Hacking tools were stolen from NSA - Almost all Windows affected

Page 13 of 15 FirstFirst ... 31112131415 LastLast
  1.    15 May 2017 #121

    Interesting tidbit about WCry:

    Click image for larger version. 

Name:	image.png 
Views:	58 
Size:	169.8 KB 
ID:	135152
      My ComputerSystem Spec


  2. Posts : 7,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       15 May 2017 #122

    simrick said: View Post
    Interesting tidbit about WCry:

    Click image for larger version. 

Name:	image.png 
Views:	58 
Size:	169.8 KB 
ID:	135152
    Hmm. Intersting. Thanks for that, simrick. :)
      My ComputersSystem Spec

  3. Fafhrd's Avatar
    Posts : 1,928
    Windows 10 x86 14383 Insider Pro and Core 10240
       15 May 2017 #123

    One thing from Malwarebytes update at The worm that spreads WanaCrypt0r - Malwarebytes Labs | Malwarebytes Labs

    UPDATE: The second argument to InternetOpenA is 1 (INTERNET_OPEN_TYPE_DIRECT), so the worm will still work on any system that requires a proxy to access the Internet, which is the case on the majority of corporate networks. Thanks to Didier Stevens for spotting what was missed by most.

    The accidental kill-switch will not protect those who are running through a proxy server, nor the variants that have the link to the backdoor website removed
      My ComputersSystem Spec

  4. AndreTen's Avatar
    Posts : 15,257
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       16 May 2017 #124

    Fafhrd said: View Post
    One thing from Malwarebytes update at The worm that spreads WanaCrypt0r - Malwarebytes Labs | Malwarebytes Labs



    The accidental kill-switch will not protect those who are running through a proxy server, nor the variants that have the link to the backdoor website removed
    Danger from this attack is far from over. We'll see variants in the next weeks at least.

    Interesting article on Ars Technica | massive-cryptocurrency-botnet-used-leaked-nsa-exploits-weeks-before-wcry

    Like WannaCry, this earlier, previously unknown attack used an exploit codenamed EternalBlue and a backdoor called DoublePulsar, both of which were NSA-developed hacking tools leaked in mid April by a group calling itself Shadow Brokers. But instead of installing ransomware, the campaign pushed cryptocurrency mining software known as Adylkuzz. WannaCry, which gets its name from a password hard-coded into the exploit, is also known as WCry.
    Last edited by AndreTen; 16 May 2017 at 03:23.
      My ComputersSystem Spec

  5.    16 May 2017 #125

    AndreTen said: View Post
    You're right there. I've connected this two statements without carefully reading articles. But then who read this stuff carefully?
    not me anyway. Lets face it 99% of the 'news' on the net is faked anyway.
      My ComputerSystem Spec


  6. Posts : 53
    Windowes 10 Pro 15063.332
       16 May 2017 #126

    actually about 25% is fake and the rest you need to double and triple check with other sources
      My ComputerSystem Spec

  7.    16 May 2017 #127

    Fafhrd said: View Post
    One thing from Malwarebytes update at The worm that spreads WanaCrypt0r - Malwarebytes Labs | Malwarebytes Labs
    UPDATE: The second argument to InternetOpenA is 1 (INTERNET_OPEN_TYPE_DIRECT), so the worm will still work on any system that requires a proxy to access the Internet, which is the case on the majority of corporate networks. Thanks to Didier Stevens for spotting what was missed by most.
    The accidental kill-switch will not protect those who are running through a proxy server, nor the variants that have the link to the backdoor website removed
    Hopefully everyone is patched/getting patched by now. (Although I have 1 Vista laptop that hasn't been able to download updates since last year, so it's a problem.)
    AndreTen said: View Post
    Danger from this attack is far from over. We'll see variants in the next weeks at least.

    Interesting article on Ars Technica | massive-cryptocurrency-botnet-used-leaked-nsa-exploits-weeks-before-wcry
    Yes, reading this....makes you wonder what else is out there that we don't know about...

    Assembling a botnet the size of the one that managed WannaCry and keeping it under wraps for two to three weeks is a major coup. Monday's revelation raises the possibility that other botnets have been built on the shoulders of the NSA but have yet to be identified.
    I cleaned a system that had been hit with a Bitcoin Miner once - scary stuff!
      My ComputerSystem Spec

  8. Fafhrd's Avatar
    Posts : 1,928
    Windows 10 x86 14383 Insider Pro and Core 10240
       16 May 2017 #128

    Latest WanaCrypt infection rates from MalwareTech site ( The tracker site went down from 1600, but is back online now). Showing nearly 4.5k new infections/hour and rising for a total of over 350k machines infected so far since Friday.

    Click image for larger version. 

Name:	image.png 
Views:	2 
Size:	154.5 KB 
ID:	135304
    Click image for larger version. 

Name:	image.png 
Views:	3 
Size:	216.4 KB 
ID:	135305

    PewPewPew (realtime tracker) is getting really noisy, and unstable as the number of exploits increase.
      My ComputersSystem Spec

  9. AndreTen's Avatar
    Posts : 15,257
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       16 May 2017 #129

    Fafhrd said: View Post
    Latest WanaCrypt infection rates from MalwareTech site ( The tracker site went down from 1600, but is back online now). Showing nearly 4.5k new infections/hour and rising for a total of over 350k machines infected so far since Friday.

    Click image for larger version. 

Name:	image.png 
Views:	2 
Size:	154.5 KB 
ID:	135304
    Click image for larger version. 

Name:	image.png 
Views:	3 
Size:	216.4 KB 
ID:	135305

    PewPewPew (realtime tracker) is getting really noisy, and unstable as the number of exploits increase.
    Thanks for the update Fafhrd. Compromised servers are also huge problem. This attack was well prepared, and attackers won't stop easy.
      My ComputersSystem Spec

  10.    16 May 2017 #130

    I noticed the infection rate seemed to be climbing earlier today - many more PEWS.
      My ComputerSystem Spec


 
Page 13 of 15 FirstFirst ... 31112131415 LastLast

Related Threads
Remote hacking in AntiVirus, Firewalls and System Security
I believe I am being remotely monitored. My task manager spikes whenever this person uses their computer and I have very odd programs running. I have a dell windows 10 upgraded from 7. Can someone lead me thru steps on how to find it and eliminate...
Will dual boot windows 10 1511 and ubuntu 16.04 be affected by anniversary update. Henry
As the title says, my old laptop was stolen how do I remove access to my Microsoft account form it?
Stolen asus laptop s/n f6n0cv02692323a in AntiVirus, Firewalls and System Security
Hi guys, new to this forum and requesting any possible help. My laptop has been stolen and I didn't have any tracking program installed. Is there any way it can be located again? It also has a password on the startup lockscreen but I am not sure if...
Would Windows 10 Phone affected by the same virus with Win 10 PC? in AntiVirus, Firewalls and System Security
So I just had a thought: if Windows 10 for Phone can run continuum and be a PC, then a virus or any malicious software can infect a phone just like it would in a laptop/desktop? Another thought: what if the virus can manipulate OneDrive sync and...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 15:53.
Find Us