There is a massive Ransomware malware worm virus circulating the globe right now destroying people's data at an alarming rate and even attacking businesses and infrastructure. You need to spread this video far and wide so people install the Windows Updates to prevent it because this virus spreads like wildfire and doesn't even require you to open it or visit a malicious site to get on your machine if you have one of the NSA hacking tool vulnerabilities that could be unpatched on your machine. Please help spread the message and protect people from what might be the most destructive and widespread virus of all time. *Please expand the video description for more information*
are you saying that this virus also encrypts storage drives ? Like if I have 3 other drives (besides the C:>\) drive..... you're saying this will also hit all my data storage drives too ?
my mum works at a hospital in Southport England and the whole hospital database got encrypted and all operations got cancelled until further notice, this virus is putting lives at risk
The difference between a girlfriend and ransomware. You can just walk away with no repercussions. A girlfriend can makeup stuff. That can cost you your time, money, freedom, and opportunities. I am backing up data right now. One drive died. I will have two 'new' backups by the end of the week. I will use the other 'x' amount of drives now. Hmm, I will gladly spend $300 for x amount of new drives. As opposed to paying for a date. Better investment in my time :) !
Think corporate/business and individual taxes come to 2 trillion a year.....Feds spend 8 trillion a year with majority of income for Feds Land Leases and import/export tarrifs on Oil......they just never repealed income tax that was started to fund civil war (Feds historically never repeal taxes...or "Entitlements")
As someone who has worked in IT for his entire career in various roles, there are three rules I have learned: 1. Always keep your systems up to date - It doesn't matter how much you hate doing updates these are an essential part of owning and maintaining a secure computer system. 2. Security through obscurity is no security at all - Just because you may use Linux or MacOS don't think your system is invulnerable. 3. The only truly secure system is one that is shutdown, switched off at the mains and unplugged.
That's really poor, however detecting Windows viruses is a good thing as it stops them spreading but those companies should also work on detection of Linux viruses as well
"Just because you may use Linux or MacOS don't think your system is invulnerable." And I agree, that's why Apple had to pull their 'Macs don't get viruses' and replace it with 'Macs don't get *PC* viruses'. Hell, even Linux got at least a couple dozen pieces of malware! However, my (limited) experience with Unix-based OSes show that you require elevation if you want anything that could do any serious damage. Even if you want to mount a disk you need specific permissions. But then again, there is the temptation to give yourself permanent root because the security restrictions are inconvenient.
This is really bad guys, and it's all the NSA's fault for keeping vulnerabilities to themselves. This pisses me off so bad! See you tomorrow at 8:30am PDT on Twitch.TV/Barnacules to talk about this some more.
As much of a Linux fanboy that I am, I sympathise with all these ppl who were affected. They just want to use technology to better their lives and do better work. Those hackers are just selfish evil ppl.
Adrian Ng selfishness is not evil. selfishness requires thinking rationally whats really best for the long them. making the whole world your enemy is not intelligent/rational; selfishness is NOT self-destruction.
Lots of interesting developments with this threat. The infection chain was halted when a security researcher found a flaw in the program and exploited it, but now new variants are coming out. This could be the ransomware of the year. Not to mention, thanks NSA, for making it possible.
99% chance that I will spot a Linux fanboy saying to switch to linux. Problem is, Linux can't run 60% of the games in the market, and doesn't have directX. Edit: already found two
The usual crappy excuse. Dude less than 10% of computer users run games on their machine (excluding solitaire of course which is on Linux also). The vast majority of gamer use consoles. Btw Directx is so "passé,, the multi platform Vulkan api is the future.
are u kidding me i bet u can survive without ur computer also i bet this virus only exists on email links cause thats the easiest way to get ur computer infected and also i mostly dont visit malicious sites as much anymore and im glad also i dont have any viruses yet right now which im lucky
You could use the computer disconnected from the internet. But are you going to like it after 100 years? The worm is out there, it won't be going away. Once the genie is freed there is no putting it back in the bottle.
Brian Black Wasnt there an Arabic story where an evil genie was released from its bottle and tpnesr the end the hero had to do something embarassing or something and the genie would go back in?
There's a small mistake in that video: Attackers usually actually DO go through the trouble making decryption software, because if they didn't, the first people would publically reveal that they got nothing for their money and nobody else would pay.
Unfortunately in corporate enviornments, Windows updates are usually delayed and put through waves of deployments so that in the not so rare case that an update breaks an application or messes up your enviornment with it's update, you have time to figure out a solution or just block that update completely. Most large companies will probably be 1-2 months behind on updates leaving them wide open to the wana crypt0r ransomware... That being said, I'm typing this from my office at 3AM because we're doing an emergency maintenance to push the MS17-010 update to all critical servers on our network. Gonna be a long night.
It relies on SMB v1, so you can firewall off the SMB ports from the Internet, or disable SMB v1. Otherwise you can just install the latest Windows updates as it was patched in March.
Use your brain - that's literally it! Don't open files from people you don't know. Don't click on links in e-mails asking you to click on links, unless you specifically are waiting for an e-mail (like if you signed up on a website that needs you to activate the account by clicking on a link in an e-mail). Also, you can, of course, buy and install stuff like MalwareBytes 3 Premium (Google it).. They have an anti-ransomware included in the software. And finally, as Jerry says... Keep your Operating System up-to-date! Download the latest security updates through Windows Update / Mac App Store...
in the UK, this virus stoped almost 50% of the NHS Accident and Emergency services. This meant people in ambulances were redirected to hospitals over an hour away. according to the news people died because of it. its horrible.
Thanks for this quick overview. I appreciate you getting this out there so early. I'm not really from the field, but imho: - Bitcoin is not technically an untraceable currency. Every transaction is recorded on a public ledger after all. - The way I understand it, they don't need to send the encryption (one-time session) key to the server. Instead they further encrypt the encryption key with a public key of the attackers (which is sent along in the worm package) and then delete the unencrypted version of the encryption key. Hence the only way to retrieve the encryption key used to encrypt the files is the private key of the attackers.
i happen to like mega.nz. about the easiest and most robust automatic solution i have found so far. as far as easy to setup backup systems go. i also use freefilesync to do a manual backup on random occasions, and to backup the files i got from the net that i think would do better off of a cloud based system. the only issue i have with systems like mega is that i am not certain how secure they actually are. mega seems like the most secure in the lot, at that price point, though. I also agree that a video covering backups systems would be nice. and of optimal ones for different skill levels.
You could perhaps use a Cloud Backup Solution, I personally am Developing a Custom application that acts as an automatic Backup solution which keeps every backup change and version change.
7 ปีที่แล้ว
Mr. Vengeance if you're doing local backups you're doing it wrong, also raid is not backup!
7 ปีที่แล้ว
Mr. Vengeance I know, but best practices dictate multiple backups to remote locations if you value your data. Also raid is not fail proof that's why multiple backups are necessary.
