Ka khoeli ea Mots'eanong 2017, WannaCry, thekollo e kanna ea baka tšenyo lefats'eng ka bophara ha e fihla li-PC tse ka bang 300,000 linaheng tse 150 nakong ea lihora tse 72 feela, empa seo ha se bolele hore e ne e le sekhechana sa boleng bo holimo sa thekollo. E, bafuputsi ba ts'ireletso ba Libaka tsa Kaspersky sa tsoa fumana liphoso tse ling tsa khoutu ea seboko sa WannaCrypthlengware.
Liphoso tsena tsa ho etsa lenaneo la WannaCrypthlengware li ka lumella bahlaseluoa ba eona ho khutlisa lifaele tsa bona tse notletsoeng ka lisebelisoa tsa ho hlaphoheloa mahala tse fumanehang phatlalatsa kapa le ka litaelo tse bonolo, ntle le ho lefella senotlolo sa ho hlakola.
Anton Ivanov, mohlahlobi ea ka sehloohong oa malware Kaspersky Lab, hammoho le basebetsi-'moho le eena Fedor Sinitsyn le Orkhan Mamedov, kamora ho etsa lipatlisiso tse tebileng ka malware, ba hlalositse liphoso tse tharo tsa bohlokoa tse entsoeng ke bahlahisi ba WannaCry tse ka lumellang sysadmins ho khutlisa lifaele tse ka lahlehang.
Ho ea ka bafuputsi, bothata bo lula ka tsela eo malware a phelisang ka eona.
"Ha Wannacry e patala lifaele tsa motho eo e mo hlaselang, e baleha ho tsoa faeleng ea mantlha, e koalla litaba ebe e li boloka ka har'a file ka katoloso" .WNCRYT ". Kamora hore encryption e tsamaee ".WNCRYT" ho ".WNCRY" ebe e hlakola file ea mantlha. Mokhoa ona oa ho hlakola o ka fapana ho latela sebaka le lifaele tsa motho ea hlokofalitsoeng. ”
WannaCry e kopitsa lifaele mme e etsa likopi tsa tsona tse patiloeng hobane ho ke ke ha khoneha hore software e kotsi e kenye ka ho toba kapa e fetole lifaele tsa ho bala feela. Le ha lifaele tsa mantlha li lula li sa bonoe empa li fuoa tšobotsi e 'patiloeng', ho khutlisa data ea mantlha ho hloka hore bahlaseluoa ba khutlise litšobotsi tsa bona tse tloaelehileng.
https://www.alltechbuzz.net/fix-wannacrypt-ransomware-backdoor/
Ho khutlisa li-Files ho System System (ke hore C drive)
Ho ea ka bafuputsi, lifaele tse bolokiloeng ka har'a 'li-folders tsa bohlokoa', joalo ka Desktop kapa Litokomane foldareng, li ke ke tsa fumanoa ntle le senotlolo sa ho hlakola hobane WannaCry e etselitsoe ho ngola lifaele tsa mantlha ka data e sa reroang pele e tlosoa.
Leha ho le joalo, bafuputsi ba hlokometse hore lifaele tse ling tse bolokiloeng kantle ho 'li-folders tsa bohlokoa' tsamaisong ea sistimi li ka khutlisoa ho tsoa ho foldara ea nakoana ho sebelisa software ea ho hlaphoheloa ya data.
“Haeba faele e bolokiloe kantle ho lipampiri tsa 'bohlokoa', faele ea mantlha e tla fallisetsoa ho% TEMP% \% d.WNCRYT (moo% d e bolelang boleng ba linomoro). Lifaele tsena li na le data ea mantlha 'me ha li hatisoe, li hlakoloa feela disk, ho bolelang hore ho na le monyetla o moholo oa hore ho ka khoneha ho li khutlisa ka software ea ho hlaphoheloa ya data. ”
Ho fumana lifaele ho tsoa ho li-Drives tse seng tsa Sisteme
Ho ea ka bafuputsi, bakeng sa li-drive tse se nang sistimi, WannaCry Rhlengware e etsa foldara e patiloeng ea '$ RECYCLE', e sa bonahaleng ho Windows File Explorer haeba e na le tokiso ea kamehla. Malware e ntan'o tsamaisa lifaele tsa mantlha ka har'a sistimi ena kamora ho patoa. Leha ho le joalo, u ka khutlisa lifaele ka ho utulla foldara ea '$ RECYCLE'.
Hape, ka lebaka la "liphoso tsa khokahano" ka khoutu ea thekollo, maemong a mangata lifaele tsa mantlha li lula bukaneng e le 'ngoe' me ha li isoe ho $ RECYCLE, ho etsa hore liphofu li khone ho khutlisa lifaele tse tlositsoeng ka polokeho li sebelisa software e fumanehang ea ho hlaphoheloa ha data.
Liphoso tsa WannaCry Ransomware Programming:
Bafuputsi ba Kaspersky Lab ba fumane hore thekollo ena e na le bothata ts'ebetsong ea eona ea ho bala feela. Haeba ho na le lifaele tse joalo mochining o nang le ts'oaetso, thekollo e ke ke ea li koahela ho hang. E tla iketsetsa feela khopi e patiloeng ea faele ka 'ngoe ea mantlha, ha lifaele tsa mantlha li fumana feela "patiloe”Mohopolo. Ha sena se etsahala, ho bonolo ho li fumana le ho khutlisa litšobotsi tsa tsona tse tloaelehileng.
- Bahlahisi ba thekollo ba entse liphoso tse ngata mme boleng ba khoutu bo tlase haholo.
- Haeba u tšoaelitsoe ke WannaCry ransomware, ho na le monyetla o motle oa hore u tla khona ho khutlisa lifaele tse ngata khomphuteng e amehileng.
- Ho khutlisa lifaele, u ka sebelisa lits'ebeletso tsa mahala tse fumanehang bakeng sa ho hlaphoheloa ha faele.
Sengoloa sa mantlha mohloli o moholo
