Quote:
Originally Posted by Insid3Code
Hello,
These steps are against the exploit code not against the file cryptor it self or cryptocurrency mining malware (another malware using the same exploit code to infect vulnerable machines silently without any notification)...
|
Hi
As far as, i have studied -:
Adylkuzz, is a cryptocurrency miner that leverages MS17-010, also known as EternalBlue, to compromise machines. Adylkuzz attackers scan the internet for vulnerable machines to install their malware. Unlike WannaCry, Adylkuzz does not have the ability to self-propagate. It was WannaCry’s ability to self-replicate that meant it spread very quickly within organizations.
As cryptocurrency miner also uses EternalBlue exploit ,so disabling SMB(as mentioned above) should do the job
Also re-searched about recovering encrypted data by ransomware in SOME cases-:
Regards