What is it and How it works?
WannaCry is a ransomware which started showing its rage on May 12, 2017. It uses NSA’s EternalBlue exploit and DoublePulsar backdoor. It can spread without user interaction as it exploits a vulnerability in SMB protocol. After the the attack, a patch for SMB was release on May 14, 2017 by Microsoft.
- It gets installed on victim’s device. The users gets infect by malicious emails or from the other infected devices.
- First
of all the Ransomware Starts encrypting files and starts creating some
files on the desktop and changes background. Each infection generates a
new RSA-2048 keypair. The public key is exported as blob and saved to
00000000.pky
The private key is encrypted with the ransomware public key and saved as 00000000.eky Each file is encrypted using AES-128-CBC, with a unique AES key per file. Each AES key is generated CryptGenRandom. The AES key is encrypted using the infection specific RSA keypair. Simply, it encrypts the files in such a way that you can’t decrypt them unless you have the decryption key. - It leaves DoublePulsar backdoor in the device it has infected. This backdoor is created by National Security Agency.
- It infects all the the devices present in the same network.
- Then it uses EternalBlue exploit to infect random computers on the internet. This exploit is also developed by NSA which exploits the Server Message Block (SMB) protocol in windows.
- After encrypting the files, it asks for bitcoins worth $300 in order to decrypt the files. If you pay the ransom, you may get the decryption key which can be used to get your files back.
How to protect yourself?
1. Update your windows which will fix the SMB vulnerability.2. Click on Start and search for Windows Features, now disable the SMB service from there.
2. Use a firewall
3. Don’t download anything from unknown sources.
4. Only open trusted emails and be extra careful while opening email attachments.
5. The best thing you can do is to use Linux instead of windows.
Thanks for reading! I hope you will stay safe with the precautions we have discussed. Now lets end this article with Iron Man vs WannaCry.
My wife lied about going to the store to get something but little does she know I have verifiedprohackers@gmail.com working for me and with this hacker i get to monitor everything going on on her phone alongside GPS.. that was how i knew my wife went to see her boss in a hotel. God keep blessing verifiedprohackers@gmail.com for the good and smooth jobs he does for us...
ReplyDeleteHack into Paypal accounts, B logs,Professional hacking into institutional servers-keylogging -University grades
ReplyDeletechanging / Admin(staff) account hack -Access/Password (Facebook, Instagram, bbm,Skype, snap chat, twitter, badoo, Word Press,zoosk, various blogs, icloud, apple accounts etc.)-You can also learn some basic shit you wouldn't think you'd need on your everyday basis but find out how important and helpful they really are. use random credit cards to shop online, hack iphones, tap into your friends cal and monitor conversations, email and text message interception
Contact: ( hackingsetting50@gmail.com) for any hacking jobs