Now that the dust has settled, what do we really think of

>>60417982
NSA + Russia helping to cull the weak. I approve of this malware.

>>60417982
Well reports have been saying that very few people are paying. Maybe the media exposure will get enough people to finally realize that paying these guys is a bad idea. I think cloud based storage going mainstream is helping a bit. Untill the next celeb sexting cloud hack scares people off again.

>But really, it's just normies that fall for this shit.

>>60418185
There's been about $50,000 in payment, and it's apparently rising: http://www.cnbc.com/2017/05/15/wannacry-ransomware-hackers-have-only-made-50000-worth-of-bitcoin.html

>>60418185
also
>normies
a lot of the payment comes from companies who don't do cloud storage because muh trade secrets, sensitive info, and productivity, not some normalfag.

>>60418185
Are those addresses people are checking really the only ones? Shouldn't it be using unique addresses so it can match victims to payments?

>>60417982
Nothing. Happens on Linux as well

https://forums.gentoo.org/viewtopic-t-1060828.html

>>60417982
Does anyone still have the link to the Win 7 update for this? I had to format and lost the files

>>60417982
Just goes to show that only the alphabet agencies are the only ones responsible enough with the power these exploits provide.

>>60418568
Anyone know the full story behind this? In the end was it just because he did some retarded shit?

>>60421913
>was it just because he did some retarded shit?
>running FireFox as root
I dunno anon, what do you think?

>>60419167
They clearly aren't responsible enough to keep hold of their exploits

File: 1494639840183.jpg (93KB, 534x534px) Image search: [Google]

93KB, 534x534px

>>60418259
>news ridiculing them for having made only 5000
>news ridiculing them for having made only 22000
>news ridiculing them for having made only 50000
>Deadline for file deletion isn't even near yet
So if i had to guess the retards writting these articles are the ones who got affected by it and are trying to pull the old "I'M NOT EVEN MAD BRO"

>>60422022
this

File: Bildschirmfoto 2017-05-15 um 10.13.19.png (711KB, 1276x962px) Image search: [Google]

711KB, 1276x962px

>>60418568
>running firefox as root
>on gentoo

So, for winfags, should updates be mandatory?
I mean, keeping automatic updates is annoying and too much resource consuming

>>60422146
I think so.

At this point you know what you are getting into with Windows.

File: Untitled-1.png (156KB, 605x553px) Image search: [Google]

156KB, 605x553px

I think it's obvious what happened.

File: 1489339937799.png (218KB, 563x445px) Image search: [Google]

218KB, 563x445px

>>60422176

>>60422146
Windows 7 SP1 no updates here, the moment the shadow brokers files were made public i secured my system from glancing /g/ shitposts, this was months ago mind you

Might be North Korea using NSA bugs leaked by Russians to rip off easy targets. Could have been much worse if they targeted companies and threatened leaks. Microsoft should have given away the xp patches, but the NSA should have secured their cyberweapons. A bug isn't an exploit.

>>60422146

Monthly patch cycle makes it easy.

>>60422220
Was the ReactOS SMB implementation affected?

>tfw it wasn't

1) get everyone on Windows 10 which is (((safe)))
2) forced automatic updates for everyone forever - no exceptions, no excuses
3) phase out sales of any HDDs as well as of SSDs larger than ~500 GB to private users, everyone must keep their data in TheCloud(tm) which is (((safe))) from ransomware
4) push legislation in all western/EU countries outlawing strong encryption, restricting its use to military/government agencies and institutions

>"if all of these were in place, ItWouldn'tHaveHappened(tm)!!!"

>>60417982
> dust has settled
It only began.

>>60417982
>could've taken a stealthy approach and used the exploits to create a botnet and drop the payload later for a much higher amount of victims
>lol no instant giant red window alerting everyone and their mother you exist
>lol kill switch
Wasted potential

>>60421975
Almost as retarded as running an unknown executable file despite Windows warning you multiple times.

File: 1459329133791_1.jpg (133KB, 1710x840px) Image search: [Google]

133KB, 1710x840px

>>60422732
Don't even joke about it. There's people who earnestly believe every word you just wrote.

Remember; darling of American gun control, Carolyn McCarthy, did not know what she was trying to ban. She specifically included barrel shrouds as an "assault feature". When asked by a radio host what she thought a barrel shroud was, she famously replied
>the shoulder thing that goes up

Laws are not made by people who know what they're doing.

