

born to die, windows a fuck
128,365,839 encrypted jpegs

>>60357767
>There are many functional and pragmatic reasons rolling out linux isn't always the best choice.

I keep my Windows installs comfortably safe in VMs on a Linux host so I can reboot into an earlier snapshot for convenience. There are plenty of ways to cover your ass. I like them for checking out software I may not wish to leave installed.

>>60357800
Microsoft Security Bulletin MS17-010

File: 1475219669049.gif (295KB, 700x704px) Image search: [Google]

295KB, 700x704px

>>60357726
>Can not obtain ownership information
Huh. well then.

File: nice job OP.jpg (46KB, 637x480px) Image search: [Google]

46KB, 637x480px

>>60357463
>that fucking image

>>60357836
Initial drop was via massive email campaign with pdf attachment. Once on a network it uses SMB service to spread.

>>60357860
>Microsoft Security Bulletin MS17-010
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

How do I know which ones to download?

>>60357739
Well, it was made by the CIA.

so i just need to block port 445 in windows firewall or what

>Updated Windows

Feels safe mang

>>60357876
Have you run cmd with admin rights?

>>60357787
>guys how can I tell where these emails came from

>>60357836
By scanning the internet for anything with port 445 open

File: Claudia Black.jpg (470KB, 936x1406px) Image search: [Google]

470KB, 936x1406px

Can I get a direct link to the windows update file patch please

Have some claudia black

>>60357880
Kloss literally called her team of coders, and right now they're manually bruteforcing the thing.

She's a fucking hero.

>>60357603
Basically, it's the inverse opposite of a henweigh.

>>60357906
>didn't
Feels apathetic, man.

>>60357916
Not him, but same shit and yes

Obvious falseflag to get people to update windows.

>>60357603
lewd

>>60357920
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013429

File: koding with kuntie.jpg (17KB, 480x336px) Image search: [Google]

17KB, 480x336px

>>60357922
I hope they buy more fucking salads

File: Kornheiser_Why.jpg (23KB, 288x499px) Image search: [Google]

23KB, 288x499px

>>60357902
>whitelisting 445 in the first place

File: cirnoteachesonthecorrectnumberofdimensionsintheperfectuniverse.jpg (54KB, 699x451px) Image search: [Google]

54KB, 699x451px

>>60357920
Nope.

>>60357916
Yup, before that I ran it without and tried netstat -ab, saying it needed more rights
After that I got that one

File: 2014-08-dear-kate-4.0.jpg (498KB, 1024x768px) Image search: [Google]

498KB, 1024x768px

>>60357922
Are they feverishly coding away in their underwear?

File: ruhroh.jpg (57KB, 520x545px) Image search: [Google]

57KB, 520x545px

>>60357941
>Not him, but same shit and yes

>>60357956
it's used by some lame windows services, you have to disable those services too. That's why malware uses that port.

>>60357963
>bullshit free zone
>fat ball of lard with panties using a fucking surface tablet to comment on other people's code

lel

>>60357963
This shit is serious nigga. They are naked.

>>60357963
>bullshit free zone
>fucking wordpress down there
everytime

>>60357844
And you think they would just open source?

>being a winkek in 2017
Haha wow

>>60357999

>People still havnt deleted system 32

File: IV2DMOt.png (12KB, 539x284px) Image search: [Google]

12KB, 539x284px

>>60357726
not OP but what's this

Anyone got an idea of how large the damage will be on this?

An annoyance, or more serious?

File: file.png (4KB, 520x33px) Image search: [Google]

4KB, 520x33px

am i done for

>>60357463
Patched in KB4012212 (Security Only), disabled SMBv1 in the registry.

And now, bed.

File: ayylmao.jpg (31KB, 475x284px) Image search: [Google]

31KB, 475x284px

I have access to free energy and a quad-core i7 laptop, should I start mining bitcoins /g/?

File: 1494273375775.jpg (77KB, 384x384px) Image search: [Google]

77KB, 384x384px

>>60357999

>2017
>people dont know how to maintain their personal devices
i know its free money, but it still makes me slightly mad

so... win10 without an update in the last 10 months (very bad internet connection). I just unticked the smb thing from control Panel > programs > windows features. Then reboot the pc and here I am.