I wouldn't use any cloud services for any files that are important to you because the files stored there are not immune to attacks such as this ransom worm. Best form of defense is to buy a large external USB hard drive and backup everything to it. Also get some 3rd party software which will clone your C: drive and save the file to the external USB drive as well and disconnect it from any computer you have online.
COMODO Antivirus overtook Norton 2 years ago. COMODO is now rated as the best anti-virus company in the world. You should also run Malwarebytes with a anti-virus just to be sure.
1 day after I watch this video all of my school computers get the virus lol. my school has 300 or so laptops and about 75 PCs and the technicians have no idea what to do (they don't know how to do a factory reset or anything)
Barnacules, you are NOT stupid. You are sharing information that people need to know. And don't let anyone tell you different! Thank you for your informative video.
Although the vulnerability was patched in March, not all organizations can quickly apply all updates due crappy out of date vendor software that only supports older stuff. If you can't apply the patch, disabling SMB v1 is a good mitigation. SMB v1 is still enabled by default in all current versions of Windows, however it has not really been needed since XP/Server 2003 which were the last versions to use it before SMB 2/3 replaced it. Basically if you're a home user, you can disable SMB v1 with a few simple commands without any issues. If you're a large enterprise, you need to perform some audit work first and check if anything else on your network uses SMB v1 first. Stay safe! The Internet is a dangerous place.
get a shit computer, connect it to your home internet and disconnect everything else. even your phones. download the virus. put on pen drive, power off computer. unplug from network and do a complete reinstall of the OS. plug pen drive into school computer... throw away
AndroidGenius, has someone even looked at their total upload amount from their router after getting attacked to see if it is actually sending the files back to them before deleting? I honestly believe its just deleting them off your computer and not sending them anywhere. The amount of storage they would require to hold all this "stolen data" would be massive, and the large amount of internet traffic going to their location through onion routers or not they would get found so much easy. If you get infected i would disconnect the computer from the network and power it off ASAP, take out the harddrive and format it with another computer (thats up to date\windows 10) then use "Ease US" or whatever harddrive recovery program floats your boat, do a full scan, copy all the content you want off the formatted harddrive . put harddrive back in other computer, fresh install of OS
Ooo, im glad i saw this video!I had never gotten the updates, but as soon as i saw this i installed them and told my family to do the same.Thanks for spreading awareness!
can't I just shut the computer down (out of the network and physically) and wait till the whole thing is over/calmed down? I don't want to risk it while this thing is out.
It is my understanding that for most ransom-ware, they do send the key after paying. They have a strong motivation to send it. If they did not, word would get out and then a lot less people would pay. They get more people pay by sending the key to you.
OEM's should be re-installed as soon as you plug them in out of the box to remove all the 'bloat ware' which often has the benefit of speeding up the computer some. And all you have to do is is use someone's copy of windows with your key that's on the machine somewhere or in the documentation as long as you are installing the same version as your key (Home or Pro etc.)
Inzanexx715 No, the updates download just fine, but they don't install properly and I have to go into Safe Mode and uninstall the update. It only happened with SP1 so far, but I don't think other updates will work either. Also, I have Windows 7 Home Premium, not Win10.
I also recommend that windows 7 users go to control panel Then go to the backup and restore and create a system image. And save that image to an external HDD and keep that drive in the cupboard.
thank you so much. I have tried explaining this to so many people already and they just didn't get it, but you explained it way better than I did. I will be sharing this a bunch of people. btw I would let people know that a drive format will at least get them their computer back just without any of the data.
wrote a long facebook status about the issue and shared with all my friends and their friends and their friends etc etc etc.... hope this will save some of them. thanks for sharing barnacules.
the "LOSS" is losing your data BACKUP everything that is IMPORTANT to any device that isn't connected to your pc cloud and other online storages MAY BE good but i don't recommend it.. SAVE your DATA..IMPORTANT DATA in a device that isn't connect to your pc like USB or other stuff
What one should do if they were infected is immediatly remove all connections from the internet, then format the hdd/ssd's, reinstall windows (or smite them with linux), and bam, clean! :D
Chris If you decide to do so. Then you already done the count loss process. Because you don't have important data. You have already been through the process.
Some of the tools that were released/used by NSA were ones that can access you hard drive's firmware and infect your computer indefinitely, even after reformat. Remedy of that is quite complex. Instead of going through all the technical details for average consumers like yourself, Barnacules just tells you to write the computer off and buy a new one, since many people don't have just 1 drive in their computers anymore and any of them could be infected. I agree with Barnacules, just write it off. It's scenarios like these where prosumers are actually worse, because they know more than average, but not enough to actually fix the situation, they just think they know better, making it a lot worse. With the shit show that's currently going on through corporation scene here in UK, had any of my home computers been infected, I'd just power them down, put them in corner and wait few weeks, maybe months, before the situation calms down and actual removal tools are out packed along with popular antivirus software. Only then I'd even consider powering the boxes up, on completely separate network, and even then I'd throw away the hard drives and just buy new ones.
if you can't install the update Goto Network and internet > Network and sharing centre > Change Advance Sharing Setting And turn off the File printer service For both public and private This option closes port 445 and 135 Effectively becoming immune to SMB Exploits such as MS17-010 Which I presume the WANNA Crypt worm uses
That part about hospitals... I've seen people say that when we develop mechanical enhancements for our body we will be vulnerable to hackers. This shows that even now people's live can be put at risk by hackers. Even today, we can be affected in a very physical way by hackers. The human race has become so dependant on their tech, but too many people see it as a nerdy thing that doesn't affect them. People need to begin treating tech like a body part. It is so vital to our lives but the NSA and hackers treat it like a toy to mess around with.
From it's end, People always told me "Just upgrade that XP box to 7!" But when the computer next to that HAD 7 and got this ransomeware but XP didn't... My point still stands!
Or just type in cmd: netsh advfirewall set allprofile state on netsh advfirewall firewall add rule name=deny445 dir=in action=block protocol=TCP localport=445
One of my clients actually got infected by Locky like an year ago, but they decided to pay the ransom fee and got their files back. So It's not that dark out there!
Yes. That's what I do about once a year just to keep my system clean. I don't care if I lose some lolcat pictures in the process. I have all my important stuff like resumes etc on USB sticks.
Dude, shared on facebook. Awesome video. I first heard about this on Friday and the radio. I hit all the NHS (National Health Service) 24 hospitals and even a few major companies got hit. I hope the U.S. Government liquidate the NSA. I heard that most of the systems in the UK that were hit. Where still using the version of XP even the NHS are still using the decades-old system. I honestly think that is will show that services like health, can't still use old unsupported OS's.
I run Linux but it is not imperfect , if you have wine installed it will still run. If it's written in s cross compatible language like c without any os specific dependencies it will still run.
8:04 This is confusing a lot of people and I have no idea why you put it that way? It's very misleading. Yes, unplug your PC from the net, but there is no need to call your whole PC "dead" or even the HDD. Just reformat and reinstall Windows and you're good.