If I remove the file extension of all my files, will Wannacry ignore the empty files?

>>60418185
>normie
Reddit scum
Besides, this mostly targets enterprise systems. Normal people caught up in this just got unlucky.

>>60417982

http://www.bbc.com/news/technology-39924318

code implies GMT+9 timezone, scale of attack, only 3 bitcoin wallets for ransomware, all of it implies retards (amateurs) or the Norks did it.

>>60418185

As of this evening news, it's well over $70,000 in known payments made so far.

No reports of a single computer getting unlocked.

File: 1389058469467.gif (2MB, 400x209px) Image search: [Google]

2MB, 400x209px

>>60422789
This so much. Like it's out in the wild for a week, then you hit a week later. Personally, I think thursday would have been better, and $50 would have been much easier to milk the people. fix some of the first to respond to make it seem like you're keeping your word, but then after like 100 or so fuck em. You do this on a thursday so it puts more pressure for them to pay up @ corps, and you shorten the time span to 36 hours & 4x in 4 days.

>>60422732
B-b-but if we outlaw encryption it won't stop the bad men from doing it. It only harms law abiding citizens.

>>60417982
North Korea really is best Korea

>>60423260
Same shit with arms ban, DRM, you name it. Criminals never care about the law, yet they are trying to outlaw things as if it made a difference to criminals.

>>60423181
At this point the malware authors are more trustworthy than the media and companies lying through their teeth to save face

Can someone explain how this happens? Do they target your ip and start sending you the malware and it gets onto your computer? I thought just being careful of what sites you use and having a firewall was enough

>>60423188
>>60422789

This sort of synchronized attack You might think would be the norm as a means of manipulating wall street or bitcoin values.

Necessary evil.
Everyone except the ones who lost data profits from this.

>>60423770
I'd love to see your argument in favor of guns but against DRM.

>>60424032
Civilians can make use of arms against tyranny.

Civilians cannot make use of DRM against tyranny.

>>60424032
It was just an example of something purportedly targeted against one group, but really hitting another because the first group doesn't give a fuck and gets around it anyway, while the second group is put at a disadvantage and becomes the victim.

>>60417982
>implying the kill switch isn't a red herring

>>60423081
Some programs are capable of inferring the filetype, like irfanview, so chances are it'll find them and encrypt them

>>60417982
it's a false flag
the killswitch should have made it obvious

>>60423106
It doesn'target jack shit. It's mostly about business being particularly vulnerable because they need and use SMB

>>60424189
>>60424251
There's already a version without the killswitch in the wild, it was just the author fucking up

>>60424275
some retard might have patched the malware himself

Fuck NSA and fuck Russians. Also fuck Microsoft for having a horrible update system and trying to pass the blame on others.

>>60417982
Still don't see how it's special compared to any other ransomware outbreak.

>>60422146
No, but backups should be.

>>60424290
I think this one uses exploits leaked from the NSA.

>>60423181
>As of this evening news, it's well over $70,000 in known payments made so far.
Normie I know paid and got nothing.

>>60424307
probably easier to write the program that way

File: windows-update.png (223KB, 1719x932px) Image search: [Google]

223KB, 1719x932px

>>60424289
>Fuck NSA and fuck Russians. Also fuck Microsoft for having a horrible update system and trying to pass the blame on others.
This really needs to be reported, had to go and fix multiple PCs where windows update had just been failing rather than installing updates.

>>60424305
Which they probably stole from the Russians, who copied it from a Chinese neckbeard who was trying to reverse engineer something made by a European malware writer.

>>60424326
When does Windows Update NOT do that? I'm yet to see a single installation where it actually works instead of being stuck on checking for updates or failing to install anything and having to revert it. It's a colossal pile of shit.

>>60424337
Regardless of the original source of the exploits, it's still fucking stupid that an agency tasked with the security of the nation isn't shoring up our defenses in favor of hoarding exploits to potentially use against political enemies.

>>60424326
win7's update system is completely broken
I bet it's intentional

>>60424358
>the NSA
>doing anything for the security of the nation or humanity

Ha.

File: 2927544786_9a25124d2a.jpg (87KB, 500x332px) Image search: [Google]

87KB, 500x332px

>activate automatic updates in Win7
>30%cpu
>it does nothing

>>60424384
I didn't say that they do anything, I just said that they were tasked with doing something.