Do I need anything else?

>>60358014
Shut it down.

all these faggots here complaining about forced updates when it's clearly the only way to keep 99.9% of Microsoft customers safe.

>>60357920
Have one for windows 7 mate?

>>60358034
Just put a miner in the next commit for your malware.

>>60358016
government institutions and shit are hit, it will cause a massive shitstorm that will be blamed on russia, actually this might trigger world war 3 possibly on the grounds of a cyber attack

i think obama said or was it hillary, cybe attacks should be considered to be the same as a traditional military aggression and attack

buckle up folks, its only starting

>>60358016
The damage probably stopped already, the thing had a killswitch.

>>60358054
I had no idea that was a pony pic. How the fuck did you know?

>>60358041
if you don't have it by now then you're fine, it's not spreading anymore

>>60357922
Who is Kloss

>>60358061
For
>>60357951

could I just turn the computer off until the problem goes away?

>>60357566
>SMB
What the shit is that? I just use Apple iTunes™ and Apple iCloud™. It just werks, and no ransomware involved!

File: 617e496e7d3a93fcfadd2945925e4c381570a0d9d06464bc1a8ffadb94fb610c.gif (688KB, 286x310px) Image search: [Google]

688KB, 286x310px

>>60357510
Nobody asked about your phobia of change and nobody gives a fuck.

>>60358042
Mind telling me how? I'm a babby~

>>60358016

The response from governments in high rate areas will be rational, pragmatic, effective and will NOT be used to further erode civil liberties.

^___^

>>60357957
That z axis is oriented wrong.

Dumb anime bitch.

>>60358093
sure, if you never turn it on again

>>60357916
I also did the same as the rest and got the same message.

>>60357919
>He thinks an open port allows you direct access to the filesystem

Possibility of infection by a network node ?

Sry for crap engrish

>>60358088
A legendary coder

>>60358088
>>60358088
>Who is Kloss

the girl from bill nye saves the world that did the report on global warming in venice, and designer babies.

Is Tinywall enough to protect me?

>>60358127
Why is Kloss a meme, I don't watch Bill Nye

>>60358016
The damage is already done, it was killswitched (at least for now)
But yeh it was pretty serious. The NHS in the UK were hit, as well as other government institutions

>>60358065
I doubt it'll trigger ww3, partially out of the fact that the russians were hit as well, but the hacker was russian
It'll likely just start another diplomatic shitshow that we'll see die down as soon as a russian does something new

>>60358014
>>60358119

If you now do netstat -abo, what PID ID is it running?

Just installed the march update from the catalog :)

Goddamn i hate the update structure in windows, shit takes forever

At least i'm 100% safe now though

File: 1365618338558.jpg (58KB, 590x632px) Image search: [Google]

58KB, 590x632px

>>60358107

>>60358120
That's how this exploit works, sweetie

File: incredulous bear.jpg (67KB, 452x452px) Image search: [Google]

67KB, 452x452px

>>60358106
I'm so glad I don't live in the UK

File: raymoos.jpg (1MB, 2000x2313px) Image search: [Google]

1MB, 2000x2313px

WAKE UP REIMU WE HAVE AN INCIDENT!

>>60358138
>I doubt it'll trigger ww3, partially out of the fact that the russians were hit as well, but the hacker was russian
Clearly the only appropriate response is for a western hacker to target mostly western targets with some incidental russian ones, and then blame everything on russia.

Am i dead yet

>>60358104
>>60358139
PID 4, svchost.exe
Something's telling me I shouldn't kill that

All my Windows machines are up to date and my firewall is closed anyway, so I'm not worried about actually getting hit but this got me thinking.

What's the best practice in regards to protecting network shares from ransomware? I can't think of anything better than keeping the bulk of the stuff read-only and having a sort of "temporary" share with write access. You could copy shit in the temporary share and move it to its proper place by accessing the actual server over ssh or such. But that seems like a huge PITA, is there a better way?