When you reinstall Windows you get the net access running before it installs the updates. Just wondering how reinstalling wont just result in it getting infected a second time?
So you cant get infected by just connecting to the internet with an unpatched Windows? I thought that was the whole point of this video? When he was talking about the worm just trying IPs until it finds an unprotected machine I thought that included machines connected to the net, he even said the internet is just a huge LAN? If you reinstall Windows, you have an unpatched Windows and it remains that way until you connect to the net and get the updates?
It doesn't spread across the internet any longer someone found the "kill switch" and why reformat and reinstall if you have a proper image backup solution.
From what i heard this worm was pointing to a domain name that was so far unclaimed and said domain name functioned like a kill switch, as long as the domain name was unclaimed, the worm continues to spread. HOWEVER a researcher discovered this, claimed the domain and activated WannaCry's kill switch. So, for the time being at least, we are safe
It is possible that it can install itself into firmware. But I would classify that as very unlikely. You would need to write different code for every motherboard that exists out there. Otherwise the code wouldn't run (which could brick your machine, so it wouldn't start anymore). It is easier to install it only on the software-side of things. And most people who know how to get rid of a virus in windows (reinstall windows) are very unlikely to pay anything to them. The only reason I could see to install something in firmware is to spy on someone. And that is something that has been done by the NSA. One of the lead programmers of TOR bought a new laptop. This laptop was shipped straight to the NSA who infected the UEFI and then to the lead programmer. Granted they had hardware access to install the malware, but I'm pretty sure you could do this also without hardware acces. It might be more difficult but not impossible.
No it can't because all this worm is designed to do is use the exploit to encrypt you data.They would have to completely rewrite the worm and it would be difficult to remove which is not the purpose of these people.IF people started saying paying does nothing then no one would pay them right? Most businesses anyway backup there data so it's not a huge lose just time consuming and annyoing. People these days NEED to understand how important it is to back up your data onto a separate drive or cloud service.
A format may not work, even if you zero the drive i've seen crypos survive a zero. Last big one took out a client of mines in my last company lucky we had offsite backups
Here's what i recommended for backing up data *-External Hard Drive* *-USB Flash Drive* Here's what i *DON'T* recommended for backing up data *-Cloud servers*
I understand the fear and paranoia. It's pretty simple; Block SMB if you're part of a network, else _carry on_ and don't open E-Mails you never expected unless you can confirm beforehand what the contents are. Also, Ransomware is a business. You get repeat customers by providing "clients" the key, so from a business perspective it's no use screwing your "Customers" over because then future efforts won't pay out as much if a user believes the key won't be given.
i have windows 7 64 bit and i dont see an update that says it was published this year, is that normal? Jerry said they patched it on windows 10 but im not sure if windows 7 was affected so maybe they didnt need to patch it? If anyone have info please respond, thanks
_bOi I think this is Microsoft scaring people to get windows 10. checkmate on Microsoft 's part. you avoid the worm by getting windows 10 and updating it. or you get infected loose all data and install windows 10.. Microsoft wins.
_bOi I think this is Microsoft scaring people to get windows 10. checkmate on Microsoft 's part. you avoid the worm by getting windows 10 and updating it. or you get infected loose all data and install windows 10.. Microsoft wins.
What are you talking about Variable? I already ran windows update and nothing is listed with that KB number for W7. Maybe you should be more specific of which type of windows you are talking about, as well as include if it is 32 bit or 64 bit.
It is responsible for corporate machines being compromised. Patching is tedious, but not difficult with tools like WSUS, which comes with Windows Server. GPOs can be used to push-down Windows Update settings amongst many other things.
I have a Western Digital external hard drive on a Windows 10 PC that I back up to. The default schedule is every hour. Should I disconnect it after scheduled back up. So I have to disconnect and connect constantly. I swear people are so vicious and mean. I hate all this. Stress
***** Windows 10 backup settings default is every hour it backs up. You can change it up to Daily. But if default is every hour then maybe that's a better way. But removing a storage device is another matter.
Jeanne, your back-up when connected to your computer is just a hard drive that can be encrypted if the computer becomes effected by this virus. Disconnecting it stops that potential, but reconnecting for updates starts the problem again. Other back-up methods like an online back-up service don't have that issue because that back-up is managed by a separate computer. For now the most important thing is to get you windows up to date. Then maybe look into another back-up option like an online system Nothing wrong with having 2 back-ups btw.
This is why I use a Linux server to back up my files - not because I believe Linux to be impenetrable or even necessarily inherently more secure than Windows - but because my main desktop is Windows. It is therefore highly unlikely that there will ever be an exploit affecting both simultaneously.
Hey Jerry, doesn't the thing just encrypt your NAS as well as it is just attached to the network? Maybe you can do a video on how to properly set up (permissions etc) in order to have a solid backup strategy...?
This is one case where Windows 10 really is better than Windows 7. But in any case, didn't Microsoft patch this a month ago? Did IT not download the software update? We still have XP computers at work, running software drivers for scientific equipment that's 20 years old. but it's policy now to never connect those to the internet. Some departments with their own IT have put foam in the ethernet ports...
the problem is that a lot of IT departments in large companies control windows updates. individual computers are not allowed to update. IT pushes out the relevant update after checking what applies to them. and thats just for users computers. most servers cant be on auto update... just imagine if a server decides to update and reboot in the middle of a work day.... even minor companies can have 10's if not 100's of "servers" .
Ballade90 _bOi I think this is Microsoft scaring people to get windows 10. checkmate on Microsoft 's part. you avoid the worm by getting windows 10 and updating it. or you get infected loose all data and install windows 10.. Microsoft wins.
ok so the key is sent from the victim to the attacker right? what if the victim is running any kind of sniffer on the network can they say sniff out the key or at least track where the key is beeing sent? just wondering...
Like Barnacules, I keep all my computers updated, and a off line back up. I also do the same thing at work. This has happened before about 10 years ago, without the encryption, that took down a lot of computers all over the US. On of my geek buddy's came in late to work that day complaining he got hacked. The funny thing was, Microsoft had already released a patch for that too.
Andrew Young because this video is not about your computer breaking. it's strictly about losing your files. it doesn't break your computer, just back up your data
Mundie Afterlife you can always get the updates when you go to make a installation media and select update now instead of create a USB or something like that not 100% sure
WannaCry has done something useful for me anyway. I use automatic updates, and it appears windows has been stuck in an "update loop" doing the same 3 updates over and over again since early 2016 on one of my machines. And because I have been seeing the usual "updating" messages I never noticed until I checked windows update on all my machines manually to be sure this update was installed properly. I always used to do it manually, and this might be a good warning for people that having "automatic updates" enabled does NOT always guarantee that you are safe. I'm glad I decided to verify it.
The feren OS Developer No thanks I want a computer that can ACTUALLY play games... Linux is a perfect example of "You get what you pay for"... Since Linux OS's are free, they are all terrible, and lack support from a vast majority of programs. In short a Linux OS is the worst OS.
