Home > How To > What is Ransomware & How to Protect Your Computer?

What is Ransomware & How to Protect Your Computer?

ransomware-expert-tips-featured

Earlier this week, A Ransomware named WannaCry or WannaCrypt0r,  started hitting the world of Windows powered computers and attacked more than 114,000 systems in just 24 hours.

What is Ransomware?

ransomware

Ransomware is a special kind of malwares which can be deployed in your computer and then it will encrypt all your data ,I.e, It will make all your data secured with a password but it will give you the password only if you pay the attacker money in Bitcoins. And currently 1bitcoin=1772.68 US Dollar or 113628.79 Indian Rupee.

What Exactly Happened?

wannacry_05_1024x774

Some Cyber Criminals used NSA’s leaked Windows exploit called EternBlue which was dumped by ShadowBokers hacking group last month, And they hacked some companies and deployed this Ransomware and this resulted in cancer like spreading of this Ransomware all over the world. There is no doubt that it had hit the Indian cyberSpace too.!

The following Ransomware works as similar to most of the Ransomware i.e, It Encrypts the files and asks money to decrypt the files. And reportedly one of the victim was asked $300 through bitcoins to decrypt the files. And It also installs a backdoor named DOUBLEPULSAR in your computer so that in future they can hack your computer easily.!

Spreading Like Cancer.!

After few hours, This Ransomware found in more than 50,000 computers over 149+countries, And it had already shut down 6 major hospitals in US and 80% of Spanish telecom firms were found with this ransomware.

How to Protect Your Computer?

wannacry-ransomware-attack

1. Do not open any attachment unless until u know that is from known sources. Please apply this patch immediately to all endpoints. Follow this link .

2. Disable SMB from your computer. Steps : Control panel -> Programs -> Turn Windows features On or Off ->Uncheck SMB

3. Keep your Antivirus Updated.

4. Install Cybereason RansomFree program to prevent yourself from these kind of attacks. Download here.

5. Make sure your software is up-to-date.

6. Have a pop-up blocker running on your web browser.

7. Regularly backup your files to External harddrive and while backing up stay offline and never connect External Harddisk when you are online.

8. If your PC gets attacked there may be chances of your Harddisk getting encrypted too.

wannacry-ransomware-decrypt-unlock-files

For more details follow us on Twitter and Facebook we will keep you updated..!

IP Address
16.0.5.10:135
16.0.5.10:49
10.132.0.38:80
1.127.169.36:445
72.251.38.86:445
154.52.114.185:445
52.119.18.119:445
203.232.172.210:445
95.133.114.179:445
111.21.235.164:445
199.168.188.178:445
102.51.52.149:445
183.221.171.193:445
92.131.160.60:445
139.200.111.109:445
158.7.250.29:445
81.189.128.43:445
143.71.213.16:445
71.191.195.91:445
34.132.112.54:445
189.191.100.197:445
117.85.163.204:445
165.137.211.151:445
3.193.1.89:445
173.41.236.121:445
217.62.147.116:445
16.124.247.16:445
187.248.193.14:445
42.51.104.34:445
76.222.191.53:445
197.231.221.221:9001
128.31.0.39:9191
149.202.160.69:9001
46.101.166.19:9090
91.121.65.179:9001
2.3.69.209:9001
146.0.32.144:9001
50.7.161.218:9001
217.79.179.177:9001
213.61.66.116:9003
212.47.232.237:9001
81.30.158.223:9001
79.172.193.32:443
38.229.72.16:443
Domains
iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[dot]com
Rphjmrpwmfv6v2e[dot]onion
Gx7ekbenv2riucmf[dot]onion
57g7spgrzlojinas[dot]onion
xxlvbrloxvriy2c5[dot]onion
76jdd2ir2embyv47[dot]onion
cwwnhwhlz52maqm7[dot]onion
File Names
@Please_Read_Me@.txt
@WanaDecryptor@.exe
@WanaDecryptor@.exe.lnk
Please Read Me!.txt (Older variant)
C:\WINDOWS\tasksche.exe
C:\WINDOWS\qeriuwjhrf
131181494299235.bat
176641494574290.bat
217201494590800.bat
[0-9]{15}.bat #regex
!WannaDecryptor!.exe.lnk
00000000.pky
00000000.eky
00000000.res
C:\WINDOWS\system32\taskdl.exe

wannacry_03

Finally all we have to say is please be safe, Keep on updating your Antivirus and Operating systems, Never open attachments from unknown mails. Be secure and we are wishing you a safe cyberspace

With a degree in Computer Science & Engineering, Vishnuprasad is interested in Robotics, Networking, Cyber Security, Programing, Testing. He has a good knowledge in Linux and Windows and has knowledge over more than 15 programing languages.

Leave a Reply

%d bloggers like this: