Massive Global Computer Hacks - Make Sure You Are Fully Patched NOW

Oralloy just heard about ransomware? Wow! Next he'll be urgently announcing that Buddy Holly is dead...

My warning was for other people, centrox. It doesn't apply to you. Feel free to leave all of your software unpatched. I promise you that hackers will never target your computer.

I just got the notification from WordFence.
https://www.wordfence.com/blog/2017/05/massive-global-ransomware-attack-underway-patch-available

This is very real, folks, and it is a big, spreading problem.

To clarify: the problem affects Microsoft Windows systems. A security update issued on March 17, 2017 provided the patch. Users running versions later than Vista (i.e. Windows 7, 8, 8.1 and 10) who have been automatically or manually downloading security updates since that date, or who are using the free Microsoft antivirus products, are already patched. According to the analytics firm NetMarketShare, about 7 percent of the world is still vulnerable to the malicious software. Those running versions of Exchange older than Exchange 2010 also are not protected. “Customers still running prior versions of these products are encouraged to upgrade to a supported offering,” Microsoft said in April. For instructions on how to do that for your particular computer, visit Microsoft's help center.

It is believed the attack route involves users responding to a phishing email, or visiting a malicious website an unpatched system.

Suggestion: don't click on links in spam posts on forums including this one.

'Accidental Hero' Finds Kill Switch To Stop Wana Decrypt0r Ransomware

https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

A UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and activated a “kill switch” in the malicious software.

The switch was hardcoded into the malware in case the creator wanted to stop it spreading. This involved a very long nonsensical domain name that the malware makes a request to – just as if it was looking up any website – and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading.

“I saw it wasn’t registered and thought, ‘I think I’ll have that’,” he is reported as saying. The purchase cost him $10.69. Immediately, the domain name was registering thousands of connections every second.

“They get the accidental hero award of the day,” said Proofpoint’s Ryan Kalember. “They didn’t realize how much it probably slowed down the spread of this ransomware.”

The time that @malwaretechblog registered the domain was too late to help Europe and Asia, where many organizations were affected. But it gave people in the US more time to develop immunity to the attack by patching their systems before they were infected, said Kalember.

The kill switch won’t help anyone whose computer is already infected with the ransomware, and and it’s possible that there are other variants of the malware with different kill switches that will continue to spread.

I cannot emphasize this enough.

If you think a link is spam, just report it. Please DO NOT click on it to check and make sure. That is our job as moderators. You are not bothering us if it turns out to be an overzealous report.

Thank you.

What's patched?

After a software product is released, it may be that errors ("bugs") or security vulnerabilities are found. The provider of the software may then offer an updated version of the software, or sometimes a small program that corrects the error or problem. This process is often called 'patching', by analogy with using a physical patch to repair e.g. a rent in a garment. Periodically, Microsoft offers updates for Windows and other products (e.g. Office); some are bug fixes, others are 'security updates' designed to address vulnerabilities which could be exploited by malicious operators ("hackers"). At one time, Microsoft had a routine of releasing software updates on the second (and sometimes the fourth) Tuesday of each month, and these days became informally called "Patch Tuesday". Since 2015 they have released security patches as soon as they are ready, and use the Tuesdays for routine material.

A Windows system that has had all required updates applied is said to be "fully patched".

Perhaps a better one would be the use of a rubber patch to repair a puncture in the inner tube of a car or bicycle tyre (tire in US). The analogy is only partial - while a hole or tear in a tyre or piece of cloth is visible and may prevent proper use of the article affected, a "security hole" in computer software may go unnoticed or only be known about when it is too late.

More interesting details (as a tech geek, I just spent some time this morning reading on the details).

1) The bug in Microsoft that they used to break into these computers was discovered by the NSA. Instead of telling anyone, the NSA decided to use it to spy on people. Some security experts are angry about this.

2) The bug involves SMB, which is a protocol to connect to other drives and devices on an internal network.

3) They used Tor (a way of browsing anonymously) for command and control. I am not happy about this because I like Tor, but security experts are now suggesting that people block it.

As to how this impacts you... as everyone else has said make sure your system is up to date on its security patches.

<bump>

Thanks for the clear explanation. It's rare that I understand anything said or written about computers. And my operating skills are minimal.

The fact is that I have no idea about whether I'm patched or not, but I doubt it. The only updates I remember are for Adobe Flash Player and my security software. However, I have a very old version of Microsoft. Maybe the issue doesn't apply.

Patches going back to XP now released by Microsoft, in an unusual move. These are updates for end-of-life unsupported versions of Windows, that are normally only available to users paying for "custom support".

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

my friends mom got hit by that
some people are as**** i hope they pay for that or get hacked themself XD