5/16/2017

Economic, Financial, Political & Health: RANSOMWARE WANNA DECRYPTOR OR CREATOR BITCOIN, AND HOW TO FAST AFTER ARMING IT.

RANSOMWARE WANNA DECRYPTOR OR CREATOR BITCOIN, AND HOW TO FAST AFTER ARMING IT.


Why should be said Ransomware Wanna Decryptor ... ???. How is the technique of doing deterrence against the Bitcoin heartless terrorists ... ???.

Before going any further, it's good you guys know history, and its development first .. !!!. By knowing its history and its development, it is believed you will understand what is Ransomware Wanna Decryptor ... !!!
# A Brief History of Ransomware.

Bitcoin-minded terrorist or called Ransomware Wanna Decryptor, the kind is indeed present in the nineties exactly in 1989 with the short language Ransomware. The attack by the terrorist, has increased in the range of 748 percent in the last year. Cyborg Trojan, a cyberspace advocate of cyberspace, launched its action by sending viruses to victim computers. But Ransomware Wanna Cry is now more patterned by locking its target through the Health Industry attack by locking the computer and encrypting all data, so the computer can not be accessed unless the owner of the computer is infected with the disease, sending a ransom of Bitcoin currency to the perpetrator.

Ransomware Wanna Cry is not much different from the general terrorist, because they dare to announce the hostage of a company's document until Bitcoin's payment is a ransom. Ransomware Wanna Cry does look very simple, but do not be trivial this way, because in 2016 yesterday has gained billions of dollars from the pattern of attacks that they do, and the estimate of its acquisition in 2017 more than last year.

# Development of Ransomware.

In the first part, Ransomware is a simple construction that uses basic cryptography, with most just renaming files, and making it relatively easy to overcome. But it is the cause of a new branch for computer's successor. In today's Digital Transformation era, companies are building applications without much attention to the security of Bring Your Own Device (BYOD), long before starting advanced cryptographic usage in corporate network targeting, hackers target general internet usage through initial attacks.

Today's hackers mostly use the Ransomware scheme that uses advanced cryptography to completely lock the PCs it occupies. Then Ransomware every year continues to grow with a new type, not only threaten organizations worldwide, or public facilities such as hospitals, and even threaten the online business. Then the famous Ransomware type is Locky who did terror to organizations around the world in the last year, including infecting a hospital in the United States (Hollywood).

# Next, if you have understood the history and development of Ransomware Wanna Decryptor. You also need to know, how does this virus infect your computer ...?. Here's the review ... !!!

In a company, it is likely that every employee receives hundreds of emails and many activities that require employees to download or open attachments, then from employee activities to open attachments from unknown senders is one that can enable virtual cyberbreakers successfully deploy Ransomware.

Not much different from other viruses that send ransomware in bulk, through millions of dangerous phishing emails sent every second. The actors use a variety of feeds to push the target to open Ransomware email, whether it's from a job application from a prospective employee, a bonus financial offer, and so on. After this malicious attachment is opened, the user is prompted again to enable the macro to view or edit the document.

And when the target activates the macro, that's when the Ransomware code hides inside the macro. Obviously this can encrypt files in a matter of minutes, then the torchers request payment to the owner of an encrypted file, starting from hundred dollars to tens of thousands of dollars for the cost of recovery system. Actually, if your computer or an infected company's computer has been using cloud back up services by adopting a behavioral data recognition technology, then there is no need to pay for the recovery of the system, you simply switch the temporary operation on the Disaster Recovery cloud service, and wipe the entire device, then Restore again.

Between Bitcoin & Ransomware.

Secure and untraceable payment methods make Bitcoin a fertile field for terrorists who want hidden financial transactions. Unlike some people who just buy Bitcoin for investment, people are buying Bitcoin hoping that its value can increase over time.

But for cyberspace, this virtual currency creates its own charms, even those mentors do not hesitate to offer services to customers or infected targets, about how to send Bitcoin to them.


# Technique Ward off the Ransomware Peneror Wanna Cry.

Ransomware's most popular attacking factor is possible based on Email, you as the owner of the company should provide in-depth training to employees about how to identify potential Ransomware Wanna Cry attacks. It can even take a few indicators, such as bad formatting or emails claiming to be from Microsoft Security sent from an obscure address, even those that do not contain Microsoft words in it can save the network from malware infections.

However, stopping employees from enabling macros is a major step in ensuring the security of running Ransomware Files. Microsoft Office 2016, and now Microsoft 2013, these two Microsoft brings a feature that enables macros to disable. Microsoft has also been aware of and moving quickly on the attack, generally on Windows 10-based computers that are infected with Ransomware Wanna Cry.

However, if your company's computer is already infected, chances are this way you can do, including:
1. First part, Enter into Safe Mode.

2. Next, Click Safe Boot -> Minimal, Click Ok, and Restart.

3. After restarting, Go to Control Panel -> Folder Options -> Show Hidden Files (Check Image), then Click Apply.

4. Go to msconfig -> Startup -> Disable Program is suspicious or unknown, Click Ok, and click "Exit without Restart".

5. Delete Malicious Files (All Virus Files).

6. Then, check the next folder to find suspicious files:

% TEMP%
% APPDATA%,
% ProgramData%
(If there is a folder / File Wanna Cry delete directly).

7. Check Host File, because it can corrupt with the Virus
Location of host:
C: \ windows \ System32 \ drivers \ etc
There will be a host file and then open pake notepad / notepad ++. And, if there is written there is a site that is not known, then immediately deleted.

8. Then, go back to msconfig, continue Disable Safe Mode, Click Ok, then Restart.

9. After Restarting, there is no "Decryption Tool" at this time, but you can restore files from back up or restore a separate folder.

10. Now you can see the old version of the encrypted file.

11. Clear Named Files:
- Readme.txt.WCRY
- License.txt.WCRY
- History.txt.WCRY
- !Please Read Me!.txt
- !WannaDecryptor!.exe

12. If all the virus files have been deleted, the next step is to restore all files that have been encrypted by the virus (Another option if you do not back up the previous file) by selecting the folder that encrypted the file, click Properties, select Previous Versions Tab, on In that column choose the date before the virus infected. As a result, all the lost files are finally encrypted back to normal.

For the removal of Ransomware Wanna Cry, an initiative of "No More Ransom" was launched by Europol and the National Police of the Netherlands, as well as working with a number of cyber security companies. A free decryption tool for the Ransomware type is offered by them to assist victims in data retrieval. This portal offers a decryption tool for Ransomware types including Crypt XXX, MarsJoke, Teslacrypt, and Wildfire.

In the future, in order to anticipate the Ransomware Wanna Decryptor good Part 1, Part 2, Part 3 and so on, better entrepreneurs invest in antivirus software and keep it up to date, so as to warn computer users about files that are potentially harmful to the company.

Keep in mind, in essence Hacker (Implementing Ransomware Wanna Decryptor) is Ordinary Man. They are only testing the results of inventions that have been created. It also shows, that they are still hackers in cyberspace. The likelihood of hackers referred only to the owners of companies, businesses, including governments to not arbitrary to employees or subordinates. That's why we have to respect each other, respect each other, and do not look down on either subordinates or superiors, because honor-respect is a must for every time, including the terrorists or Hackers. And that's the politics of cyberspace now ... !!!

No comments:

Post a Comment