I-WannaCry Rhlengware ineempazamo zokufaka iikhowudi ezinokukunceda ukuba ubuyisele iifayile nokuba sele usulelekile

Ngenyanga kaMeyi 2017, WannaCry, intlawulelo Isenokubangela ukuphazamiseka kwihlabathi liphela xa ibetha phantse ii-PC ezingama-300,000 kumazwe ali-150 kwisithuba seeyure ezingama-72, kodwa oko akuthethi ukuba yayiyinto esemgangathweni yokuhlawulwa. Ewe, abaphandi bezokhuseleko IiLebhu zaseKaspersky Kutshanje kufunyenwe iimpazamo zenkqubo ethile kwikhowudi yeWannaCrypthlengware worm.

Ezi mpazamo zenkqubo kwikhowudi yeWannaCrypthlengware inokuvumela amanye amaxhoba ukubuyisela iifayile zabo ezitshixiweyo ngezixhobo zokubuyisela simahla ezifumaneka esidlangalaleni okanye nditsho nemiyalelo elula, ngaphandle kokuhlawula nasiphi na isitshixo sokubhala.

U-Anton Ivanov, umhlalutyi ophezulu we-malware e-Kaspersky Lab, kunye noogxa bakhe u-Fedor Sinitsyn no-Orkhan Mamedov, emva kokuphanda nzulu nge-malware, baneenkcukacha ezintathu eziphosakeleyo ezenziwe ngabaphuhlisi be-WannaCry ezinokuvumela ii-sysadmins ukuba zibuyisele iifayile ezinokulahleka.

Ngokwabaphandi, umba uhlala ngendlela i-malware eqhuba ngayo ukubethela.

"Xa iWannacry ibhala ngokufihlakeleyo iifayile zexhoba layo, ifundeka kwifayile yoqobo, ibethele umxholo kwaye igcinwe kwifayile ngolwandiso" .WNCRYT ". Emva koguqulelo oluntsonkothileyo ihamba ".WNCRYT" iye ".WNCRY" kwaye icime ifayile yoqobo. Le ndlela yokususa ingahluka ngokuxhomekeka kwindawo kunye neefayile zexhoba. ”

I-WannaCry ikopa iifayile kwaye yenza iikopi zazo ezifihliweyo kuba akunakwenzeka ukuba isoftware enobungozi ibhale ngokuthe ngqo okanye iguqule iifayile zokufunda kuphela. Ngelixa iifayile zentsusa zihlala zingafakwanga kodwa zinikwe uphawu 'olufihliweyo', ukufumana idatha yoqobo kubuyiswa kufuna amaxhoba ukuba abuyisele iimpawu zawo eziqhelekileyo.

https://www.alltechbuzz.net/fix-wannacrypt-ransomware-backdoor/

Ukufumana kwakhona iiFayile kwiNkqubo yeDrive (okt C drive)

Ngokwabaphandi, iifayile ezigcinwe 'kwifolda ebalulekileyo', ezinjengeDesktop okanye amaxwebhu amaxwebhu, azinakufunyanwa ngaphandle kwesitshixo sokubhala ngenxa yokuba iWannaCry yenzelwe ukubhala ngaphezulu iifayile zoqobo kunye nedatha engahleliwe ngaphambi kokuba isuswe.

I-WannaCry Ransomware ineempazamo zokufaka iikhowudi ezinokukunceda ukuba ubuyisele iifayile nokuba emva koSulelo (1) — Iifayile ezinikwe igama kwakhona ezinokubuyiselwa ukusuka kwi-% TEMP%

Nangona kunjalo, abaphandi baqaphele ukuba ezinye iifayile ezigcinwe ngaphandle 'kweefolda ezibalulekileyo' kwi-drive drive zinokubuyiselwa kwifolda yexeshana kusetyenziswa isoftware yokubuyisa idatha.