>>60358155
Moron.

>>60358139
4

>>60358074
Thanks.

>>60358138
https://intel.malwaretech.com/botnet/wcrypt/?t=5m&bid=all
show no sign of stopping. In fact it has gone up in the last 5 min.

>>60358074
Proof?

>>60357983
how do I find that out

>>60357535
>Microsoft fixed this vulnerability March 14, 2017. They were not 0 days at the time of release.
>If you have common sense and at least get the fucking security updates, you won't be affected

>>60358016
I think some fat brits might not get their insulin or something.

>>60358073
some faggot linked it in another thread

>>60357963
WHY WOMEN HAVE TO RUIN EVEYTHING REEEEEEEEEEEEEE

>>60357888
>pdf attachment
pdfs can contain exploits? How?

What's the exact update that fixed this?

>>60358095
Super Mario Brothers

>>60358193
search how to block port 445

>all these winbabbies freaking out and installing updates AFTER the outbreak already ended
laughingwhores.jpg.WCRY

>>60358163
Our governments still use the term 'cyber', I doubt they could orchestrate anything nearly as this scale

>>60358187
It was killswitched, I just didnt know it'd be back this quickly
Well better be safe then lads, disable SMB1 and of course make sure your updated

>>60358167
yes, and this is hell.

>>60358204
>Someone said it so means it's true
The only way to get infected by this is to be connected to a network with an infected machine, or to open an infected file. Nothing else.

How to protect my Win XP computer? Tell it to me like I'm five.

>>60358121
i would say 100%, in a vulnerable target

>>60358215
oh sweetie
pdfs are a fucking mess.

>>60358191
>>60357535

>>60358226
It's blocked, but what else uses it?

>>60358174
>>60358177

That's probably the System process, and it's likely listening for Discovery & File Sharing.

Also, fuck the Captcha. Ask me to select the cars and show me a goddamn parking lot.

>>60358237
You gb2 reddit.

>>60357463
how can it install iteself as a service? unless dumbass running as an admin account

https://twitter.com/MalwareTechBlog

So long as the domain isn't revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again.

So I can only add"accidentally stopped an international cyber attack" to my Résumé. ^^

>>60358215
Check with Stream Dumper or whatever.

File: 1433418007377.jpg (39KB, 750x674px) Image search: [Google]

39KB, 750x674px

>>60358216
>He thinks windows did anything
The thing stop spreading because the devs included a killswitch that has been already engaged artificially by security firms

>>60358249
Just install 4chan-x in your browser and enable OG captcha.

>>60358237
update it
Oh wait...

>>60358176
It's called EternalBlue, sweetheart

>>60358249
So I ought to find the file sharing thing in services.msc and disable it?

>>60358273
>He thinks an open port allows direct access to the filesystem
Wew

>>60358237
Disconnect it from internet and update to win10

File: Truly fires your neurons.png (53KB, 256x256px) Image search: [Google]

53KB, 256x256px

>>60358107
>There's a huge "X" next to the left-handed-oriented set of axes

File: Capture.png (107KB, 1259x881px) Image search: [Google]

107KB, 1259x881px

U S A

U S A

U S A

>>60358264

>Its basically all in Russia and China

Yeah im not worried

>>60358175
imho?
SMB over VPN
install openvpn or something like that, and disable windows sharing protocol from every network adapter except from VPN

File: spanish_utiliy_control_centre.jpg (61KB, 660x340px) Image search: [Google]

61KB, 660x340px

Post rare ransoms

>>60358284
It allows arbitrary code to be executed, boobear

>>60358295
Alex Jones was right! 1776 commenced again!

>>60358278
Here's a guide on hardening Windows 7. Disabling all extraneous services is vital.

http://hardenwindows7forsecurity.com/Harden%20Windows%207%20Home%20Premium%2064bit%20-%20Standalone.html

>>60357463
CRINGE
>>that wrist positioning

>>60358249
>>60358319
Alright thanks for the help.
Cheers!

Is disabling port 445 enough? It's no longer listening when I do netstat.