I Just Changed My Username The messages aren't real. They are made by scammers to get you to download their app or whatever they ask you to do. Just x them out and forget about them because unless you click anything on it you're fine.
yupp. like 99% of all malware and spyware, it's windows only. there are millions of identified malwares targeting windows systems. while there are literally just a few hundred known malwares for linux and mac, most of which are patched and would no longer work. That's Windows vs Linux/Mac for you right there. TA-DA!
My coworker got it so I immediately pulled the power cord and Ethernet cord! Then I found hacks to remove the worm so when I booted the computer up in bios and removed the worm files off it manually! He only lost two desktop files after I cleaned it (it took well over an hour)! Then after I was satisfied because my quick act saved 99% of his files! After a new hard drive and putting his files back onto a fresh install! Thanks the company NAS saved the day!
I'm glad that these tools from the NSA were leaked. It puts users and Windows ahead of hackers no matter how good/bad (in this case it's bad; NSA is usually bad intentions).
ralph ok. two days ago Windows defender kept giving me prompts that threats were detected and that it was removing them, even though that was my first time even being aware that Windows defender existed so I was really worried after hearing about this, but everything's been working fine so I guess I haven't gotten the malware
I wouldn't really trust windows defender all the much when it comes to virus protection and removal. I would personally invest in a different anti virus software.
Dude. Thanks a billion. From the dudes at Tech Tv to you...encompasses my entire time using PC's. I have always had external hard drives but this is my first time making a backup. I also removed all my external drives except for a disposable one. NAS solution for the future. Disposable drive and expendable operating system for now. Thanks.
Creator's update affected my gameplay fps drastically in a bad way - some games were freezing for 2-3 seconds each 15 seconds. I saw decrease in FPS as well. That's why I rolled back.
![[LIVE] : ONE ลุมพินี 76 | คู่เอก "ผึ้งหลวง vs สมิงดำ"](http://i.ytimg.com/vi/9SBshmGQOIM/mqdefault.jpg)
There is a massive Ransomware malware worm virus circulating the globe right now destroying people's data at an alarming rate and even attacking businesses and infrastructure. You need to spread this video far and wide so people install the Windows Updates to prevent it because this virus spreads like wildfire and doesn't even require you to open it or visit a malicious site to get on your machine if you have one of the NSA hacking tool vulnerabilities that could be unpatched on your machine. Please help spread the message and protect people from what might be the most destructive and widespread virus of all time. *Please expand the video description for more information*
Barnacules Nerdgasm does USB work ;-;
What is the newest Windows 10 update version?
Does win8.1 have exploits too and does an update fix them?
Thanks for doing Microsoft's job and letting people know.
are you saying that this virus also encrypts storage drives ?
Like if I have 3 other drives (besides the C:>\) drive..... you're saying this will also hit all my data storage drives too ?
my mum works at a hospital in Southport England and the whole hospital database got encrypted and all operations got cancelled until further notice, this virus is putting lives at risk
Papadingdong well they use windows xp so they asked for it lol
7amada 85 yeah I knew something like this would happen if they kept using Windows XP lol
It's so stupid that people still use XP. Honestly, there's no excuse. It's a 100% necessary expense to upgrade.
+TheCobra Yes but XP no longer received Microsoft support, and is therefore still at risk as no updates are released for it anymore.
The trick is not installing Windows. Linux is the perfect OS for such applications.
*backs up 20 gigabits worth of memes*
Only 2.5 GB? Not bad ;) I have 6 TB to back up :P
These are rookie numbers
lol
20 gigabits = 2.5 gigabytes
I'm disappointment in your meme library
You have a girlfriend?
Me- I used to have one, but she Ransomware.
Big Brother corrected :)
Have my thumbs up my good sir. This was a riveting tale my ol' sport.
Please, just.... stop.
My Instant Search don't get it
The difference between a girlfriend and ransomware. You can just walk away with no repercussions. A girlfriend can makeup stuff. That can cost you your time, money, freedom, and opportunities.
I am backing up data right now. One drive died. I will have two 'new' backups by the end of the week. I will use the other 'x' amount of drives now.
Hmm, I will gladly spend $300 for x amount of new drives. As opposed to paying for a date. Better investment in my time :) !
My tax dollars at work here. Thanks NSA.
Thanks to your tax dollars. The effect isn't limited to USA only lol.
Finally ppl are realizing they are funding the whole thing by paying taxes. Here's the video everyone will be interested in /watch?v=t38MpQh96xA
Think corporate/business and individual taxes come to 2 trillion a year.....Feds spend 8 trillion a year with majority of income for Feds Land Leases and import/export tarrifs on Oil......they just never repealed income tax that was started to fund civil war (Feds historically never repeal taxes...or "Entitlements")
Sumit Singh You say it like it's the tax payers fault.
As someone who has worked in IT for his entire career in various roles, there are three rules I have learned:
1. Always keep your systems up to date - It doesn't matter how much you hate doing updates these are an essential part of owning and maintaining a secure computer system.
2. Security through obscurity is no security at all - Just because you may use Linux or MacOS don't think your system is invulnerable.
3. The only truly secure system is one that is shutdown, switched off at the mains and unplugged.
yea. but pretty much every AntiVirus for linux wont find linux virus'es and only detect windows .exe files.
That's really poor, however detecting Windows viruses is a good thing as it stops them spreading but those companies should also work on detection of Linux viruses as well
* The only truly secure system is one that is shutdown, switched off at the mains and unplugged and locked in the safe.
Franci Šacer OK, I forgot the Safe part 🤣
"Just because you may use Linux or MacOS don't think your system is invulnerable."
And I agree, that's why Apple had to pull their 'Macs don't get viruses' and replace it with 'Macs don't get *PC* viruses'. Hell, even Linux got at least a couple dozen pieces of malware!
However, my (limited) experience with Unix-based OSes show that you require elevation if you want anything that could do any serious damage. Even if you want to mount a disk you need specific permissions.
But then again, there is the temptation to give yourself permanent root because the security restrictions are inconvenient.
This is really bad guys, and it's all the NSA's fault for keeping vulnerabilities to themselves. This pisses me off so bad! See you tomorrow at 8:30am PDT on Twitch.TV/Barnacules to talk about this some more.
Barnacules Nerdgasm does win8.1 have exploits too
Barnacules Nerdgasm you the best
there needs to be a class action lawsuit against the NSA, tomarrow
+Stanimir Ivanov
Yes, Windows 8.1 is affected as well.
does the recent update fix it
Wanna hear a joke? National SECURITY Agency.
UNIX users are sitting back with popcorn and watching this thing unfold
Uh... Linux and FreeBSD are both UNIX operating systems. macOS is a FreeBSD OS and android is a Linux OS. I think plenty of people run UNIX.
Linux != Unix
Okurka Correct. But it does include Linux.
GNU = Gnu's *not* unix.
Richard Case Fair point. Can't argue with that.
As much of a Linux fanboy that I am, I sympathise with all these ppl who were affected. They just want to use technology to better their lives and do better work. Those hackers are just selfish evil ppl.
