Wanaa Cry Virus - العلم نور

عاجل

{ وَقُلْ رَبِّ زِدْنِي عِلْمًا }

الاثنين، 13 يناير 2020

Wanaa Cry Virus


Wanaa Cry Virus



Wanaa Cry Virus
Wanaa Cry Virus


In the past few years many viruses have been developed which created very strong new generation of viruses, among these viruses we find “Wanaa Cry Virus", this virus is very dangerous and very strong, that's why we’ll take about how it works and how dangerous it’s on your laptops.


What’s Wanaa Cry Virus?

Wanaa Cry Virus is a very dangerous virus which developed by a cybercrime organization, which thought to have connections with the North Korean government. In 2017 this virus was used to attack thousands of computers around the world exploiting a windows vulnerability, this attack was so huge that all most every computer owner in the world heard about it, as it managed to encrypt the data of many important organizations such as: Britain's National Health Service.


How Wanaa Cry Virus works?

Wanaa Cry Virus works by downloading it from the internet in the form of a dropper, then it's extracted to its main parts which are:
·       A copy of Tor.
·       The application responsible of encrypting and decrypting the data.
·       The encryption keys containing files.
Wanaa Cry Virus is a kind of Ransomware Virus, as it encrypts the data of the attacked computers, and then askes for a ransom of 300 Bits to decrypt the data.


How Wanaa Cry Virus was developed

It's believed that there were a vulnerability in the windows system, and the U.S National Security Agency managed to discover it, but instead of informing the infosec community to deal with it, the agency exploited the vulnerability and developed a program capable of using the vulnerability to access to the stored data, ironically this program was stolen somehow and got in the hands of the attackers on a plate of silver, these attackers called “Shadow Brokers", when the program was stolen the Agency informed Microsoft company, who managed to launch a new patch able to deal with this vulnerability, but this was a bit late as it was only a month before the attacks, and only few people managed to download the patch before the attacks.

Now Wanaa Cry virus is still used but on a small scale thanks to the patch launched by Microsoft company, and the attacks in 2017 played a very important part in this, as people were racing to download the patch to protect their own computers and data stored on it from these attacks, so the attacks was a kind of marketing for the patch, and I remember downloading the patch myself during the attacks after hearing how dangerous these attacks were.

How to protect your computer from Wanaa Cry Virus
There's a list of things to do to protect your computer from Wanaa Cry Virus, and it's:
    ·       Download the patch, and I believe 99% of people using computers have downloaded it years ago.
     ·       Depend on trusted security software to help secure your own important files and images.
     ·       Always update your own operating system, and the security software that you use.
    ·       Don't open the attachments sent to you by people that you don't know.
   ·       Use an external hard disk to pack up your data on it.
   ·       Use the clouds to store the important data.




ليست هناك تعليقات:

إرسال تعليق