If they catch the guy they should steal his encryption algorithm. Shit works faaaaast

>>60358320
I play piano like that :^)

File: 1493760091771.png (146KB, 671x519px) Image search: [Google]

146KB, 671x519px

>>60357963
>apple watch
>ipad
>iphone
>probably has a macbook aswell

>>60358305
How would that help? I'm not worried about spread, I'm worried about an infected computer encrypting shit on a mounted network share. I'm not concerned about this thing in particular, but ransomware in general.

>>60358320
try to picture the person actually holding the camera in front of his face to take the picture

>>60358356
Off the shelf blocker.

>>60358346
>not buying a macbook, wiping iOS and installing a linux distro for those sweet, sweet CNC machined tolerances

>>60358365
>his

>>60358312
Yeah, on a network with smb devices. It doesn't allow some shithead to send malware to my IP on whatever open port and infect my computer.

>>60358346
>>apple watch
Nope, looks like a Galaxy Gear
>>ipad
That's a fucking Surface Pro 2, pleb
>>iphone
Probably a Samsung
>>probably has a macbook aswell
There IS a Macbook air in that pic.

How can you be 100% wrong?

>>60358295
What is this

File: que pasó.jpg (77KB, 640x360px) Image search: [Google]

77KB, 640x360px

>>60358310

>>60357463
where was that original image from
I cant remember

>cd..
>cd..
>cd code
>cd ..

>>60358376
You're a cute one!
*pinches your nose*

>Dont be retarded
>Dont get viruses

hmm really makes me think

New baby to /g/ question:

Is it actually impossible to decrypt things without the specific key?

File: 1494640523662.jpg (86KB, 500x750px) Image search: [Google]

86KB, 500x750px

> Start up my windos machine
> Everything is fine
Ohshiieet I almost forgot I'm not borderline retard and I actually did disabled updates.

>>60358407
no
you're fucked

>>60358404
>Gets BTFO
>Starts shitposting
Lol

>>60358406
>viruses
the state of /g/

>>60358368
You lost me

>>60358407
Not this millenia.

>>60358407
Ask Trump if you can borrow some quantum computer time

>>60358407
just reinstall and use your backup

>>60358407
Maybe if you have a quantum computer.

>>60357739
Tons of shit has a killswitch or, if it's properly programmed, really fucking intelligent attack parameters. Read about Stuxnet, shit was bananas.

File: Wimmin_in_IT.jpg (67KB, 420x627px) Image search: [Google]

67KB, 420x627px

>>60357963

>>60358424

Im just generalising anon

>>60358422
If you're not behind a router you can be exploit, honey

>>60358417

Oh, I wasn't affected by this.

I just feel like there has to be some way. If you can encrypt something, it can be decrypted. Hm.

>>60358435
but why?

>>60358407
Yes, when you say "decrypt" you are implying you have a key.

>>60358443
>If you're not behind a router
If you're connected directly to the modem you deserve what you get lmao.

>>60358356
wouldn't be a silver bullet
but it would create a trusted network
as far all trusted nodes (machines with VPN installed) are secure, it will be secure

now if need protection even from "trusted" clients, then they only thing you can do is snapshot of your data whenever is modified

>>60357963
That is actual underwear. I have seen footage, and those are most definitely designed to be worn as undergarments.

>>60358330
Bump.

>>60358407
exponentially more processing power needed the tougher the encryption
you can end up with shit that would take more time to crack with all current computers than the universe is thought to have existed because math is an extra dimensional monster

>>60358427
RW blocker. It's not 100% but better than nothing.

>>60358458
Now you're getting it! Such a smart boy!

So how do you even get infected? Can you get infected from something as simple as browsing 4chan or what?

>>60358450

I guess a follow up could be: if you can't decrypt it, how hard would it be to get the key from its source? Couldn't you find the IP/whatever of where your ransomware originated from and attempt to access their info?

If it affects windows computers, someone probably built/tested it on windows computers, no?

>>60358407
Not with a Core 2 Duo brah

>>60358237
don't open stupid shit and don't allow infected faggots on your LAN

Does [spoiler]Kaspersky[/spoiler] help?