Totally, and those poor people that had their medical help be cancelled because of those selfish and ignorant jerks.
Adrian Ng They're not evil not selfish. They're information terrorists. Go watch Mr. Robot and Continuum.
I am pretty sure a lot of people who know Linux is a thing gonna switch to Linux.
Adrian Ng selfishness is not evil. selfishness requires thinking rationally whats really best for the long them. making the whole world your enemy is not intelligent/rational;
selfishness is NOT self-destruction.
Here come the mainstream viruses for Linux.
Lots of interesting developments with this threat. The infection chain was halted when a security researcher found a flaw in the program and exploited it, but now new variants are coming out. This could be the ransomware of the year. Not to mention, thanks NSA, for making it possible.
99% chance that I will spot a Linux fanboy saying to switch to linux.
Problem is, Linux can't run 60% of the games in the market, and doesn't have directX.
Edit: already found two
you need to install Linux, I use fedora and have not had any problems with it
How about no. It's my choice to use windows.
b-but muh duructX... the wine time has got it working already and on it's way for better performance
Just Frank why use emulation? It's slower than the real deal.
The usual crappy excuse. Dude less than 10% of computer users run games on their machine (excluding solitaire of course which is on Linux also). The vast majority of gamer use consoles. Btw Directx is so "passé,, the multi platform Vulkan api is the future.
The Health service in England has this. All the hospital can't do operations. They have to use pens and paper. It's like going through a time machine
Imma just leave my computer off.
PCFanatic with the psi cord out
Psu*
are u kidding me i bet u can survive without ur computer also i bet this virus only exists on email links cause thats the easiest way to get ur computer infected and also i mostly dont visit malicious sites as much anymore and im glad also i dont have any viruses yet right now which im lucky
You could use the computer disconnected from the internet. But are you going to like it after 100 years? The worm is out there, it won't be going away. Once the genie is freed there is no putting it back in the bottle.
Brian Black Wasnt there an Arabic story where an evil genie was released from its bottle and tpnesr the end the hero had to do something embarassing or something and the genie would go back in?
There's a small mistake in that video: Attackers usually actually DO go through the trouble making decryption software, because if they didn't, the first people would publically reveal that they got nothing for their money and nobody else would pay.
Here's a joke windows 10S is a ransomeware
Actually the ransomware can't run on Windows 10S...
Unfortunately in corporate enviornments, Windows updates are usually delayed and put through waves of deployments so that in the not so rare case that an update breaks an application or messes up your enviornment with it's update, you have time to figure out a solution or just block that update completely. Most large companies will probably be 1-2 months behind on updates leaving them wide open to the wana crypt0r ransomware... That being said, I'm typing this from my office at 3AM because we're doing an emergency maintenance to push the MS17-010 update to all critical servers on our network. Gonna be a long night.
And I just got a new fucking computer
Also any tips on how to avoid this virus?
It relies on SMB v1, so you can firewall off the SMB ports from the Internet, or disable SMB v1. Otherwise you can just install the latest Windows updates as it was patched in March.
HeyImRed Already patched, really shows how lax companies are.
Use your brain - that's literally it!
Don't open files from people you don't know. Don't click on links in e-mails asking you to click on links, unless you specifically are waiting for an e-mail (like if you signed up on a website that needs you to activate the account by clicking on a link in an e-mail).
Also, you can, of course, buy and install stuff like MalwareBytes 3 Premium (Google it).. They have an anti-ransomware included in the software.
And finally, as Jerry says... Keep your Operating System up-to-date! Download the latest security updates through Windows Update / Mac App Store...
Stay away from porn and keep windows updated.
in the UK, this virus stoped almost 50% of the NHS Accident and Emergency services. This meant people in ambulances were redirected to hospitals over an hour away. according to the news people died because of it.
its horrible.
Thanks for this quick overview. I appreciate you getting this out there so early.
I'm not really from the field, but imho:
- Bitcoin is not technically an untraceable currency. Every transaction is recorded on a public ledger after all.
- The way I understand it, they don't need to send the encryption (one-time session) key to the server. Instead they further encrypt the encryption key with a public key of the attackers (which is sent along in the worm package) and then delete the unencrypted version of the encryption key. Hence the only way to retrieve the encryption key used to encrypt the files is the private key of the attackers.
Hey Barnacules can you do another one showing us how to properly setup a backup system? Something for us consumer plebes
i happen to like mega.nz. about the easiest and most robust automatic solution i have found so far. as far as easy to setup backup systems go. i also use freefilesync to do a manual backup on random occasions, and to backup the files i got from the net that i think would do better off of a cloud based system.
the only issue i have with systems like mega is that i am not certain how secure they actually are. mega seems like the most secure in the lot, at that price point, though.
I also agree that a video covering backups systems would be nice. and of optimal ones for different skill levels.
You could perhaps use a Cloud Backup Solution, I personally am Developing a Custom application that acts as an automatic Backup solution which keeps every backup change and version change.
Mr. Vengeance if you're doing local backups you're doing it wrong, also raid is not backup!
Mr. Vengeance I know, but best practices dictate multiple backups to remote locations if you value your data. Also raid is not fail proof that's why multiple backups are necessary.
I wouldn't use any cloud services for any files that are important to you because the files stored there are not immune to attacks such as this ransom worm. Best form of defense is to buy a large external USB hard drive and backup everything to it. Also get some 3rd party software which will clone your C: drive and save the file to the external USB drive as well and disconnect it from any computer you have online.
Hi Barnacules.Could you please do video about Antivirus programs if you using them, and which is better ?
i agree, im always getting confused about which one is better for what
Common sense antivirus is usually best, plus malwarebytes.
COMODO Antivirus overtook Norton 2 years ago. COMODO is now rated as the best anti-virus company in the world. You should also run Malwarebytes with a anti-virus just to be sure.
Honestly, Windows Defender is all you need.
I use Avast because it's free and has never let me down.
If you plan on using a non-free AV please buy it, don't pirate your AVs kids.
1 day after I watch this video all of my school computers get the virus lol. my school has 300 or so laptops and about 75 PCs and the technicians have no idea what to do (they don't know how to do a factory reset or anything)
Barnacules, you are NOT stupid. You are sharing information that people need to know. And don't let anyone tell you different! Thank you for your informative video.
Although the vulnerability was patched in March, not all organizations can quickly apply all updates due crappy out of date vendor software that only supports older stuff. If you can't apply the patch, disabling SMB v1 is a good mitigation.
SMB v1 is still enabled by default in all current versions of Windows, however it has not really been needed since XP/Server 2003 which were the last versions to use it before SMB 2/3 replaced it.
Basically if you're a home user, you can disable SMB v1 with a few simple commands without any issues. If you're a large enterprise, you need to perform some audit work first and check if anything else on your network uses SMB v1 first.
