By using a online free email service (such as Hotmail or Gmail) instead of the direct email provided by an ISP, am I protected from malaware such as the new WannaCry trojan horse malaware?
This virus spreads thru attachments in email. Do the major free email services screen for these attachments when email passes thru them?
Last edited by Mayagrafix; 13 May 2017 at 08:35. Reason: Solved
Let's start with a first step. What version and build are you running?
The current wannacry pandemic is not being spread my attachments, it's being spread by a vulnerability in Windows that was patched on modern systems a couple of months back, if you are up-to-date on your Windows updates then you will be fine.
More info -
Customer Guidance for WannaCrypt attacks MSRC
Microsoft Security Bulletin MS17-010 - Critical
The worm that spreads WanaCrypt0r - Malwarebytes Labs | Malwarebytes Labs
74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+ • The Register
I was reading it spreads threw the SMB protocol, so on older unsupported Windows OS's if you disable File sharing that should stop it spreading.
Also Microsoft did create a patch for Windows XP, Windows 8, and Windows Server 2003
Available here:
Microsoft Update Catalog
It has also been reported email is also used to spread this.
Microsoft Releases XP Patch for WannaCry Ransomware | Threatpost | The first stop for security news
While experts said that attackers could scan for SMB servers exposed to the internet on port 445 (not a recommended practice) and send malicious packets their way, Microsoft said yesterday it was also aware of phishing attacks spreading the ransomware.
From what I've read, it enters through a malicious attachment in an email, then infiltrates all unpatched systems as a worm.
FWIW, some online email services (like Gmail) have very good spam filters, but some still get through, and, on top of that, the malicious attachments are encrypted, so AVs have a hard time identifying them.
A researcher accidentally found the kill switch and WCry has been turned off, but that does not help systems that have already been infected.
This thread has been keeping up on things:
Hacking tools were stolen from NSA - Almost all Windows affected - Windows 10 Forums
.
As it has been said above, you need to have your OS patched and never, never click on unknown email attachments.
Reposting this here, in case someone needs it:
So there's a possibility to get your encrypted files back...for some....
WannaDecrypt your files? The WannaCry solution, for some - Malwarebytes Labs | Malwarebytes Labs
The decryptor is only going to work if you haven’t restarted the infected system and you haven’t killed the ransomware process (should be wnry.exe or wcry.exe) so please don’t restart or kill the process if you want to get those files back!
Quote
