It is reported that the ransomware spread by "Eternal Blue" is mainly ONION and WNCRY, and the disk files of the victim machine will be tampered with with the corresponding suffix, and all kinds of materials such as pictures, documents, videos, and compressed packages cannot be opened normally, and only by paying the ransom can they be decrypted and restored. The ransom amount of these two types of ransomware is 5 bitcoins and 300 US dollars, equivalent to more than 50,000 yuan and more than 2,000 yuan respectively.
According to the monitoring data of 360 security engineers for campus network ransomware incidents, the ONION virus first appeared in China, with an average of about 200 attacks per hour and more than 1,000 per hour during the night peak period. The WNKRY ransomware was a new global attack on the afternoon of May 12 and spread rapidly across China's campus network, with about 4,000 attacks per hour during the night peak.
Recently, the US National Security Agency (NSA) hacker arsenal was exposed, among which a number of weapons for remote attack on Windows systems have been exposed online, and anyone can use NSA weapons to attack other computers. In this regard, 360 Security Guard urgently launched the "NSA Arsenal Immunity Tool" on the evening of April 19, which can detect and repair vulnerabilities and shut down high-risk services with one click, so as to fully immunize against NSA hacking weapons.
NSA Arsenal Immunity Tool Download Address: http://dl.360safe.com/nsa/nsatool.exe
The disclosure of the NSA arsenal is known as the "nuclear bomb crisis" of the cyber world, and there are ten hacking tools that affect individual Windows users, including Eternal Blue, Eternal King, Eternal Romance, Eternal Collaboration, Emerald Fiber, Eccentric Gopher, Eskimo Volume, Elegant Scholar, Wings of Eclipse, and Respect Censorship. These tools can remotely break through about 70% of the world's Windows systems, without any user operation, as long as they are connected to the Internet, they can invade computers, just like famous worms such as shock waves and shock waves can instantly wash the Internet.
According to Microsoft's official response, the Windows system vulnerability attacked by the NSA arsenal has been fixed in a recent patch. However, for Windows XP, 2003 and other system versions that have lost Microsoft support, they are still in a state of "naked running". In addition, Win7, Win8 and even Win10 users who did not install the patch in time are also at risk due to the vulnerability affecting the entire range of Windows versions.
For different versions of Windows users, the 360 "NSA Arsenal Immunity Tool" can scan the system environment, accurately detect whether the vulnerabilities used by the NSA arsenal have been fixed, and prompt users to install the corresponding patches. For users of unpatched system versions such as XP and 2003, defense tools can help users turn off high-risk services, so as to be completely "immune" to system vulnerabilities attacked by NSA hacker weapons.
Attached: Top 10 hacking weapons in the NSA arsenal that affect individual Windows users
1. EternalBlue: SMBv1 vulnerability attack tool, affecting all platforms, has been fixed by Microsoft patch MS17-010. Systems in the Microsoft support period can use 360 Security Guard to detect and fix vulnerabilities, and systems outside the support period can use the 360 "NSA Arsenal Immunity Tool" for immunization.
2. EternalChampion: SMBv1 vulnerability attack tool, affecting all platforms, has been fixed by Microsoft patch MS17-010. Systems in the Microsoft support period can use 360 Security Guard to detect and fix vulnerabilities, and systems outside the support period can use the 360 "NSA Arsenal Immunity Tool" for immunization.
3. EternalRomance: SMBv1 vulnerability attack tool, affecting all platforms, has been fixed by Microsoft patch MS17-010. Systems in the Microsoft support period can use 360 Security Guard to detect and fix vulnerabilities, and systems outside the support period can use the 360 "NSA Arsenal Immunity Tool" for immunization.
4. EternalSynergy: SMBv3 vulnerability attack tool, affecting all platforms, has been fixed by Microsoft patch MS17-010. Systems in the Microsoft support period can use 360 Security Guard to detect and fix vulnerabilities, and systems outside the support period can use the 360 "NSA Arsenal Immunity Tool" for immunization.
5. EmeraldThread: SMBv1 vulnerability attack tool, affecting XP and 2003, has been fixed by Microsoft patch MS10-061, and related system users can use 360 Security Guard to detect and fix vulnerabilities;
6. ErraticGopher (Weird Gopher): SMB vulnerability attack tool, affecting XP and 2003, no patch, related system users can use the 360 "NSA Arsenal Immunity Tool" for immunity;
7. EskimoRoll: Kerberos vulnerability attack tool, affecting domain control servers in 2000/2003/2008/2008 R2, has been fixed by Microsoft patch MS14-068, and related system users can use 360 Security Guard to detect and fix vulnerabilities;
8. EducatedScholar: SMB vulnerability attack tool, affecting VISTA and 2008, has been fixed by Microsoft patch MS09-050, and related system users can use 360 Security Guard to detect and fix vulnerabilities;
9. EclipsedWing: Server netAPI vulnerability attack tool, affecting all system versions 2008 and before, has been fixed by Microsoft patch MS08-067, relevant system users can use 360 Security Guard to detect and fix vulnerabilities;
10. EsteemAudit (Respect Review): RDP vulnerability remote attack tool, affecting XP and 2003, no patch, related system users can use the 360 "NSA Arsenal Immunity Tool" for immunization.
Option 2:
Execute the following script, the script command means to block external networks from accessing the native TCP and UDP ports 445.
|
Posted on 5/15/2017 9:32:19 AM
|
|
|
|
Landlord