A recent virus has been spreading quite fast recently, this virus is spreading blazingly fast and is incredibly dangerous, it affects Windows and macOS computers. Read on for more information!
Before you read on, follow these steps to ensure safety on your data:
Install the latest updates on your Windows and macOS computers
Install the latest updates to your antivirus software
Make sure content filtering functions are ON, such as Windows SmartScreen
Make sure you have a Firewall ENABLED
Mark ANY SUSPICIOUS emails as JUNK if they are not already and then PERMANENTLY delete them.
Be very CAREFUL on what you download from the internet, including email attachments.
If you're confused on any of the steps, more detailed information is explained below this article, with more to come soon, you can search up how to do any of these steps using a search engine such as Google.
Recently, some Windows Ransomware has been spreading quite fast, causing chaos among many organisations and users. Just like a lot of other ransomware, this one encrypts your files and asks for money to decrypt them. This particular ransomware has been spreading fast recently. This ransomware also has various ways of disabling security and recovery option in Windows. This ransomware is very dangerous as it is spreading very fast, exploits security vulnerability in Windows and is a worm, meaning it has self-replication abilities, allowing it to 'infect' networks. The following is an image of a Window that the ransomware shows, explaining that you must pay to get your files decrypted:
Information on this malware can be found on Microsoft Protection Centre here.
UPDATE: Latest information on the malware - 17/05/2017 2:00 PM
An article on the malware by Microsoft is available here.
Microsoft claims that Windows 10 is not affected by the exploit used to by the malware to spread without user interaction.
Information on the patch that patches the exploit can be found here.
The ransomware has spread in over 150 countries.
Sources claim that someone has activated a 'kill switch' by registering a website. that the ransomware checks for. If it finds that website, it apparently does not infect the computer and others on the network. (Note that this does NOT mean we are safe as we don't know exactly how the ransomware works and even if the website does fully stop the ransomware, situations where your computer is not connected to the internet or cannot connect to the website will result in your computer being infected)
A new variant of the malware is spreading that is NOT affected by this 'kill switch'
The virus is also a worm virus (meaning that it possesses the ability to spread by itself in some way), it uses a vulnerability in Windows to actually run itself on other computers from one computer, this has resulted in many computers in a company or other large network environment being completely infected.
Windows Updates were already released to patch the vulnerability used by this virus to remotely execute code (Remember that this does NOT mean that if you have the patch you are secure, this is because it can use other means to spread, such as sending emails containing the virus, for this reason, you should never open suspicious emails like ones that are too good to be true for example.
Microsoft has released patches for Windows Vista and XP
Some researchers believe that the cyber attack was based in Russia, but this is not confirmed and does not conclude any differentials in safety at any location.
What happens when you're infected?
The following video by 'danooct1' demonstrates the virus in action:
Staying Safe
The most effective way to stay safe against this worm-like cyber attack is to update your windows operating system. Although it has mainly affected business, this ransomware can affect any windows PC. Windows 7, 8 and 10 users are relatively safe, but for the versions of Windows that are no longer supported by microsoft are at a much higher risk due to security flaws this malicious software takes advantage of. Another way to protect yourself is to make sure your antivirus software is up to date. Having updated definitions of viruses is key to protecting your PC from any unwanted software on your system. Updating antivirus software is usually very simple. How to update Windows Defender. Microsoft, despite ditching support for older versions of Windows, have released an exploit patch that should make this particular software less likely to infect your PC. If you are worried about being attacked and losing files, try installing windows updates, and even disconnect your PC from the internet until a solution is made available for you. Keep in mind that it may be possible to be caught out by this ransomware on any windows PC no matter the version, although less likely on newer operating systems, so keep alert of any suspicious software you come across.
Microsoft has released a patch that fixes the vulnerability that this ransomware uses to spread, it can be downloaded via Windows Update or manually here.