Skip to content Skip to sidebar Skip to footer
Home / Game

Info About WannaCry, Computer Hostage Malware That Troubles the World

The data attack on the Ransomware malware called WannaCry seems to have taken the world of technology by surprise some time ago. The global Ransomware attack paralyzed various devices and computer networks in various countries in the world. These include disrupting the production of the French car factory, Renault, disrupting the Russian Central Bank system, and disrupting the British national health insurance system.

The Director General of Information Applications at the Ministry of Communication and Informatics, Samuel A Pangerapan or commonly called Semmy, said that cyber attacks WannaCry attack important resources in a number of countries.

According to Semmy, the malicious software (Malware) WannaCry is a type of ransomware, which is software that attacks computers and encrypts all files on the computer so that they cannot be accessed and demands compensation from the computer owner if they want the data back.

wannacrypt ransomware

Information About WannaCry Ransomware

Program name : wannacryptor
Type : computer virus
Active : april 2022
Active spread : may 2022
Purpose : scare windows users and ask for ransom

Greatness:

1. Spreading via the internet can be via email attachment files or via a web that is infected/intentionally placed a virus link.
2. Spread quickly in the network.
3. Many antiviruses have not been able to detect this virus.

Weakness :

1. Do not disable safe mode so you can kill the process through safe mode.
2. Does not infect system restore so that if the process has been killed the virus file is deleted. Then the restore then the victim’s pc can return to normal.

How Ransomware Works

By exploiting weaknesses Server Message Block (SMB) in the Microsoft ransomware operating system infiltrates a computer via the internet.

First, The malware will disable/take over the computer by turning off a number of programs listed on the computer registry computer.

Second, managed to kill a number of programs, ransomware will also disable the control of the owner of the computer by making a number of hardware devices such as mice and keyboards not work but function number pad (special keyboard number keys) still running.

Third, ransomware will upload an image containing a message that all data on the computer has been encrypted and locked. The owner of the computer must pay a certain amount of money if you want the data back.

The WannaCry ransomware that attacks computers in Indonesia is known to ask for a reward in the form of the digital currency Bitcoin. But before it spreads more widely there are already several parties who share ways on how to deal with this ransomware.

How to handle if already infected with Ransomware:

1. Enter safe mode
2. Eliminate startup viruses
3. Kill process and service viruses
4. Check the next folder for suspicious files:
%TEMP%
%APPDATA%
%ProgramData%
check the host file, because it can be corrupted by the virus
Host location:
C:\windows\System32\drivers\etc remove the hosts that lead to strange websites. Edit with notepad
5. Delete the following file names (in a hidden state so show all hidden files in the folder options menu)
Readme.txt.WCRY
License.txt.WCRY
History.txt.WCRY
!Please Read Me!.txt
!WannaDecryptor!.exe
6. Immediately restore to the date before it was infected
7. All files are back to normal