[Han105]

Hey guys, Did you hear about ransomware news lately ? WannaCry, BlockyWare, etc ? Watch out and Be careful about them, Especially for people who uses windows... Make sure to update security and system before it's too late. Some IT Companies got infected by these things, and EVEN Some of Hospitals System got infected by these.

Demonstration of WannaCry Videos :
https://www.youtube.com/watch?v=K8DJCqSPmdI
https://www.youtube.com/watch?v=4MMeSneDBNs

An Explaining Video From Youtuber :
https://www.youtube.com/watch?v=ibLaCEL8E4E


List of ransomware extensions and known ransom files created by Crypto malware :

File extensions appended to files:

Code: (Select All)

.ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .encrypted, .locked, .crypto, _crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM, .RRK, .encryptedRSA, .crjoker, .EnCiPhErEd, .LeChiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .HA3, .toxcrypt, .magic, .SUPERCRYPT, .CTBL, .CTB2, .locky or 6-7 length extension consisting of random characters.

Known ransom note files:

Code: (Select All)

HELPDECRYPT.TXT, HELP_YOUR_FILES.TXT, HELP_TO_DECRYPT_YOUR_FILES.txt, RECOVERY_KEY.txt HELP_RESTORE_FILES.txt, HELP_RECOVER_FILES.txt, HELP_TO_SAVE_FILES.txt, DecryptAllFiles.txt DECRYPT_INSTRUCTIONS.TXT, INSTRUCCIONES_DESCIFRADO.TXT, How_To_Recover_Files.txt YOUR_FILES.HTML, YOUR_FILES.url, encryptor_raas_readme_liesmich.txt, Help_Decrypt.txt DECRYPT_INSTRUCTION.TXT, HOW_TO_DECRYPT_FILES.TXT, ReadDecryptFilesHere.txt, Coin.Locker.txt _secret_code.txt, About_Files.txt, Read.txt, ReadMe.txt, DECRYPT_ReadMe.TXT, DecryptAllFiles.txt FILESAREGONE.TXT, IAMREADYTOPAY.TXT, HELLOTHERE.TXT, READTHISNOW!!!.TXT, SECRETIDHERE.KEY IHAVEYOURSECRET.KEY, SECRET.KEY, HELPDECYPRT_YOUR_FILES.HTML, help_decrypt_your_files.html HELP_TO_SAVE_FILES.txt, RECOVERY_FILES.txt, RECOVERY_FILE.TXT, RECOVERY_FILE[random].txt HowtoRESTORE_FILES.txt, HowtoRestore_FILES.txt, howto_recover_file.txt, restorefiles.txt, howrecover+[random].txt, _how_recover.txt, recoveryfile[random].txt, recoverfile[random].txt recoveryfile[random].txt, Howto_Restore_FILES.TXT, help_recover_instructions+[random].txt, _Locky_recover_instructions.txt

Note: The [random] represents random characters which some ransom notes names may include.

I don't know what do you guys think about this. Well for myself. To be honest, I got shocked.. But just warning you guys about this
There are some tips to prevent this things :

- Don't open uknown link from anyone
- Don't open attachment that you received from someone else
- Backup your files.
- Update any Windows system and security
- Don't trust anyone that you haven't meet him/her before.... (i got pmed from someone last hours ago, but luckly i immedietly reported that and closed the chat)

Some List of Windows Edition, Build, Version that probably have a chance to get infected
Open here : http://imgur.com/a/8Y5sJ

More tips are welcome!

[Rishabh Jain]

Yeah i actually read about that and an interesting fact about wannacry ransomware is some random guy accidently stopped the hack by purchasing the domain in use. Here see the report
https://www.theguardian.com/technology/2...ber-attack

[perry]

everyone needs to update their windows to the latest version.
microsoft released a patch for it.

[Hawkz]

everyone needs to update their windows to the latest version.
microsoft released a patch for it.

Well not windows 10 users , it's impossible to infect these computer i even tried manually downloading the virus.

[sagher]

Thanks for such a great information. one of my friend already victim of this virus. and ask for money to get his files back.
no crack is found still to refind your files in your PC. files are still on PC but unable to view, search...
My opinion to please dont give any of your personal information specially if you are using any crypto currency sites. like BTC or any coins.

[Jayce]

@sagher One of my friends got infected by this as well, I started to backup my important files to my backup storage, preparing for the worst case scenario.

[sagher]

The simple attack of this virus will be recoverable byself. from a simple DoS commands set. if you are victim with any removable drive captured with no file shown but memory shows full. you can recover it.

[perry]

Well not windows 10 users , it's impossible to infect these computer i even tried manually downloading the virus.

dont say windos 10 is immune to everything please

[humanpuff69]

dont really get too scared with the ransomware because most of you probably doesnt open any port on the router so probably you will save because opened port is the no.1 reason that the user get infected

and you see that alot of the victim is like hospital or important goverment because they mostly need a SMB port so they open it . and because they open it they get the virueses

hospital is most infected because their system is RARELY maintained . they mostly doesnt update their windows . and by the way THE PATCH FOR THE EXPLOIT already RELEASED in MARCH . THIS IS NOT DAY 1 EXPLOIT . so if you want to be safe block the port and patch the windows . the user that update their indows frequently probably doesnt get this virueses

[Sagnik]

Simple solution: Use Linux. Say no to Winbloze. We linux users don't give a damn to viruses.