WannaCry ransomed the world crazy, Vietnam is also on the list of countries attacked by this ransomware. Therefore, Windows users need to quickly avoid WannaCry, before they attack their systems.
First, it is necessary to immediately update the current operating system version and anti-virus programs to the latest version. Be cautious when opening emails with attachments, strange links on social networks, chat tools. Absolutely do not open links with .hta extension or links that are unstructured, shortened links. Please follow the article below to know how to prevent this dangerous WannaCry malware.
How to prevent WannaCry ransomware
Install the latest security patch
Installed the latest Microsoft security patch, released on March 14, excluding Windows XP. You can COME IN to see affected versions of Windows and get the EternalBlue patch (MS17-010). Note that all machines that do not have the MS17-010 patch installed can be affected at any time.
Regularly check for updates
Moreover, it is necessary to regularly check for updates on Windows Update to ensure that the computer is up to date with the latest versions and patches. How to do it is quite simple, just go to the section Settings> Update & Security, then click Check for updates.
Do not click on strange links
Absolutely do not click on strange links, links with .hta extension or links with unclear structure, links that shorten links. WannaCry ransomware typically targets the following groups of formats:
- Common office file extensions (.ppt, .doc, .docx, .xlsx, .sxi).
- Less common and country-specific office formats (.sxw, .odt, .hwp).
- Archive formats, media files (.zip, .rar, .tar, .bz2, .mp4, .mkv).
- Email and email database (.eml, .msg, .ost, .pst, .edb).
- Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd).
- Developer project file and source code (.php, .java, .cpp, .pas, .asm).
- Encryption key and certificate (.key, .pfx, .pem, .p12, .csr, .gpg, .aes).
- Graphic design authors, authors and photographers (.vsd, .odg, .raw, .nf, .svg, .psd).
- Virtual machine files (.vmx, .vmdk, .vdi).
Create file blocking Ransomware WannaCry
Open Notepad, copy the following into:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstaskdl.exe]
“Debugger” = “taskkill / IM / F taskdl.exe”
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstaskse.exe]
“Debugger” = “taskkill / IM / F taskse.exe”
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionswannacry.exe]
“Debugger” = “taskkill.exe / IM / F wannacry.exe”
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmssecsvc.exe]
“Debugger” = “taskkill.exe / IM / F mssecsvc.exe”
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstasksche.exe]
“Debugger” = “taskkill.exe / IM / F tasksche.exe”
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstaskhsvc.exe]
“Debugger” = “taskkill.exe / IM / F taskhsvc.exe”
Then press Ctrl + S, choose All Files. Section Save as type, name the file BlockWC.reg. Then, right-click on this file, select Run as administrator to open as Administrator.
Backup data to the cloud
To avoid “losing” data, users should back up data Dropbox, Google Drive or any cloud service before unfortunately “infected” with this ransomware.
Enable 2-layer security for all apps
After penetrating the computer, WannaCry ransomware not only locks the device, steals important data, but also hijacks the right to use the account Facebook, Skype, Gmail… saved on the device. Then, impersonating a user, send a message spreading malicious link to friends in your contacts. So users need to set up 2 layers for security Facebook, Gmail, Dropbox… now.
Install anti-malware software WannaCry
Installing WannaCry anti-malware, currently there are many companies launching this anti-ransomware tool such as: Cybereason RansomFree, HitmanPro… Install an anti-malware tool right away WannaCry, to keep computers safe from an emerging infection risk. Alternatively, you can download it Bkav CheckWanCry, VNIST Scanner to check tmalicious code WannaCry.
WannaCry ransomware is spreading strongly in more than 90 countries around the world, including Vietnam. Therefore, all users need to raise their vigilance, not be subjective because they can attack us at any time.
Wish you all success!
Source link: How to prevent WannaCry ransomware