>dad regularly shits on windows in his facebook
>muh privacy muh automated updates
>gets hit with this thing
>fuckign windows peice of shit how can a company so big have such a security fail

>>60424424
what software does he use that necessitates he continue using this abomination?

File: 1314446463220.jpg (32KB, 634x350px) Image search: [Google]

32KB, 634x350px

>>60418568
>>60422113
>>60421975
how can somebody so retarded still be clever enough to run revision control/snapshots/regular automatic backups

>>60424281
Doesn't mean the author didn't fuck up. Hell, I don't think they even suspected they'd get this far

>>60424495
well he's a gentoo user so he just wants to fuck around

>>60424290
It spread insanely fast because of >>60424305
No user input required, no shady .exe, all the user knows is that suddenly they're infected

File: EhykyLK.jpg (17KB, 540x529px) Image search: [Google]

17KB, 540x529px

>>60417982
>Now that the dust has settled
Nice Reddit post

>>60422686
It's not affected, it just throws a kernel panic

Does anyone know if there's a exe of WanaCry, but without the decrypting of files ?

>>60425528
I don't think anyone's made it, but you could easily just find the code for decrypting the files and replace it with nops.

Just see where the code jumps when you hit the decrypt button, dig a bit, and you should be able to find it. Based on the reports, I don't think there's much assembly-level obfuscation in this malware.

>>60417982
Fast high end encryption, where can I get the commercial version to encrypt muh drives?

>>60421975
Wait, if this is the case, isn't Kali Linux inherently insecure as you always run things as root by default?

>>60426270

>using kali as a daily driver

Fool.

>>60418288
>a lot of the payment comes from companies who don't do cloud storage...

Why don't companies just revert to images of infected PCs and restore data from backups?

>>60426283
When did I ever mention this? Stop assuming things.

>>60418568

> not running browser in a sandbox.

Yeah, he kinda asked for it.

>>60423895
It scans the net for windows computers with the smb exploit through port 445

File: no smb.png (211KB, 1223x1020px) Image search: [Google]

211KB, 1223x1020px

I don't se any SMB on my computer.
Does that mean that it's enabled but doesn't appear here, or that it's disabled?

I don't see it in the task manager either (checked both the Processes and Services tabs).

Pls help.

>>60417982
It proved once again that many big organizations/companies are terrible at security.
I don't use terrible hyperbolically here, they're really really bad, like worse than your average /g/ user bad.

>>60426311
Because idiot admins configured backups in such a way that they got encrypted too.

>>60423895
The most popular explanation is this:
1. employee 1 receives an email with malicious code (either .exe file or some Word macro, Adobe shit...)
2. once employee 1's PC is infected it spreads to other employees through the SMB vulnerability

So you need to fuck up twice for this to happen.

>>60426311
Most of the time it's cheaper to pay up than take a lost day or two of work reverting to a previous backup. If they set the payment level at $3000 then no one would pay because it's cheaper to restore a week old backup and redo the work at $300 you are right on the limit of what people will pay to save the time and effort.

>>60422113
whats so bad aout this?

>>60423260
>Ban encryption
>Get hit by ransomware
>FBI pull up and lock you up

>>60419143
Sp1 + cumulative updates from 2017

>>60426798
Macbook Pro with Retina Display doesn't have this problem

>>60424361
they fixed it after the windows 10 free upgrade period was up

>>60426798
Check your services for "Workstation" and "Server", those are the SMB ones. Or just install the patch Microsoft released if you care about SMB.

File: Untitled.png (3KB, 370x45px) Image search: [Google]

3KB, 370x45px

>>60427998
Oh yeah, I have those.

How do I deactivate them?
Is this guide [>>60384898] legit?
I'm having trouble installing Powershell 2.0, so I need to either do it manually or with the CMD.

>>60428053
Dunno, you could just open services.msc and disable them normally, at least on Windows 7.

>Now that the dust has settled

Why do people start threads off with that retarded line? The dust hasn't even settled yet, its nowhere near, you stupid cunt.

>>60428144
Because it's an unfunny meme, same with "you have 10 seconds to defend your opinion", "x on suicide watch" and "there is literally no reason to use x" threads. Not sure why you're expecting /g/ to be anything other than a cesspool.