Stay safe! The Internet is a dangerous place.
i legit just ran off the toilet to my computer and pressed check for updates lol
I hope they get my schools network XD
AfroBearGaming well my school runs with windows 2003 crap sooo
get a shit computer, connect it to your home internet and disconnect everything else. even your phones.
download the virus. put on pen drive, power off computer. unplug from network and do a complete reinstall of the OS. plug pen drive into school computer... throw away
AfroBearGaming No you dont - because then the Guys from WannaCrypt then have all data of you schoolmates & yours. thought about that?
AndroidGenius, has someone even looked at their total upload amount from their router after getting attacked to see if it is actually sending the files back to them before deleting?
I honestly believe its just deleting them off your computer and not sending them anywhere.
The amount of storage they would require to hold all this "stolen data" would be massive, and the large amount of internet traffic going to their location through onion routers or not they would get found so much easy.
If you get infected i would disconnect the computer from the network and power it off ASAP, take out the harddrive and format it with another computer (thats up to date\windows 10) then use "Ease US" or whatever harddrive recovery program floats your boat, do a full scan, copy all the content you want off the formatted harddrive .
put harddrive back in other computer, fresh install of OS
They're not stealing daty Android, they're encrypting it, so no, they will not have all of their data.
Ooo, im glad i saw this video!I had never gotten the updates, but as soon as i saw this i installed them and told my family to do the same.Thanks for spreading awareness!
can't I just shut the computer down (out of the network and physically) and wait till the whole thing is over/calmed down? I don't want to risk it while this thing is out.
Runs in background... startup hides copies in registry and even it can climb out of a VM !!!
Zaid Ahmed I was thinking about it, but I guess it would've been very long until they clean up the worm and ransomware.
Zaid Ahmed you will need to remove the cmos battery or any other way the computer can know the time
No you can't, this be on the internet for years.
This must be why all my antivirus apps decided to force update yesterday
Hearing that this attack has hit hospitals is creepy considering a couple weeks ago the tv show Chicago Med had a story dealing with this exact issue.
It is my understanding that for most ransom-ware, they do send the key after paying. They have a strong motivation to send it. If they did not, word would get out and then a lot less people would pay. They get more people pay by sending the key to you.
Too bad my trash computer doesn't want to install updates, like, at all.
Random Guy It's an OEM, so I can't really reinstall it and I doubt it would handle it anyway.
OEM's should be re-installed as soon as you plug them in out of the box to remove all the 'bloat ware' which often has the benefit of speeding up the computer some. And all you have to do is is use someone's copy of windows with your key that's on the machine somewhere or in the documentation as long as you are installing the same version as your key (Home or Pro etc.)
block TCP in firewall.
Inzanexx715 No, the updates download just fine, but they don't install properly and I have to go into Safe Mode and uninstall the update. It only happened with SP1 so far, but I don't think other updates will work either. Also, I have Windows 7 Home Premium, not Win10.
SP1=Service Pack 1
I also recommend that windows 7 users go to control panel
Then go to the backup and restore and create a system image.
And save that image to an external HDD and keep that drive in the cupboard.
thank you so much. I have tried explaining this to so many people already and they just didn't get it, but you explained it way better than I did. I will be sharing this a bunch of people. btw I would let people know that a drive format will at least get them their computer back just without any of the data.
wrote a long facebook status about the issue and shared with all my friends and their friends and their friends etc etc etc.... hope this will save some of them. thanks for sharing barnacules.
Why would I power my PC down if it's infected and count it as a loss? I can just reformat or replace my hdd/ssd.
the "LOSS" is losing your data
BACKUP everything that is IMPORTANT to any device that isn't connected to your pc
cloud and other online storages MAY BE good but i don't recommend it..
SAVE your DATA..IMPORTANT DATA in a device that isn't connect to your pc like USB or other stuff
What one should do if they were infected is immediatly remove all connections from the internet, then format the hdd/ssd's, reinstall windows (or smite them with linux), and bam, clean! :D
Turn it off so that the virus doesn't search for other computers in a network with the vulnerability and executes the code to infect their computers.
Chris If you decide to do so. Then you already done the count loss process. Because you don't have important data. You have already been through the process.
Some of the tools that were released/used by NSA were ones that can access you hard drive's firmware and infect your computer indefinitely, even after reformat. Remedy of that is quite complex. Instead of going through all the technical details for average consumers like yourself, Barnacules just tells you to write the computer off and buy a new one, since many people don't have just 1 drive in their computers anymore and any of them could be infected.
I agree with Barnacules, just write it off. It's scenarios like these where prosumers are actually worse, because they know more than average, but not enough to actually fix the situation, they just think they know better, making it a lot worse.
With the shit show that's currently going on through corporation scene here in UK, had any of my home computers been infected, I'd just power them down, put them in corner and wait few weeks, maybe months, before the situation calms down and actual removal tools are out packed along with popular antivirus software. Only then I'd even consider powering the boxes up, on completely separate network, and even then I'd throw away the hard drives and just buy new ones.
tfw i have no important files on my pc
if you can't install the update Goto Network and internet > Network and sharing centre > Change Advance Sharing Setting And turn off the File printer service For both public and private This option closes port 445 and 135 Effectively becoming immune to SMB Exploits such as MS17-010 Which I presume the WANNA Crypt worm uses
That part about hospitals...
I've seen people say that when we develop mechanical enhancements for our body we will be vulnerable to hackers.
This shows that even now people's live can be put at risk by hackers. Even today, we can be affected in a very physical way by hackers.
The human race has become so dependant on their tech, but too many people see it as a nerdy thing that doesn't affect them.
People need to begin treating tech like a body part. It is so vital to our lives but the NSA and hackers treat it like a toy to mess around with.
I put a pad lock on my computer case; no one can get in it so I am good.
The A&E at my mums work has been shut down since midday Friday because of this
From it's end, People always told me "Just upgrade that XP box to 7!"
But when the computer next to that HAD 7 and got this ransomeware but XP didn't...
My point still stands!
Good job NSA for making the world safer
Or just type in cmd:
netsh advfirewall set allprofile state on
netsh advfirewall firewall add rule name=deny445 dir=in action=block protocol=TCP localport=445
Chenghao Meng you da real mvp
Chenghao Meng what does this do? Should I do it to my home PC? Or is this for commercial networks?
@Gary I think it blocks the ports the worm uses to spread.
Shh, how will he get revenue otherwise?
ProPlayz Port 9.615723196941E238? Didn't know you could have that high ports
the guys that disliked this video are the same hackers that made this worm
One of my clients actually got infected by Locky like an year ago, but they decided to pay the ransom fee and got their files back.
So It's not that dark out there!
Glad to see you doing well Jerry. Proud that you seem up beat and producing videos.
Cant you just wipe the drive and reinstall Windows with no further problems???
Yes. That's what I do about once a year just to keep my system clean. I don't care if I lose some lolcat pictures in the process. I have all my important stuff like resumes etc on USB sticks.
USB sticks can and do fail. I've had more USB sticks crap out on me than hard drives.
