Biggest Hack affects millions May 12, 2017

**StockEngine** · May 14th, 2017 03:06 AM

At least 74 countries affected. I think it crippled several banks in my locale.

Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool - NYTimes.com

Sent from my SM-G935F using Tsikot Forums mobile app

**BratPAQ** · May 14th, 2017 03:33 AM

Kaya it's always good to have an offline backup. Saka di naman totoo yang makukuha mo pa data mo once you paid.

Sent from my SM-G955F using Tapatalk

**StockEngine** · May 14th, 2017 03:35 AM

email server namin hindi pa na offline... tsk.

Sent from my SM-G935F using Tsikot Forums mobile app

**sientobente** · May 14th, 2017 08:09 AM

Sabi ng empleyado ko, this spreads through port 445, so you have to block that port. Mga tao kasi di na natuto, bukas ng bukas ng mga suspicious email.

Sent from my SM-G955F using Tapatalk

**chronicle** · May 14th, 2017 08:53 AM

Port 445 is smb. So kung may shared drive kayo sa network, di rin useful iblock ang smb.

**BratPAQ** · May 14th, 2017 10:07 AM

I know someone was attacked by a ransomware in the past. And they were able to pinpoint the particular employee who clicked a link on the email and the specific time. But I'm not sure what they did with that employee.

So yeah, be careful on what you click cause might cost you your job.

Sent from my SM-G955F using Tapatalk

**StockEngine** · May 15th, 2017 12:59 AM

epic stuff... 150+nations kuno

At least 1, groups in 15 countries hit by ransomware

Sent from my SM-G935F using Tsikot Forums mobile app

**badkuk** · May 15th, 2017 07:20 AM

afaik the ransomware exploits vulnerabilities in older Windows operating systems...which were highlighted by a recent leak of NSA hacking tools. Aside from the usual propagation through trojan/windows share+autorun trick, it also actively scans your network and infects vulnerable systems.

Microsoft has released patches for the vulnerability for older Windows OSes. If you're still using them, apply them now. i just saw a video showing how a vulnerable system got infected in real-time, within minutes.

**badkuk** · May 15th, 2017 07:24 AM

^ To add, just because you don't see the ransomware pop-up, doesn't mean you're in the clear. Apparently it has a "kill-switch" -- a researcher found out that the ransomware stops when it can resolve a specific domain name(which he has graciously registered for $10.64)...it's unclear whether this will stop the ransomware -- please note that the infection may still be there, it's just dormant.

And, expect more copycats in the future.