>>60358471
https://twitter.com/hackerfantastic/status/863070063536091137

>>60358491
Run cmd and type ver. If it says "Microsoft Windows 10." and some number you are compromised

>>60358498

Someone got hold of NSA tools

Fucking errybody

File: 2017-05-13 11_59_47-Greenshot_2.jpg (553KB, 1920x1080px) Image search: [Google]

553KB, 1920x1080px

uh oh

>>60358495
it is behind tor
is easier to track the developer IRL

>>60358438
kek

>>60358491

URGENT INVOUCE ENCLOSED. PLZ TO OPEN OK RIGHT NOW IS FINE

i'm on windows 10 version 1703

all i see listed are version 1607 as vulnerable

i'm also behind a router that isn't listening to port 445

i'm good right?

>>60358491
You can get infected just by being connected to the internet.

>tfw safe

Feels good man

>>60358521
>vista
you fucking deserved it

>>60358474
>because math is an extra dimensional monster

this is why 2D > other Ds

>>60358449
What for turning the damn thing off if it goes bananas.

You could easily just remove it if you wanted to deploy it, remember, this was developed by professionals, but implemented by amateurs.

Imagine if the NSA leaked this shit but they had no way to turn it off or decrypt the files. Nobody wants to make that phonecall, so you just chuck in a killswitch for testing or write a better one than this for deployment if you so choose.

>>60358523
Meh, you can still catch people who use Tor. There will always be a way. No one does everything perfectly. If they have an internet connection, they can be found.

>>60358498
>tcp 445 listening PID 4 cannot obtain ownership information
how do I stop this?
AND IT SHOWS UP TWICE WITH 445 BLOCKED

>>60358542
its pretty clearly win 7 though

Do i blame the jews for this?

>>60358498
https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/

File: fookedm8.jpg (4KB, 146x200px) Image search: [Google]

4KB, 146x200px

>>60358558
>tcp 445 listening PID 4 cannot obtain ownership information
>how do I stop this?
>AND IT SHOWS UP TWICE WITH 445 BLOCKED

>>60358554
>That one guy who sent a bomb threat to his school over TOR but he was the only computer connected over TOR at the time the email was sent so they found him in like 15 minutes

I had a hearty kek.

Let's say you're the hacker, with now lots of bitcoin in your wallet.

How the fuck you launder that cash without leaving traces?

File: dark souls iii invasion.png (339KB, 680x660px) Image search: [Google]

339KB, 680x660px

>>60358521
Nice wallpaper m8.

>>60358498
someone made a ransomware based on a NSA known sploit, patched by microsoft 2 months ago

it spreed initially by a pdf file
after infected it look for machines with windows filesharing enabled to infect both over local network and over internet (which is 99% blocked anyway)
finding a machine with filesharing enabled (everyone by default over local network) it uses said exploit to infect the target machine, it doesn't need human interaction or anything.
you are on the same network as a infected machine? congrats you probably got it too.
it fucked governs and hospitals

>>60358562
The NSA is responsible, so I suppose.

>>60357510
>(pirated ofc)
Lol retard.

>tfw I only have my 12yo vista laptop
>stopped updating it 5 years ago or so
>not a single hiccup
This toaster is so old it doesnt have the requirements to get fucked by the virus

File: 1467572402746.gif (81KB, 501x585px) Image search: [Google]

81KB, 501x585px

>>60358562
Whenever do we not blame le merchant?

>>60358592
*only computer on campus

TOR is secure if you're not a fuckwit.

>>60358594
you make another ransomware attack to launder the money

>>60358551
It makes sense.

>>60358594

The hacker is already in jail friendo

You honestly dont think the FBI, CIA etc cant find them?

>>60358538
Retard.

>>60358594
Using a tumbler.

>>60358624
Nice rebuttal.

>>60358031
cant update due to cpu, used offline updater, how do i check to make sure its applied?

>>60358295
https://intel.malwaretech.com/pewpew.html

>>60358562
>>>/pol/
You can blame the jews for everything.

