[Unlock Ransomware 1.0] - Global Cyber Attack; 74 Countries Affected

WannaCry ransomware may not attack Indian bank ATMs, says cyber security experts

The ransomware WannaCry put banks and ATMs across countries in a dreadful situation causing worries of data leakage and placed cyber security at stake. However, bank ATMs across the country may not face the wrath of WannaCry that also locks computers and demands a ransom. Cyber security experts are of the opinion that Indian ATMs might not be affected by the attack. 80 per cent of Indian ATMS operate on Windows XP and works on a firmware that limits the machine’s activities to minimum requirements like dispensing cash on request and checking account balance.

As per a Hindustan Times report rest of the activities are blacklisted thus preventing it from attacking Indian ATMs. Reportedly WannaCry has affected more than 200,000 computer systems in 150 countries since Friday. India’s cyber security agency has alerted internet users against the worn which locks the infected computer and asks the user to pay a ransom on 300 USD in Bitcoin virtual currency to unlock the system. The infection takes advantage of a Windows vulnerability which Microsoft released in March as a security patch. It affects the computers which have not updated it yet.

Following the issue, capital markets regulator Sebi and other stock exchanges have strengthened their cyber security system to keep away any threat. BSE and NSE have advised trading members to undertake “appropriate actions” and to ensure that all workstations and servers have the latest Microsoft patch. ATMs in India remain shut due to Wannacry Ransomware attack? Open ATMs only after software update, suggests RBI

HT quoted Saket Modi, the CEO and co-founder of Lucideus as saying, “Most ATMs in India use white-listing services to eliminate threats from malware and worms within their internal networks. WannaCry doesn’t look like something that will affect the ATMs, unlike personal or corporate endpoints.” Lucideus assesses IT risk and provides digital security services. Meanwhile, IT ministry has held talks with Reserve Bank of India (RBI), National Payments Corporation of India, NIC and Aadhaar-provider UIDAI to protect India’s digital systems.


WannaCry ransomware may not attack Indian bank ATMs, says cyber security experts - India.com



..
 
just keep your defender updated & nothing to worry about

image.png
 
Anyone from our forum got infected?
 
King77 said:
just keep your defender updated & nothing to worry about
Click to expand...

Antivirus can only protect if Ransomeware already detected but cannot save you if someone release a new variant of Ransomeware whose signature is not in database ;)
 
Indian-origin Google Techie Links Ransomware Attack to North Korea

London: An Indian-origin security researcher at Google has found evidence that North Korean hackers may be responsible for the cyberattack that affected 150 countries.

PTI reported that Neel Mehta's code has been termed as the "most significant clue to date" by a Russian security firm.

Researchers said the code is exclusive to North Korean hackers. The code was published on Twitter.
Researchers have said that some of the code used in Friday's ransomware, known as WannaCry software, was nearly identical to the code used by the Lazarus Group, a group of North Korean hackers who used a similar version for the devastating hack of Sony Pictures Entertainment in 2014 and the last year's hack of Bangladesh Central Bank.

Security experts are now cautiously linking the Lazarus Group to this latest attack after the discovery by Mehta. Mehta has found similarities between code found within WannaCry and other tools believed to have been created by the Lazarus Group in the past, BBC reported.

Security expert Prof Alan Woodward said that time stamps within the original WannaCry code are set to UTC +9 - China's time zone - and the text demanding the ransom uses what reads like machine-translated English, but a Chinese segment apparently written by a native speaker, the report said.




"As you can see it is pretty thin and all circumstantial. However, it is worth further investigation," Woodward said. "Neel Mehta's discovery is the most significant clue to date regarding the origins of WannaCry," said Russian security firm Kaspersky, but noted a lot more information is needed about earlier versions of WannaCry before any firm conclusion can be reached, it reported.

"We believe it is important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of WannaCry," it said. Attributing cyberattacks can be notoriously difficult - often relying on consensus rather than confirmation, the report said.

North Korea has never admitted any involvement in the Sony Pictures hack - and while security researchers, and the US government, have confidence in the theory, neither can rule out the possibility of a false flag, it said.

Read More

Indian-origin Google Techie Links Ransomware Attack to North Korea - News18

..
 
King77 said:
Bro , never browse suspecious websites & Always check for adwares in installers .
Also use AdBlocker  its very useful 
Click to expand...

Legitimate Site can also be hacked and is used to distribute Malware . And this Wanna cry is bundled with Eternal Blue exploit of Windows system so it acts as a Worm does not require you to click anything to launch it. It can spread on it's own and can infect other computers on LAN :hello
 
Sarkar said:
Legitimate Site can also be hacked and is used to distribute Malware . And this Wanna cry is bundled with Eternal Blue exploit of Windows system so it acts as a Worm does not require you to click anything to launch it. It can spread on it's own and can infect other computers on LAN :hello
Click to expand...

That's correct, if one gets unauthorized access and uploads something wrong to a legit site, then that site can also be harmful. Happened with many popular websites in past. :s
 
Shadow Brokers,the hacking group that leaked the bugs that enabled last week's global ransomware attack tease more Windows exploits and cyberespionage data, claims it has data on foreign nuclear programs 

The group plans to sell more Equation exploits and cyberespionage data through a subscription-based service

The Shadow Brokers was responsible for leaking EternalBlue, the Windows SMB exploit that was used by attackers in recent days to infect hundreds of thousands of computers around the world with the WannaCry ransomware program.

The hacking group that leaked the bugs that enabled last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks — potentially including compromised network data” pertaining to the nuclear or missile programs of China, Iran, North Korea and Russia, as well as vulnerabilities affecting Windows 10, which is run by millions of computers worldwide.

The hacking group that leaked NSA secrets claims it has data on foreign nuclear programs - The Washington Post
 
25 More Posts...

Similar threads

sumitroy
    • Like
'Bad Rabbit' ransomware strikes Ukraine and Russia
Replies
5
Views
893
christopher_pallante
C
R
    • Like
After WannaCry, security experts warn users of new ransomware attack ‘UIWIX’
Replies
0
Views
585
rahul1117kumar
R
R
    • Like
Digital drive puts India at greater cyber attack risk: Experts
Replies
0
Views
517
Ritesh
R
Sai Jai
Cyber attack ain’t over yet, India cannot afford to lower its guard: CERT-In chief ..
Replies
4
Views
747
Sai Jai
Sai Jai
R
India among top five countries attacked by ransomware; Karnataka tops the list
Replies
2
Views
678
Haipawans
H
Back
Top Bottom
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock