Today we are going to discuss about the thing which threatning the whole internet world from past few days and i.e Wannacry Ransomware. In this article we will discuss about What is Wannacry Ramsomware? and How to fix it and Avoid it?
Nowadays whole internet world is under fear of a Ransomware attack, affecting almost 200,000 organisation is 150 countries which includes dozens of hospitals in UK, Spain’s largest telecom company, buisnesses like FedEx, Universities and many other organisations. According to the Kaspersky Lab, the most affected countries are India, Taiwan, Russia and Ukraine.
The ransomware is named as “Wannacry” Ransomware which targets computers running on Microsoft Operating Systems.
The ransomware code is named as “WanaCrypt” and has been in use by criminals since February. Nowadays, a new variant named WannaCry was created that makes use of a exposure in the Microsoft Windows Operating System that was patched by Microsoft on March 14. Computers that have not installed the patch are potentially exposed to the malicious code, according to a Kaspersky Lab blog.
Once infected with WannaCry, it makes users’s computers locked and useless unless and until a payment is made to those who hacked the system. It locks files on the computers and requires victims to pay $300 per computer, that is to be paid via Bitcoin, an digital currency which cannot be traced, in order to regain control on the system.
Infected computers shows a screen with a warning from hackers that payment should be paid within 3 days, after three days price would be doubled and after seven days, the files would be deleted permanently.
What is Ransomware?
Ransomware is a type of cyber attack that allows hackers take control of a computer system and blocking access to it until a ransom is paid. For cyber criminals to gain access to the system they need to download a type of malicious software onto a device within the network. This is often done by getting a victim to click on a link or download it by mistake.
Once the software reaches victim’s computer the hackers can launch an attack that locks all files it can find within a network. This tends to be a gradual process with files being encrypted one after another.
- Andhra Pradesh Police, India
- Aristotle University of Thessaloniki, Greece
- Automobile Dacia, Romania
- Cambrian College, Canada
- Chinese public security bureau
- CJ CGV
- Deutsche Bahn
- Dharmais Hospital, Indonesia
- Faculty Hospital, Nitra, Slovakia
- Garena Blade and Soul
- Harapan Kita Hospital, Indonesia
- Instituto Nacional de Salud, Colombia
- Lakeridge Health
- LATAM Airlines Group
- Vivo, Brazil
- Ministry of Internal Affairs of the Russian Federation
- Ministry of Foreign Affairs (Romania)
- Russian Railways
- National Health Service (England)
- NHS Scotland
- Nissan Motor Manufacturing UK
- O2, Germany
- University of Milano-Bicocca, Italy
- Portugal Telecom
- São Paulo Court of Justice
- State Governments of India:
-Government of Gujarat
-Government of Kerala
-Government of Maharashtra
-Government of West Bengal
- Sun Yat-sen University, China
- Telenor Hungary, Hungary
- Telkom (South Africa)
- Timrå Municipality, Sweden
- Universitas Jember, Indonesia
- University of Montreal, Canada
How to Fix WannaCrypt Ransomware?
1. Reveal Hidden Data:
- Press CTRL+SHIFT+ESC
- Go to the ‘Processes Tab.’
- Go through the list of processes and try to find determine which processes are dangerous.
- Right click on each of them and select ‘Open File Location.’ Then scan the files.
- After you open their folder, end the processes that are infected, then delete their folders.
- If you suspicious about any file/folder – delete it, even if the scanner doesn’t flag it. Note that no anti-virus program can detect all infections.
2. Remove the Suspicious IPs:
- Hold the Start Key and R, then copy paste the following and click OK.
- A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom.
- Type msconfig in the search field and hit enter.
- Now a window will pop-up:
- Go to Startup > Uncheck entries that have ‘Unknown’ as Manufacturer.
3. Now Boot your PC into Safe Mode
How to Avoid Attack by Ransomware?
- Be careful every time you go on the Internet.
- stay away from websites that appear shady and unusual.
- Avoid opening unknown emails or replying to any messages from an unknown sender that are sent to any of your social network accounts.
- Do not click on links sent by unknown email address. Avoid clicking on anything that doesn’t look safe for example ads, unwanted links, browser warnings, etc.while surfing on internet.
- Don’t download/install malicious applications.
- Get Antivirus installed in your system and update it regularly. Antivirus provides greater protection against Trojans which are sometimes used to infect systems with Ransomware.
- Back-up your valuable and important files regularly.
How to Recover Wannacrypt Files?- Step by Step
- Type Regedit in the window’s search field.
- Press Enter
- Now, press CTRL+F and type the virus’s Name.
- Search for the ransomware in your registries and delete the entries.
- Be extremely careful a little mistake can damage your system if you delete entries not related to the ransomware.
- Type each of the following, in the Windows Search Field:
- Delete everything in Temp. The rest just check out for anything recently added.