Current location - Plastic Surgery and Aesthetics Network - Plastic surgery and medical aesthetics - When will the hacker blackmail virus be lifted?
When will the hacker blackmail virus be lifted?
ransomware is a kind of worm virus, which can't be completely removed only in high incidence period, low incidence period or hidden period.

Now there are new variants of ransomware. Nowadays, the commercialization of cyber hackers has become very mature. Making guns (manufacturing), selling guns (selling), taking boxes (buying implementers), hanging horses (spreading), distributing and realizing are all linked together, and the daily turnover in the global black market network is hundreds of millions of yuan.

The hardest hit area by ransomware in China is the campus network. In contrast, the attacked hospitals in Britain have fallen into chaos. According to the British Mirror and other reports, all IT systems, telephone systems and patient management systems in 4 hospitals affected by the virus are currently suspended. This means that all systems are offline, and the hospital can't answer calls at all. Emergency patients waiting for treatment will be transferred to other places according to the doctor's arrangement, and at least one hospital will be forced to close.

It is reported that there have been more than 45, attacks, mainly in Russia, and at least 1 ransoms of about $3 each have been sent to bitcoin accounts provided by hackers.

36 Security Center analyzed that the campus network blackmail virus was spread by the "eternal blue" hacker weapon leaked by NSA. "Eternal Blue" can remotely attack Windows port 445 (file * * *). If the Microsoft patch of March this year is not installed in the system, the criminals can implant malicious programs such as ransomware, remote control Trojan horses and virtual currency mining machines in computers and servers without any operation by users, as long as they turn on the Internet.

because there have been many worms spreading through port 445 in China, some operators blocked port 445 for individual users. However, the Education Network does not have this restriction. There are a large number of machines with 445 ports exposed, so it has become the hardest hit area for criminals to use NSA hacking weapons.

36 The monitoring data of ransomware events on campus network shows that ONION virus first appeared in China, with an average of about 2 attacks per hour and more than 1, attacks per hour at night peak. WNCRY ransomware was a new global attack on the afternoon of May 12th, and it spread rapidly in the campus network of China, with about 4, attacks per hour during the night rush hour.

at this point, the behind-the-scenes developer has not been found, and the attack is still going on. ......