Position: Home page » Virtual » Virtual currency virus

Virtual currency virus

Publish: 2021-03-22 11:51:38
1.

Yesterday, I went to the electronic reading room. Not long after I plugged in the USB flash drive, the teacher suddenly asked everyone to unplug the USB flash drive. Some students found that all the files in the USB flash drive could not be opened, and there were two more documents asking for money

so everyone rushed to check, as long as the U disk inserted in the school computer were poisoned, large-scale computer poisoning occurred in the evening

a lot of people's information and graation thesis are in the computer. I really feel that hacker's behavior is disgusting. For the sake of money, regardless of the future of students, teachers' lifelong scientific research achievements...

hope to catch criminals as soon as possible and give them severe punishment by law

this virus will scan windows devices with open 445 file sharing port. As long as the user's device is on the Internet, hackers can implant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers

some security researchers point out that this large-scale network attack seems to be deployed through a worm application, and wannacry can spread among computers. What's more terrible is that unlike most malicious programs, this program can replicate and spread on its own in the network, and most of the current viruses still need to rely on the successful users to spread by cheating them to click the attachment with the attack code

the attack has affected 99 countries and as many as 75000 computers, but because the virus uses anonymous network and bitcoin anonymous transaction to obtain ransom, it is very difficult to track and locate the originator of the virus

2. From May 12, bitcoin blackmail computer virus broke out all over the world. At present, 16 hospitals across the UK have been attacked on a large scale, and many Chinese universities have been recruited. Hackers blackmail users for ransom by locking computer files, and only charge bitcoin

in this global computer virus incident, mobile China also received a blackmail. Fortunately, the machine that received the email was a testing machine, which did not affect us. However, it's different for college students in the graation season. The thesis is locked, which is related to graation. So in the face of this outbreak of blackmail virus, how should we deal with it and what protective measures should we take<

first of all, let's understand the characteristics of this virus

the computer virus initiated by hackers will encrypt a large number of files on the system into files with. Onion suffix. After poisoning, they are required to pay bitcoin ransom to decrypt and recover the files, causing serious losses to personal data, and anti-virus software cannot decrypt these encrypted files. But we must not listen to the hacker's so-called "give money to decrypt" saying, because hackers do not necessarily keep their promises, in addition, bitcoin is expensive, and it is also a large number for ordinary users< Secondly, we need to pay attention to the background of the virus outbreak.

according to the domestic experts, according to the network security agencies, this is a virus attack event launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers

e to the previous outbreak of worms using port 445 in China, operators have blocked port 445 for indivial users, but the ecation network has no such restriction, and there are still a large number of machines exposing port 445. According to the statistics of relevant institutions, at present, more than 5000 machines in China are attacked by NSA "eternal blue" hacker weapons every day, and the ecation network is the hardest hit area

What are the coping methods

1. Close port 445, and you can search and query by yourself

2. At present, Microsoft has released a patch ms17-010 to fix the system vulnerability of "eternal blue" attack. You can install this patch for your computer as soon as possible

as for XP, 2003 and other Microsoft machines that no longer provide security updates, microblog professionals recommend using "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being attacked by blackmail software and other viruses
3.

The virus in the "bitcoin virus" incident is known as "ransomware". By encrypting the files in the victim's computer, you can't open them completely to ask for ransom. This is a virus attack launched by lawless elements by using "eternal blue" leaked from NSA hacker's weapon library. It does not need any operation of users. As long as it is turned on and connected to the Internet, lawless elements can implant blackmail software into computers and servers

What's more terrible is that this is just the beginning. Now this blackmail virus has spread to all over the world, including many colleges and universities in China. You can see many students on the Internet showing pictures of their computers being attacked. I have to say that hackers are really well intentioned, even in simplified Chinese

4. 1. Reload the system, but the infected files cannot be recovered< Prevent file loss and virus invasion:
(1) data backup and recovery measures are the important work to recover the loss in the event of blackmail, so it is necessary to make remote backup of important file data in time to prevent losses caused by virus infection
(2) make sure the firewall is on
(3) don't open unknown email or link easily.
5.

In my opinion, I don't know if it's right. We still need criticism and correction. I don't think this virus has anything to do with which way you use to access the Internet, and it also has nothing to do with which kind of computer (PC or laptop) you use. He mainly aims at some loopholes in the Current Windows operating system. We all know that when a software is downloaded, it must have the highest administrator authority to install the software on this computer. This should be a security policy of the computer operating system. However, there are loopholes in everything, and the operating system is no exception. For example, this virus outbreak, in fact, the patch was released as early as March, but many users didn't pay attention to it and didn't fix it. So, now as long as you are connected to the network, and the system vulnerability is not repaired in time, you can scan the port, use the vulnerability of a port, directly install the encryption software (virus) to your computer in the background, and encrypt your important files, so as to achieve the purpose of blackmail. So it's better not to turn off the self-renewal function of windows for convenience. At the same time, it's also recommended to turn off some ports that are not often used but are very dangerous, such as 445, 135, 137, 138 and 139—— Finally, WiFi is just a way to access the Internet. It can also spread viruses. So, quickly update and patch it .... There is also a video here. I think it's very good, but I don't know if I can watch it http://weibo.com/tv/v/?fid=1034 :

6. Wannacry virus is spread based on Windows system, and smartphone users will not be affected. To prevent viruses, please open the system control panel - system and security - install system patches. If you do not open the system patch function, please open and repair all vulnerabilities immediately. It is recommended to upgrade the system for systems below Windows 7. Thank you for your support and trust in Tencent housekeeper.
7. 1、 Prepare a U-disk or mobile hard disk. Before going to work on Monday, you can download 360 security guard [offline disaster relief version] under the safe network environment at home. 2. After arriving at the company, first unplug the network cable of the office computer, turn off the wireless network switch, and then turn on the computer. 3. Insert the prepared U-disk or mobile hard disk into the office computer, and install 360 security guard [offline disaster relief version]. 4 The NSA Arsenal immune tool of 360 security guard [offline disaster relief version] will run automatically, and detect whether there is a vulnerability in your computer. 5. Please wait patiently ring the process of repairing the vulnerability, which generally takes 3-5 minutes. After the repair is successful, you will be prompted by a pop-up window. Please [restart computer] so that the repair operation will take effect completely. 7、 After restarting the computer, you can run the NSA defense tool again through the desktop shortcut [blackmail virus relief] to ensure that your system has been repaired.
8. In the case of blackmail software infection, disk files will be encrypted by virus, which is difficult to crack by using high-strength encryption algorithm. Besides paying high ransom, the attackers often have no other way to decrypt the files. Only paying high ransom can they decrypt and recover the files, causing serious losses to learning materials and personal data
1. Install the latest security patch for your computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immune tool" to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP or windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
Hot content
Inn digger Publish: 2021-05-29 20:04:36 Views: 341
Purchase of virtual currency in trust contract dispute Publish: 2021-05-29 20:04:33 Views: 942
Blockchain trust machine Publish: 2021-05-29 20:04:26 Views: 720
Brief introduction of ant mine Publish: 2021-05-29 20:04:25 Views: 848
Will digital currency open in November Publish: 2021-05-29 19:56:16 Views: 861
Global digital currency asset exchange Publish: 2021-05-29 19:54:29 Views: 603
Mining chip machine S11 Publish: 2021-05-29 19:54:26 Views: 945
Ethereum algorithm Sha3 Publish: 2021-05-29 19:52:40 Views: 643
Talking about blockchain is not reliable Publish: 2021-05-29 19:52:26 Views: 754
Mining machine node query Publish: 2021-05-29 19:36:37 Views: 750