since 12, a virus called "WannaCry" across the globe, the use of the NSA hackers in the toolkit "eternal blue" zero day vulnerabilities, through port 445 (file-sharing) trying to worm transmission, if the user doesn't install Windows patch in time, this virus is basically in a state of no solution.
as of yesterday, there have been hundreds of countries and regions, hundreds of thousands of computers were infected, including some universities in our country and large enterprise Intranet also suffered to the spread of the virus.However, extortion WannaCry virus continues to spread.
so, "WannaCry" what is a virus, how, why so serious consequences?According to CCTV news report, a reporter at the scene of demonstrates the virus, let us in the most intuitive way to understand it left left left
before poisoning (red box is the demonstration of extortion virus)
after the poisoning
as shown above, before the poisoning, the file on the desktop can be normal open.Then, technicians, double click the red box virus file, virus immediately activated, desktop first appeared a lot of accessories, and then the computer black screen, less than ten seconds, all the user file is encrypted in the computer can not open.
it is understood that after the poisoning, the virus can encrypt the effects of computer files, hackers to users blackmail COINS worth $300, three days have not received a ransom, double claim amount, seven days have not received, will delete the file, as your lost files.
this blackmail the worm is spread against Microsoft eternal blue hole and attack. once the computer infected with the virus, infected computers will be active to random attacks on other computers in a network, local area network (LAN) without fixing bugs in the computer theory was infected with the virus .And the flaw in Microsoft patch has been released in March this year, holes for the repair.
in addition, the for frequently used in the network antivirus U disk and mobile hard disk, to ensure that the virus spread not in the network.
it is understood that after the outbreak of national computer virus emergency response center staff has been studied the virus, the at present although against the virus could be killing, but be decrypt the encrypted files can't be temporarily restored.File will be decrypted after although pay a ransom, but increased the risk of personal information exposure, might become a target of the secondary attack.