USB sticks will save the world! xd
Thank You for this important video
Dude, shared on facebook. Awesome video. I first heard about this on Friday and the radio. I hit all the NHS (National Health Service) 24 hospitals and even a few major companies got hit. I hope the U.S. Government liquidate the NSA. I heard that most of the systems in the UK that were hit. Where still using the version of XP even the NHS are still using the decades-old system. I honestly think that is will show that services like health, can't still use old unsupported OS's.
I run Linux but it is not imperfect , if you have wine installed it will still run. If it's written in s cross compatible language like c without any os specific dependencies it will still run.
Jerry telling us to update windows. This is serious
8:04
This is confusing a lot of people and I have no idea why you put it that way? It's very misleading.
Yes, unplug your PC from the net, but there is no need to call your whole PC "dead" or even the HDD. Just reformat and reinstall Windows and you're good.
but you still loose all your data...
When you reinstall Windows you get the net access running before it installs the updates. Just wondering how reinstalling wont just result in it getting infected a second time?
you shouldn't ever be interfacing to the internet in a way that would permit any random inbound connections
if you are its your own fault
So you cant get infected by just connecting to the internet with an unpatched Windows? I thought that was the whole point of this video? When he was talking about the worm just trying IPs until it finds an unprotected machine I thought that included machines connected to the net, he even said the internet is just a huge LAN? If you reinstall Windows, you have an unpatched Windows and it remains that way until you connect to the net and get the updates?
It doesn't spread across the internet any longer someone found the "kill switch" and why reformat and reinstall if you have a proper image backup solution.
thank you for taking the time to let us know!
From what i heard this worm was pointing to a domain name that was so far unclaimed and said domain name functioned like a kill switch, as long as the domain name was unclaimed, the worm continues to spread. HOWEVER a researcher discovered this, claimed the domain and activated WannaCry's kill switch. So, for the time being at least, we are safe
Of course the NSA caused this!
You can just reformat your pc though right? I don't see why you have to lose a whole computer over this.
You won't lose the computer. But you will lose all of your data and you will have to reinstall windows.
Josh, can something like this install itself to the firmware? I have never heard on how possible or level of difficulty of doing that.
It is possible that it can install itself into firmware. But I would classify that as very unlikely. You would need to write different code for every motherboard that exists out there. Otherwise the code wouldn't run (which could brick your machine, so it wouldn't start anymore).
It is easier to install it only on the software-side of things. And most people who know how to get rid of a virus in windows (reinstall windows) are very unlikely to pay anything to them. The only reason I could see to install something in firmware is to spy on someone. And that is something that has been done by the NSA.
One of the lead programmers of TOR bought a new laptop. This laptop was shipped straight to the NSA who infected the UEFI and then to the lead programmer. Granted they had hardware access to install the malware, but I'm pretty sure you could do this also without hardware acces. It might be more difficult but not impossible.
No it can't because all this worm is designed to do is use the exploit to encrypt you data.They would have to completely rewrite the worm and it would be difficult to remove which is not the purpose of these people.IF people started saying paying does nothing then no one would pay them right? Most businesses anyway backup there data so it's not a huge lose just time consuming and annyoing. People these days NEED to understand how important it is to back up your data onto a separate drive or cloud service.
A format may not work, even if you zero the drive i've seen crypos survive a zero. Last big one took out a client of mines in my last company lucky we had offsite backups
Here's what i recommended for backing up data
*-External Hard Drive*
*-USB Flash Drive*
Here's what i *DON'T* recommended for backing up data
*-Cloud servers*
I understand the fear and paranoia. It's pretty simple; Block SMB if you're part of a network, else _carry on_ and don't open E-Mails you never expected unless you can confirm beforehand what the contents are. Also, Ransomware is a business. You get repeat customers by providing "clients" the key, so from a business perspective it's no use screwing your "Customers" over because then future efforts won't pay out as much if a user believes the key won't be given.
Meanwhile, Linux Sys Admins and users sit and eat popcorns looking at their Windows counterparts.
i have windows 7 64 bit and i dont see an update that says it was published this year, is that normal?
Jerry said they patched it on windows 10 but im not sure if windows 7 was affected so maybe they didnt need to patch it?
If anyone have info please respond, thanks
_bOi
I think this is Microsoft scaring people to get windows 10. checkmate on Microsoft 's part.
you avoid the worm by getting windows 10 and updating it.
or you get infected loose all data and install windows 10.. Microsoft wins.
_bOi
I think this is Microsoft scaring people to get windows 10. checkmate on Microsoft 's part.
you avoid the worm by getting windows 10 and updating it.
or you get infected loose all data and install windows 10.. Microsoft wins.
_bOi get windows 10 its good 30 mins of cleaning microsofts spyware and intaling some new drivers and ur good
then you reboot and MS puts everything you removed back on
What are you talking about Variable? I already ran windows update and nothing is listed with that KB number for W7. Maybe you should be more specific of which type of windows you are talking about, as well as include if it is 32 bit or 64 bit.
It's a good thing I back up my files religiously. If it happened I'd kiss those files goodbye. Erase and Rewind, Reformat and Restart.
It is responsible for corporate machines being compromised. Patching is tedious, but not difficult with tools like WSUS, which comes with Windows Server. GPOs can be used to push-down Windows Update settings amongst many other things.
I have a Western Digital external hard drive on a Windows 10 PC that I back up to. The default schedule is every hour. Should I disconnect it after scheduled back up. So I have to disconnect and connect constantly. I swear people are so vicious and mean. I hate all this. Stress
JeanneStar101 you should. or just buy another one and do that. also, every hour?
JeanneStar101 Why every hour??
***** Windows 10 backup settings default is every hour it backs up. You can change it up to Daily. But if default is every hour then maybe that's a better way. But removing a storage device is another matter.
JeanneStar101 yes you should remove it :)
He says so in the video
Jeanne, your back-up when connected to your computer is just a hard drive that can be encrypted if the computer becomes effected by this virus. Disconnecting it stops that potential, but reconnecting for updates starts the problem again.
Other back-up methods like an online back-up service don't have that issue because that back-up is managed by a separate computer.
For now the most important thing is to get you windows up to date. Then maybe look into another back-up option like an online system Nothing wrong with having 2 back-ups btw.
I thought i was going to be getting money from the Nigerian prince
Me too! Bummer :(
Thanks for the heads up bro! Shared this on FB in hopes it helps others
This is why I use a Linux server to back up my files - not because I believe Linux to be impenetrable or even necessarily inherently more secure than Windows - but because my main desktop is Windows. It is therefore highly unlikely that there will ever be an exploit affecting both simultaneously.
Hey Jerry,
doesn't the thing just encrypt your NAS as well as it is just attached to the network? Maybe you can do a video on how to properly set up (permissions etc) in order to have a solid backup strategy...?
This is one case where Windows 10 really is better than Windows 7. But in any case, didn't Microsoft patch this a month ago? Did IT not download the software update?
