Is there a virus in virtual currency
Publish: 2021-03-24 17:39:10
1. From May 12, bitcoin blackmail computer virus broke out all over the world. At present, 16 hospitals across the UK have been attacked on a large scale, and many Chinese universities have been recruited. Hackers blackmail users for ransom by locking computer files, and only charge bitcoin
in this global computer virus incident, mobile China also received a blackmail. Fortunately, the machine that received the email was a testing machine, which did not affect us. However, it's different for college students in the graation season. The thesis is locked, which is related to graation. So in the face of this outbreak of blackmail virus, how should we deal with it and what protective measures should we take<
first of all, let's understand the characteristics of this virus
the computer virus initiated by hackers will encrypt a large number of files on the system into files with. Onion suffix. After poisoning, they are required to pay bitcoin ransom to decrypt and recover the files, causing serious losses to personal data, and anti-virus software cannot decrypt these encrypted files. But we must not listen to the hacker's so-called "give money to decrypt" saying, because hackers do not necessarily keep their promises, in addition, bitcoin is expensive, and it is also a large number for ordinary users< Secondly, we need to pay attention to the background of the virus outbreak.
according to the domestic experts, according to the network security agencies, this is a virus attack event launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers
e to the previous outbreak of worms using port 445 in China, operators have blocked port 445 for indivial users, but the ecation network has no such restriction, and there are still a large number of machines exposing port 445. According to the statistics of relevant institutions, at present, more than 5000 machines in China are attacked by NSA "eternal blue" hacker weapons every day, and the ecation network is the hardest hit area
What are the coping methods
1. Close port 445, and you can search and query by yourself
2. At present, Microsoft has released a patch ms17-010 to fix the system vulnerability of "eternal blue" attack. You can install this patch for your computer as soon as possible
as for XP, 2003 and other Microsoft machines that no longer provide security updates, microblog professionals recommend using "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being attacked by blackmail software and other viruses
in this global computer virus incident, mobile China also received a blackmail. Fortunately, the machine that received the email was a testing machine, which did not affect us. However, it's different for college students in the graation season. The thesis is locked, which is related to graation. So in the face of this outbreak of blackmail virus, how should we deal with it and what protective measures should we take<
first of all, let's understand the characteristics of this virus
the computer virus initiated by hackers will encrypt a large number of files on the system into files with. Onion suffix. After poisoning, they are required to pay bitcoin ransom to decrypt and recover the files, causing serious losses to personal data, and anti-virus software cannot decrypt these encrypted files. But we must not listen to the hacker's so-called "give money to decrypt" saying, because hackers do not necessarily keep their promises, in addition, bitcoin is expensive, and it is also a large number for ordinary users< Secondly, we need to pay attention to the background of the virus outbreak.
according to the domestic experts, according to the network security agencies, this is a virus attack event launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers
e to the previous outbreak of worms using port 445 in China, operators have blocked port 445 for indivial users, but the ecation network has no such restriction, and there are still a large number of machines exposing port 445. According to the statistics of relevant institutions, at present, more than 5000 machines in China are attacked by NSA "eternal blue" hacker weapons every day, and the ecation network is the hardest hit area
What are the coping methods
1. Close port 445, and you can search and query by yourself
2. At present, Microsoft has released a patch ms17-010 to fix the system vulnerability of "eternal blue" attack. You can install this patch for your computer as soon as possible
as for XP, 2003 and other Microsoft machines that no longer provide security updates, microblog professionals recommend using "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being attacked by blackmail software and other viruses
2.
The virus in the "bitcoin virus" incident is known as "ransomware". By encrypting the files in the victim's computer, you can't open them completely to ask for ransom. This is a virus attack launched by lawless elements by using "eternal blue" leaked from NSA hacker's weapon library. It does not need any operation of users. As long as it is turned on and connected to the Internet, lawless elements can implant blackmail software into computers and servers
What's more terrible is that this is just the beginning. Now this blackmail virus has spread to all over the world, including many colleges and universities in China. You can see many students on the Internet showing pictures of their computers being attacked. I have to say that hackers are really well intentioned, even in simplified Chinese
3. In the case of blackmail software infection, disk files will be encrypted by virus, which is difficult to crack by using high-strength encryption algorithm. Besides paying high ransom, the attackers often have no other way to decrypt the files. Only paying high ransom can they decrypt and recover the files, causing serious losses to learning materials and personal data
1. Install the latest security patch for your computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immune tool" to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP or windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
1. Install the latest security patch for your computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immune tool" to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP or windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
4. In view of this situation, you can install anti-virus software such as Tencent computer housekeeper to check and kill
take Tencent computer housekeeper as an example
1. Open the Tencent computer manager - select virus killing
2. Click the function of virus killing to intelligently scan the virus Trojan horse and directly kill it (if necessary, you can also select overall killing, which is more comprehensive)
3. If there is a stubborn Trojan virus or can not be killed, you can completely kill the virus in the safe mode
restart the computer, press F8, the screen will display the win system startup options menu, press the key to move to "safe mode with command prompt", enter; Find the anti-virus software inside the computer to kill the virus.
take Tencent computer housekeeper as an example
1. Open the Tencent computer manager - select virus killing
2. Click the function of virus killing to intelligently scan the virus Trojan horse and directly kill it (if necessary, you can also select overall killing, which is more comprehensive)
3. If there is a stubborn Trojan virus or can not be killed, you can completely kill the virus in the safe mode
restart the computer, press F8, the screen will display the win system startup options menu, press the key to move to "safe mode with command prompt", enter; Find the anti-virus software inside the computer to kill the virus.
5. Although the answer may make you despair, but still have to tell you
6. According to the network security agency, this is a virus attack launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers. This is to remind the majority of computer users: 1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible at the website of https://technet.microsoft.com/zh-cn/library/security/ms17-010; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses. The download address of immunization tool is: NSA / nsatool.exe. 2. Close ports 445, 135, 137, 138 and 139, and close network sharing. 3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email... 4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after backup. 5. It is suggested that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
Hot content