File: kyaa.jpg (145KB, 864x910px) Image search: [Google]

145KB, 864x910px

>>60357836
>>60358477
>>60357919

>>60358594
Coin tumbler, then spend it slowly on stupid shit. They made optimistically, 50k off this.

We'd be having this conversation if it was a couple million, because there is really no fucking way you're ever going to spend even 10% of that much bitcoin without getting railroaded (assuming you committed multiple felonies to get it)

File: 2017-05-13 12_07_34-The worm that spreads WanaCrypt0r - Malwarebytes Labs _ Malwarebytes Labs.jpg (35KB, 1060x158px) Image search: [Google]

35KB, 1060x158px

>protected by premium version only

malwarebytes was behind this whole thing

>>60358588
you didn't disabled the file sharing, you just blocked others from connecting, it will still show up on netstat

>>60358628
I'll say it again: the exploit being used is only for spreading rapidly and silently over a local network. You CANNOT get infected just by being connected to the internet. If you are on a clean machine on a clean network the ONLY way for you to get rekt is to open an infected file (like a PDF) or have an infected machine connect to your network (WiFi or similar).

>>60358445
Sure, but sometimes encryption is based on so-called NP-problems, which are virtually impossible to solve with an algorithm, you have to brute force it. With enough possible variable data you have to guess a lot. By a lot I mean tens or hundreds of orders of magnitude longer than the Universe has existed with enormous computing power employed. So yes, it is theoretically possible - but not within the Universe's lifetime (This may change with the development of quantum computing, for which this particular class of problems becomes relatively easy).
However, if the malware does actually have the decryption key it might turn out to be possible to extract it

>>60358641
Yeah, that's really fishy.

>Havnt done a thing yet
>Nothing on my PC has changed

Is this just dumb luck on my part or are you all sperging out for no reason?

I might be fucked. When I reformat my drive, and reinstall windows, what is it that I need to do to keep this from happening again?
I might try to reinstall Ubuntu, and only ever use that since it's a pretty good OS and all. Sadly didn't download Gentoo before this, and I think I'm fucked.

>>60358640
how can we stop coin tumbling

>>60358668
Chances are you have the updates

>>60358668
It's every other board flooding here asking dumb questions because they don't understand how computers work beyond playing gaymes or watching animu.

>>60358641
Isn't it just because the premium version has constant instead of on-demand protection though?

>>60358618
>You honestly dont think the FBI, CIA etc cant find them?
They haven't found the shadow brokers, the people who leaked most of the DNC emails, nor the people who leaked Vault7
They don't seem as competent as you believe

>>60358521
Did you use fucking Paint for this? I know this is supposed to be a joke but come on, you can see the black background you copied the window from, and one window is transparent and the other is not... Come on man, you could have at least tried

File: Screenshot_20170513_025036.png (39KB, 720x459px) Image search: [Google]

39KB, 720x459px

>>60358655
That's just wrong.

>>60358668
at least half of the posters here are linoxxfags trying to promote their communism

File: beautiful_ass.jpg (262KB, 960x1280px) Image search: [Google]

262KB, 960x1280px

NEW THREAD, KLOSS GET SERIOUS
>>60358671
>>60358671
>>60358671

>>60358594
The hacker is probably never going to touch those wallets. This went way too big to even try cashing in. He is probably praying on his knees that there are enough proxy and tor nodes between him and half the world cyber-security experts.

>>60358521
>The memecryptor window is not shown in the taskbar.
>The window is not consistent with the aero theme shown in the WU window.
>A black background is shown in memecryptor's top left corner.
Fake and gay

>paying for getting your porn

Just turn on your quantum computer and solve it with Shor algorithm lmao

FUCK RUSSIA

>>60358668
it fucked governments and caused mass panic
the fact that first recommendations was "turn off your computer!" and no one explaining how it spreed helped

>>60357510
cringe

>>60358668
It just means you haven't been retarded enough to open an infected email attachment and neither has anyone on your local network. Give it a few hours.

>>60358684
You can't, unless you develop some method of authorization outside of the currency itself.

Which will never catch on, so you can't.

>>60358694
If you an SMB share open to the entire internet you should kill yourself.