"Ukuba ifayile igcinwe ngaphandle kweefolda 'ezibalulekileyo', ifayile yokuqala iya kusiwa kwi-% TEMP% \% d.WNCRYT (apho i-% d ichaza ixabiso lamanani). Ezi fayile zinedatha yoqobo kwaye ayibhalwanga ngaphezulu, ziyacinywa ngokulula kwidiski, oko kuthetha ukuba maninzi amathuba okuba iphinde ibuyiswe kusetyenziswa isoftware yokubuyisa idatha. ”

Ukufumana kwakhona iiFayile kwiiDrive ezingekho kwiNkqubo

Ngokwabaphandi, ngokungahambisi inkqubo, iWannaCry Ransomware yenza ifolda efihliweyo '$ RECYCLE', engabonakaliyo kwiWindows File Explorer ukuba inendawo emiselweyo. I-malware ke ihambisa iifayile zoqobo kule khowudi emva kokubethela. Nangona kunjalo, unokuzifumana kwakhona ezo fayile ngokungatyhileli ifolda '$ RECYCLE'.

I-WannaCry Ransomware ineempazamo zokufaka iikhowudi ezinokukunceda ukuba ubuyisele iifayile nokuba emva koSulelo (2) — Iifayile zoqobo ezinokubuyiselwa kwi-non-system drive

Kwakhona, ngenxa ye "iimpazamo zokuvumelanisa" kwikhowudi ye-ransomware, kwiimeko ezininzi iifayile zangaphambili zihlala kwisikhombisi esifanayo kwaye zingahanjiswa kwi- $ RECYCLE, okwenza ukuba amaxhoba abuyisele ngokungakhuselekanga iifayile ezikhutshiweyo kusetyenziswa isoftware ekhoyo yokubuyisa idatha.

Iimpazamo zokuCwangciswa kweRollware yeWannaCry:

Abaphandi beKaspersky Lab bafumanise ukuba le ntlawulelo inebug kulungelelwaniso lwayo lokufunda kuphela. Ukuba kukho ezo fayile kumatshini osulelekileyo, i-ransomware ayizukuzifihla konke konke. Iya kwenza kuphela ikopi ebhalwe ngokufihliweyo kwifayile yoqobo nganye, ngelixa iifayile zentsusa ngokwazo zifumana "ifihliwe”Uphawu. Xa oku kusenzeka, kulula ukubafumana kwaye ubuyisele iimpawu zabo eziqhelekileyo.

I-WannaCry Ransomware ineempazamo zokufaka iikhowudi ezinokukunceda ukuba ubuyisele iifayile nokuba emva koSulelo (3) — Iifayile ezifundwayo kuphela ezingagcinwanga ngokufihliweyo kwaye zihlala kwindawo enye

Abaphuhlisi be -hlengoware benze uninzi lweempazamo kwaye umgangatho wekhowudi uphantsi kakhulu.
Ukuba wosulelwe yi-WannaCry ransomware, kunokwenzeka ukuba uya kuba nakho ukubuyisela iifayile ezininzi kwikhompyuter echaphazelekayo.
Ukubuyisela iifayile, ungasebenzisa izixhobo ezisimahla ezikhoyo ukubuyisa iifayile.

Inqaku lokuqala umthombo

Iindaba, UKHUSELEKO KWENKQUBO, Tech, UKUHLAZIYWA KWEZOBUCHULE, ezihamba

Malunga nombhali

Chaitanya

Inkqubela phambili yeBitcoin eWashington:

Umthetho weBitcoin uvunyiwe eWashington DC, iCongressmen yase-US Yazisa iBhili yokususa

Iindleko zeNyaniso zeeKhamera zoKhuseleko, kunye nendlela iLifu elitshintsha ngayo yonke into

Rhoqo ngonyaka, abaphathi bamaziko kuyo yonke imfundo, ukhathalelo lwempilo, kunye nokuthengisa baphonononga ukhuseleko lwabo

Uphononongo lwekhontrakthi i-AI inceda njani amaQela asemthethweni ukuba alinganise ngaphandle kokuqesha abasebenzi abaninzi

Iinkampani zihlala zinqwenela ukuphucula imveliso ngelixa zinciphisa iindleko. I