Your browser is obsolete!

The page may not load correctly.

Encrypt everything

Закодировать всё

Other issues in this category (24)
  • add to favourites
    Add to Bookmarks

Encryption ransomware lessons. Pull the right plug

Read: 29671 Comments: 2 Rating: 9

Monday, July 3, 2017

Many people keep right on working even after they notice their computers are infected or behaving strangely. We are republishing two quotes from our issue devoted to typical user errors:

Hello; I opened an email, and my system began to freeze so I waited a bit and then restarted it. It booted up really slowly. And when the boot process completed, everything was encrypted.

I was watching news on a social networking site; I didn't download anything or open any links. My system really slowed down and then up popped a Wanna Decryptor banner showing a ransom demand. The banner continued popping up every five seconds.

When the WannaCry outbreak happened, users “devised” another method for disarming the encryption ransomware. As you know, most encryption ransomware strains communicate with command and control servers. Specifically, this enables them to generate encryption keys on a remote host. Therefore, if we unplug the network cable, the ransomware will lose its connection to the server and won't be able to do anything without the server’s instructions, right? And it won't be able to spread over the network. Indeed, that sounds quite logical!

However, ransomware makers aren't fools. If the connection to the server is interrupted or access to the local network is lost, the malware immediately commences with its encryption activities.

#corporate_security #Trojan.Encoder #encryption_ransomware

The Anti-virus Times recommends

If you notice an infection or something suspicious, power off your computer by pulling the power cord from the outlet.


Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.