File: 1494626307896.png (60KB, 816x613px) Image search: [Google]

60KB, 816x613px

>>60358692
I literally just chucked this on top my real screenshot
I'm not putting any more effort into it than that

>>60358521
Upload wallpaper pl0x

>>60358689
Manually updating the free version should then be secured, but notice how they say nothing about that.

>update windows
It's almost as if they hire a malware maker to spread fear so that people update into the newer harder-to-disable telemetry features they tear into every dll file in various places.

>>60358710

I live on my own with my own internet friendo

No one shares my shit

>>60358594
you now have the intelligence agencies of all affected countries on your ass, good luck

>>60358691
They don't always do full disclosure as soon as they have doxed a target to hands.

>>60358730
It's Irythill from Dark Souls 3

>>60358730
It's dork soles 4-1 you noob.

>>60358714
wow, what a great currency. no way to prevent fraud and theft. the currency of choice for extortionists everywhere

>>60358734
Real time scanning is only a pro feature, it's not a jewry

>>60358597
>not disabling all those sharing options in network sharing center right after installing win7
i'd say i was surprised but these are normies we are talking about

File: wallpaper.jpg (835KB, 3820x2160px) Image search: [Google]

835KB, 3820x2160px

>>60358730
sure thing bro, here's the 4K version

>90k machines infected

So basically none

>>60358734
lol retard

>>60358668
It's literally nothing. Only public networks and shitholes like Russia and China got hit.

>>60358717
This

So if I take an infected computer to Starbucks I can fuck EVERYONE with a Windows machine up?

>>60358810
First things first.
People that don't disable autorun should commit suicide, and why Windows has it on by default is mindrapingly stupid.

>>60358766
Same way people always prevent fraud, and stealing it is hard as shit.
Imagine you stole 500k in bitcoins and they were actually worth something, what are you gonna do, buy a car and a house? The feds will show up immediately.

It's fucking marked money in it's entirety.

>>60358850
Not anymore. It's been killswitched.

>>60358825
Fucking retard, do you really think there's a way to count all the fucking machines that go infected?

File: 1473313906385.jpg (30KB, 489x426px) Image search: [Google]

30KB, 489x426px

>>60358717
You were still wrong.

>>60358908
Not really. "Just being connected to the internet" isn't the same as "connected to the internet with a publicly accessible SMB share."

>>60358930

https://www.youtube.com/watch?v=I1VV1p4NIVY

^__^

>>60358717
wouldn't that just be as simple as not being behind a router with default windows functions (SMB) on?

>>60358947
Yes but normies are dumb anon

>>60358993
what i meant was, isn't a "public SMB" just someone without a router (plugged directly into modem) and default windows functions (SMB) turned on?

i suppose they'd still have to be targeted somehow like visiting a site that sees they have port 445 open

>>60358947

Who's not behind a router? Seriously? I would imagine most normies don't even know you can connect to the internet without a router.

Can somebody explain to me if I was safe? I had all updates installed through windows update in windows 7 but when I searched for KB4012212 (standalone) OR KB4012215 (update rollup) neither showed up as installed... Was this update included in another update? I went ahead and manually downloaded KB4012212 and installed it but dealing with windows bullshit is pure aids.

>>60359112

Check and see if an encryption process is grinding away.

>>60359084
Can confirm, am a normie and didn't know this.

So how does that work?

>>60359141
How?

>>60357510
sort yourself out

>>60359167
>So how does that work?
your router does """"magic"""" called NAT that allows multiple devices to exist on the same IP
your modem just connects you to the ISP (i.e., the internet).

>>60357612
It's going to be comfy lads, I recommend everybody get an emergency backup infrastructure going.

If you didn't already get a stinkpad do it now.

>>60357706
They recruited Bronies, what do you expect.

>>60359187

Task manager.

>>60359167
You know that ethernet cord that goes between your comp and the router? Just plug that into the modem instead.

>>60358900
Nate Silver took a poll bruh.

>>60358646
unless you block it from a router level

>>60360076
stop

>>60358319
But I thought /g/ said not to update

>running obsolete versions of windows

madmen