We still have XP computers at work, running software drivers for scientific equipment that's 20 years old. but it's policy now to never connect those to the internet. Some departments with their own IT have put foam in the ethernet ports...
ChannelName Windows 10 still had the exploit....
the problem is that a lot of IT departments in large companies control windows updates. individual computers are not allowed to update. IT pushes out the relevant update after checking what applies to them. and thats just for users computers. most servers cant be on auto update... just imagine if a server decides to update and reboot in the middle of a work day.... even minor companies can have 10's if not 100's of "servers" .
+ChannelName
Are the XP computers connected to any network?
Wait, does that mean xp is not affected by this virus
Guess I will have to update my windows 3.11, 95, 98 and XP machines that are still on the home network... lol
This was on the news this morning. Way to make my parents ACTUALLY LISTEN!
"This virus is a worm, and doesn't have to be installed" unplugs all internet in the house
Stop using Windows is another option.
My pc hasn't been plugged in since december last year, my computer can't be infected right?
XD
My wife is a high school teacher, the school has had their internet shut since Friday and its still shut down, I suspect due to this Ransomware.
If all the computers were infected on the same network the worm would be a botnet
so can windows 7 computers be updated and patched? Microsofts fuckery is confusing
Ballade90
_bOi
I think this is Microsoft scaring people to get windows 10. checkmate on Microsoft 's part.
you avoid the worm by getting windows 10 and updating it.
or you get infected loose all data and install windows 10.. Microsoft wins.
ok so the key is sent from the victim to the attacker right?
what if the victim is running any kind of sniffer on the network can they say sniff out the key or at least track where the key is beeing sent? just wondering...
It's pointless because the connection is encrypted. You wont see the key go thru.
Thanks NSA for keeping us safe
Like Barnacules, I keep all my computers updated, and a off line back up. I also do the same thing at work. This has happened before about 10 years ago, without the encryption, that took down a lot of computers all over the US. On of my geek buddy's came in late to work that day complaining he got hacked. The funny thing was, Microsoft had already released a patch for that too.
Can we just format the computer instead of dumping it as dead? :(
Insane CoolAid yes you can! Not sure why that wasn't said in the video! Then reinstall windows and you should be fine!
Andrew Young because this video is not about your computer breaking. it's strictly about losing your files. it doesn't break your computer, just back up your data
I think to consider your data a complete loss is what he meant, but I can understand that's what it sounded like.
I wonder if: You get infected>format drives>reinstall windows>connect it to net to download updates>you get infected...
Insane CoolAid I have seen ransomware that fucks your bios
lol when i installed win 10 a year ago i used 3rd party app to permanently disable windows updates/windows defender/firewall
Mundie Afterlife you can always get the updates when you go to make a installation media and select update now instead of create a USB or something like that not 100% sure
Okay... that's not particularly smart.
that's not a problem. just go to services and enable windows update service.
Mundie Afterlife Why the fuck would you want to do that?!
Windows Updates sometimes change your HWID and there are paid programs that check your HWID.
Honestly this was your most professional video because you weren't screwing around
WannaCry has done something useful for me anyway. I use automatic updates, and it appears windows has been stuck in an "update loop" doing the same 3 updates over and over again since early 2016 on one of my machines. And because I have been seeing the usual "updating" messages I never noticed until I checked windows update on all my machines manually to be sure this update was installed properly.
I always used to do it manually, and this might be a good warning for people that having "automatic updates" enabled does NOT always guarantee that you are safe.
I'm glad I decided to verify it.
#WatchesOnLinux
Join the master race, don't worry about WannaCry.
What distro and DE do you use? I have Arch with Xfce and it's great
My own Distribution (Clue's in the name) with Cinnamon
lol ive tried feren os its pretty bad
The feren OS Developer No thanks I want a computer that can ACTUALLY play games... Linux is a perfect example of "You get what you pay for"... Since Linux OS's are free, they are all terrible, and lack support from a vast majority of programs. In short a Linux OS is the worst OS.
chdreturns Of course. What do you expect? You can't just make an OS like Windows just to be released for free.
So this ransomware only affects windows PC's?
Some Protagonist im on my android phone and got a message from them
I Just Changed My Username The messages are fake dumbass.
Kyle what do u mean fake?
I Just Changed My Username The messages aren't real. They are made by scammers to get you to download their app or whatever they ask you to do. Just x them out and forget about them because unless you click anything on it you're fine.
yupp. like 99% of all malware and spyware, it's windows only. there are millions of identified malwares targeting windows systems. while there are literally just a few hundred known malwares for linux and mac, most of which are patched and would no longer work. That's Windows vs Linux/Mac for you right there. TA-DA!
My coworker got it so I immediately pulled the power cord and Ethernet cord! Then I found hacks to remove the worm so when I booted the computer up in bios and removed the worm files off it manually! He only lost two desktop files after I cleaned it (it took well over an hour)! Then after I was satisfied because my quick act saved 99% of his files! After a new hard drive and putting his files back onto a fresh install! Thanks the company NAS saved the day!
I'm glad that these tools from the NSA were leaked. It puts users and Windows ahead of hackers no matter how good/bad (in this case it's bad; NSA is usually bad intentions).
what if windowsupdate doesnt work? you know, like w10 does, nothing works as intended
WIN+R => services.msc => windows update => properties => choose automatic instead of disabled.
+1
so you just assumed I had it disabled?
how exactly would you know whether or not your computer has the ransomware? Does it literally just stop working?
cant open any files
ralph ok. two days ago Windows defender kept giving me prompts that threats were detected and that it was removing them, even though that was my first time even being aware that Windows defender existed so I was really worried after hearing about this, but everything's been working fine so I guess I haven't gotten the malware
popol7ik files go blank, you get this message that won't go away asking for money
I wouldn't really trust windows defender all the much when it comes to virus protection and removal. I would personally invest in a different anti virus software.
you got some absolutely clear and beautiful video quality holy crap
Dude. Thanks a billion. From the dudes at Tech Tv to you...encompasses my entire time using PC's. I have always had external hard drives but this is my first time making a backup. I also removed all my external drives except for a disposable one. NAS solution for the future. Disposable drive and expendable operating system for now. Thanks.
Can someone please link me to the newest patch for Windows 7 I can't find it.
search in your system settings, i think
Go to your control panel, search "Windows Update" in the search bar, then click on the windows update link. Then you can update.
Luckily i didnt get this worm, ill install every single update now and buy some backup storage. Thank you, this was very helpful.
It hit surveillance systems for major corporate distributions centers.
Creator's update affected my gameplay fps drastically in a bad way - some games were freezing for 2-3 seconds each 15 seconds.
I saw decrease in FPS as well.
That's why I rolled back.
*Updating*
...
...
*Updated*
LMAO it automatically installed it on my computer while I was video editing-
luckily I saved it I AM THE ONE
R.I.P
my lung collapsed the other day and now the doctors do not have the records of it and the appointment I was meant to have has disappeared.
Thanks Barnacules for making this video and explaining how all this works. Ill share it as much as I can :)