WannaCry Ransomware Yana da Kuskuren Coding Wanda Zai Iya Taimaka Maka Maido da Fayiloli Koda Bayan Kamuwa da Cutar

A cikin watan Mayu 2017, WannaCry, fansa wataƙila ya haifar da matsala a duk duniya lokacin da ya buga kusan PCs 300,000 a cikin ƙasashe 150 cikin awanni 72 kawai, amma wannan ba yana nufin babban yanki ne na fansa ba. Ee, masu binciken tsaro a Labaran Kaspersky kwanan nan sun gano wasu kurakurai na shirye-shirye a cikin lambar WannaCrypt tsutsar tsutsar ciki.

Waɗannan kuskuren shirye-shiryen a cikin lambar WannaCrypt fansware na iya ba da damar wasu waɗanda abin ya shafa don dawo da fayilolin da suka kulle tare da kayan aikin dawo da kyauta kyauta ko da tare da umarni masu sauki, ba tare da biyan kowane maɓallin yanke hukunci ba.

Anton Ivanov, babban manazarcin masarrafar a Kaspersky Lab, tare da abokan aikinsu Fedor Sinitsyn da Orkhan Mamedov, bayan sun zurfafa bincike kan malware, sun yi bayani dalla-dalla manyan kura-kurai guda uku da masu haɓaka WannaCry suka yi wanda zai iya ba sysadmins damar dawo da fayilolin da suka ɓace.

A cewar masu binciken, batun yana kasancewa a yadda malware ke aiwatar da boye-boye.

“Lokacin da Wannacry ya rufa wa wanda aka azabtar ta, yana karantawa daga asalin fayil, ya rufa abun ciki ya adana shi a cikin fayil din tare da karin“ .WNCRYT ”. Bayan ɓoye ɓoye yana motsa “.WNCRYT” zuwa “.WNCRY” kuma zai share ainihin fayil ɗin. Wannan tunanin sharewa na iya bambanta dangane da wuri da kaddarorin fayilolin wanda aka azabtar. ”

WannaCry yana kwafe fayilolin kuma ya kirkira kwafinsu wanda aka rufesu saboda ba zai yiwu ba ga wata manhaja mai cutarwa kai tsaye ta rufa ko gyara fayilolin da aka karanta kawai. Duk da yake fayilolin asali ba su taɓa taɓawa ba amma ana ba su sifa ta 'ɓoye', dawo da ainihin bayanan kawai yana buƙatar waɗanda aka cutar su dawo da halayen su na yau da kullun.

https://www.alltechbuzz.net/fix-wannacrypt-ransomware-backdoor/

Murmurewa da Fayiloli daga Tsarin Drive (watau C drive)

A cewar masu binciken, fayilolin da aka adana a cikin 'mahimman fayiloli', kamar Desktop ko Documents babban fayil, ba za a iya dawo dasu ba tare da maɓallin yanke hukunci ba saboda WannaCry an tsara shi don sake rubuta fayiloli na asali tare da bazuwar bayanai kafin cirewa.

WannaCry Ransomware Yana da Kuskuren Coding Wanda Zai Iya Taimaka Maka Maido da Fayiloli Koda Bayan Kamuwa (1) — Sunan fayilolin asali waɗanda za'a sake dawo dasu daga% TEMP%

Koyaya, masu bincike sun lura cewa sauran fayilolin da aka adana a waje da 'mahimmin folda' akan tsarin komputa za'a iya dawo dasu daga babban fayil na ɗan lokaci ta amfani da software na dawo da bayanai.

“Idan an adana fayil ɗin a wajen manyan fayilolin 'mahimmanci', to asalin fayil ɗin za a koma% TEMP% \% d.WNCRYT (inda% d ke nuna ƙimar lamba). Wadannan fayilolin suna dauke da bayanan na ainihi kuma ba a sake rubuta su ba, kawai an share su daga faifai, wanda ke nufin akwai babbar dama da za a samu damar dawo da su ta hanyar amfani da manhajar dawo da bayanai. ”

Murmurewa da Fayiloli daga Drian Tsarin-Tsarin Tsarin

A cewar masu binciken, ga wadanda ba na tsarin ba, WannaCry Ransomware ta kirkirar wani boyayyen fayil '$ RECYCLE', wanda ba a iya ganin sa a cikin Windows File Explorer idan yana da tsari na baya-baya. Malware din sai ta motsa fayiloli na asali zuwa cikin wannan kundin adireshin bayan ɓoyewa. Koyaya, zaku iya dawo da waɗancan fayilolin ta hanyar ɓoye babban fayil ɗin '$ RECYCLE'.

WannaCry Ransomware Yana da Kuskuren Coding Wanda Zai Iya Taimaka Maka Maido da Fayiloli Koda Bayan Kamuwa (2) — Fayilolin asali waɗanda za a iya dawo da su daga rumbun da ba na tsarin ba

Har ila yau, saboda “kurakuran aiki tare” a cikin lambar fansware, a yawancin lokuta fayiloli na asali suna tsayawa a cikin wannan kundin kuma ba a motsa su zuwa $ RECYCLE, yana ba masu yiwuwa damar maido da fayilolin da aka share cikin rashin tsaro ta amfani da software na dawo da bayanai.

Kuskuren Shirye-shiryen Ransomware WannaCry:

Masu bincike na Kaspersky Lab sun gano cewa wannan fansa tana da matsala a cikin aikin sarrafa fayil din ta kawai. Idan akwai irin waɗannan fayilolin akan na'urar da ke ɗauke da cutar, to, fansa ba zai ɓoye su ba kwata-kwata. Zai ƙirƙiri ɓoyayyen kwafin kowane fayil na asali, yayin da ainihin fayilolin da kansu kawai suke samun “boye”Sifa. Lokacin da wannan ya faru, yana da sauƙi a nemo su kuma a dawo da halayen su na yau da kullun.

WannaCry Ransomware Yana da Kuskuren Coding Wanda Zai Iya Taimaka Maka Maido da Fayiloli Koda Bayan Kamuwa (3) — tsauraran fayiloli kawai ba'a rufesu dasu ba kuma suka zauna wuri ɗaya

Masu haɓaka fansa sunyi kuskure da yawa kuma ƙirar lambar tayi ƙasa ƙwarai.
Idan kun kamu da cutar WannaCry ransomware, akwai kyakkyawar damar da zaku iya dawo da fayiloli da yawa akan kwamfutar da abin ya shafa.
Don dawo da fayiloli, zaku iya amfani da abubuwan amfani kyauta don dawo da fayil.

Labari na asali source

Labarai- HUASHIL, TSARI-TSARO, tech, BAYANIN FASAHA, trending

Game da marubucin

WannaCry Ransomware Yana da Kuskuren Coding Wanda Zai Iya Taimaka Maka Maido da Fayiloli Koda Bayan Kamuwa da Cutar

Murmurewa da Fayiloli daga Tsarin Drive (watau C drive)

Murmurewa da Fayiloli daga Drian Tsarin-Tsarin Tsarin

Kuskuren Shirye-shiryen Ransomware WannaCry:

Chaitanya

Motocin Hayar Alatu Atlanta: Haɓaka Ƙwarewar Tafiya

Yadda Gina Radon Kyauta Ke Hana Guba Mai Guba

Wadanne hanyoyin Biyan Kuɗi Zaku iya Amfani da su a 5 Gringo Casino?