Another big malware attack ripples across the world

Page 1 of 2 12 LastLast
    Another big malware attack ripples across the world

    Another big malware attack ripples across the world


    Last Updated: 27 Jun 2017 at 18:53

    Hackers launched blistering ransomware attacks Tuesday against companies and agencies across the world, particularly targeting Ukranian businesses.

    Major global firms reported that they had been targeted, including British advertising agency WPP (WPPGY), Russian oil and gas giant Rosneft and Danish shipping firm Maersk.

    "IT systems in several WPP companies have been affected by a suspected cyber attack," WPP said on its Twitter account.

    Maersk issued a similar statement, saying its tech systems "are down across multiple sites and business units due to a cyberattack."

    The U.S.-based pharmaceutical company Merck (MRK) also said it was hit.

    "We confirm our company's computer network was compromised today as part of global hack," Merck said on Twitter.

    The source of the attack is not yet clear. It is similar to WannaCry, which spread globally in May, but there are differences. Both asked victims to pay Bitcoin to get their files back, and both use a similar flaw to spread through networks...


    Read More:
    Another big malware attack ripples across the world - Jun. 27, 2017
    rezpower's Avatar Posted By: rezpower
    27 Jun 2017


  1. Posts : 7,964
    Windows 11 Pro 64 bit
       #1

    Posts in the AntiVirus section suggest disabling the vulnerable SMBv1 file sharing protocol
      My Computers


  2. Posts : 324
    Windows 10 Pro 64bit
    Thread Starter
       #2

    Steve C said:
    Posts in the AntiVirus section suggest disabling the vulnerable SMBv1 file sharing protocol
    Yes, I have done this long ago as there is no need to have it enabled anyway. But the important question now is: Are those of us having latest windows update and SMBv1 disabled safe with the new attack or other precautions should be taken!?
      My Computer


  3. Posts : 3,108
    W10 Pro + W10 Preview
       #3

    rezpower said:
    Yes, I have done this long ago as there is no need to have it enabled anyway. But the important question now is: Are those of us having latest windows update and SMBv1 disabled safe with the new attack or other precautions should be taken!?
    The site responsible for this particular malware has already been closed down.
      My Computers


  4. Posts : 1,773
    Windows 10 Home
       #4

    "Are those of us having latest windows update and SMBv1 disabled safe with the new attack"

    Apparently this protocol will default to OFF in the Fall Creators Update. For those who want to disable but don't know how: open Powershell (Admin) then type and Enter -
    Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol

    or, in Control Panel/Programs and Features/Turn Windows Features on or off and untick box. Restart is required
      My Computer


  5. Posts : 353
    Windows 10 Pro
       #5

    Apparently some software could be to blame ?

    Tax software blamed for cyber-attack spread - BBC News

    And it is suspected was spread via the software's automatic updates !

    Alan Woodward, a computer scientist from the University of Surrey, said: The ironic thing about this situation (if it proves to be the case) is that we always advise users to keep their software up to date, ideally using automated updates.

    "However, it assumes hackers can't take over the update process and misuse it.

    I've always worried about this with Microsoft's own auto update system, could it be abused in the same or similiar way.
      My Computer


  6. Posts : 29,078
    Windows 10 21H1 Build 19043.1023
       #6
      My Computer


  7. Posts : 633
    Win 10 Pro x64 1607 (Build 14393.953)
       #7

    Announcing Windows 10 Insider Preview Build 16226 for PC


    Done. Thanks for the heads up!

    Cheers
      My Computer


  8. Posts : 889
    Windows 10 Pro x64
       #8

    Can someone write a simple .bat file to run this?

    Petya Ransomware Vaccine: This Will Protect You From Latest Attack

    Use elevated CMD prompt to enter:

    cd \windows
    copy notepad.exe perfc
    copy notepad.exe perfc.dat
    copy notepad.exe perfc.dll
    attrib +R perfc
    attrib +R perfc.dat
    attrib +R perfc.dll
      My Computers


  9. Posts : 3,108
    W10 Pro + W10 Preview
       #9

    This version of ransomware has been terminated at source because the perpetrator never attempted to cover its address, it is pointless installing this file as it is no longer live in the wild.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 08:09.
Find Us




Windows 10 Forums