The new ransom virus "Bad Rabbit" that hit many European countries ...how to protect yourself...

in hacking •  7 years ago 

We all remember ransom virus "WannaCry"  which hit  corruption in the earth, and was able to cause an unprecedented electronic attack in the world in 2017. It broke into the computers systems of dozens of countries and institutions and major international companies.  Pirates demanded  victims to pay ransom for Decryption.

After a major security update from Microsoft and a host of other systems, virus attacks were halted, but it seems that it has not yet ended.

A similar virus, known as the "bad rabbit," has been widespread in a number of European countries, namely Russia, Ukraine, The number is high.

The virus has so far succeeded in attacking the Odessa airport , the Ukrainian Ministry of Transport, Metro Kiev and a group of Russian press institutions as well as in Turkey and Bulgaria at different levels.

How does the virus spread?

According to several security reports, the new virus is spreading in a virtual update of the Flash program, and the virus comes with tools that help it move horizontally within the network, which may explain why it spread very quickly across many organizations, companies and countries in a short time. 

Based on the analysis of the virus it tries to reach servers and computers running on the same network via "SMB"

When a computer is infected with the virus, it will first encrypt the files on the user's computer and then change  MBR (Master Boot Record). When it does its job properly, it restarts the user's computer and show the malicious message that forces victim to go to the hacker site ,and pay 0.05 Bitcoin to retrieve his files.

How to protect yourself?

1 First, if you have a flash program on your computer, do not update it except from the official Adobe website, and if you see any message asking you to update the program do not do so.

2 Second, prevent the following extension from your device:

 c:\windows\infpub.dat 

 c:\Windows\cscc.dat 

3 Thirdly, stop WMI services to prevent virous from spreading in your network.

hacking security news wannacry technology
7 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    4 votes
    4
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  7 years ago 

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00
      [-]
        ·  7 years ago 

      Done

      Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

      • Disagreement on rewards
      • Fraud or plagiarism
      • Hate speech or trolling
      • Miscategorized content or spam

      Submit
      $0.00
        [-]
          ·  7 years ago 

        great job

        Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

        • Disagreement on rewards
        • Fraud or plagiarism
        • Hate speech or trolling
        • Miscategorized content or spam

        Submit
        $0.00
          [-]
            ·  7 years ago 

          Thanks

          Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

          • Disagreement on rewards
          • Fraud or plagiarism
          • Hate speech or trolling
          • Miscategorized content or spam

          Submit
          $0.00