Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Protect Against WannaCry
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 05-18-2017, 22:52
abhi93696 abhi93696 is offline
Friend
  
Join Date: Mar 2017
Location: India
Posts: 73
Rept. Given: 0
Rept. Rcvd 8 Times in 2 Posts
Thanks Given: 146
Thanks Rcvd at 159 Times in 64 Posts
abhi93696 Reputation: 10
Quote:
Originally Posted by Insid3Code View Post
Hello,
These steps are against the exploit code not against the file cryptor it self or cryptocurrency mining malware (another malware using the same exploit code to infect vulnerable machines silently without any notification)...
Hi

As far as, i have studied -:
Adylkuzz, is a cryptocurrency miner that leverages MS17-010, also known as EternalBlue, to compromise machines. Adylkuzz attackers scan the internet for vulnerable machines to install their malware. Unlike WannaCry, Adylkuzz does not have the ability to self-propagate. It was WannaCry’s ability to self-replicate that meant it spread very quickly within organizations.

As cryptocurrency miner also uses EternalBlue exploit ,so disabling SMB(as mentioned above) should do the job

Also re-searched about recovering encrypted data by ransomware in SOME cases-:
Regards
Reply With Quote
The Following User Says Thank You to abhi93696 For This Useful Post:
Indigo (07-19-2019)
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Visual Protect Spotted Horse General Discussion 10 09-17-2004 14:58


All times are GMT +8. The time now is 19:00.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )