Skip to main content

Security researchers just traced Uiwix, a ransomware which is very similar to WannaCry but more dangerous than it

Now-a-days, the word "WannaCry" is very familiar to all of us. This ransomware exploited the vulnerabilities in  Microsoft’s Windows operating system (except Windows 10) to hack more than 75,000 computers in more than 150 countries & counting last Friday. Microsoft has recently released the security patches for all versions of Winows including XP to prevent this ransomware. Also numerous security researchers are continuously working to develop a permanent solution. Although a temporary solution called "WannaCry KillSwitch" is already discovered by a british security researcher Marcus Hutchins. He slows down the spreads of WannaCry by registering a domain name "wannacry".
Heimdal Security, a cyber security software company has recently reported that another ransomware called Uiwix, has emerged, which is exploiting the vulnerabilities found in Windows SMB v1 and SMB v2. Wannacry is doing in the same method to spread.

Is Uiwix similar to WannaCry?

A group of security researchers has claimed that they have traced WannaCry in Uiwix. Yet, this does not mean that Uiwix & WannaCry are identical. Unfortunately, unlike WannaCry, Uiwix cannot be stopped from spreading just by registering a domain, the Killswitch of Wannacry. Hence, it's called Uiwix is far far more dangerous than WannaCry. Although even some temporary solutions for Wannacry exists, but, still there is no solution discovered for Uiwix.

How does Uiwix work ?

 Uiwix works just like WannaCry. At first it attacks victim's PC, and encrypts important files on it. Then it demands a ransom $200 to get decrypt all the files seized by it. The ransom payment of $218 is demanded in bitcoins with the current exchange rate.

It is very astonishing to have two similar ransomware exploiting the same vulnerability to show up twice so rapidly. So, that it is said that vulnerabilities in Windows software have not been 100% fixed yet.

How to keep safe yourself from Uiwix ?

 Since Uiwix cannot be stopped like  WannaCry, the only way to contain the virus is to fix the vulnerability  that appears to be present in Windows. According to Andra Zaharia, Heimdal Security (a cyber security software company)  :
Attackers are easily able to exploit  these vulnerabilities in a network if it’s enabled because, even when  the system uses SMB v2 or v3, if the attacker can downgrade the  communication to SMB v1, he can exploit the system. This is where the  man-in-the-middle attack of a Windows SMB v1-enabled system can become  an issue, even if it’s not being used "
 However, Uiwix cannot be stopped as of now, the  only way to protect yourself is to take some preventive precautions to  avoid any trouble in the future.  Following these rules strictly may decrease the chances of hijacking by Uiwix -
1. Do not connect your pc, laptop, tablet etc. to a public WiFi hot spot.
2. Do not open any attachments in email from unknown or, suspicious senders.
3. Do not click any links in emails from unknown senders.
4. Do not download any files attached in email from unknown or, suspicious senders.
5. Try to avoid visiting malicious sites.
6. Do not download or, update software/apps from a third-party website, or store.
7. Do not use any out-dated or, pirated software.
8. Install WOT (web of trust) extension, and visit only reputed websites shows by WOT.
9. Keep your antivirus & windows up to date always.
10. You may use Kaspersky anti-ransomware tool, or, Bitdefender anti-ransomware tool for extra security.
11. Disable SMB v1, SMB v2, SMB v3 on windows via registry editing. How to disable it ? Read below.
12. Periodically set restore point. After attack you may able to use System Restore to get back to a known-clean state.
13. Most Important : Always keep offline backup your data, or, do cloud backups. 

How to disable SMB v1, SMB v2, SMB v3 on windows via registry editing ? 

To enable or disable SMBv1 on the SMB server, configure the following registry key:
Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Registry entry: SMB1
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled
To enable or disable SMBv2 on the SMB server, configure the following registry key:
Registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\ParametersRegistry entry: SMB2
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled

references :


Tags : Security, Hacks, Ransomware, Malware, Windows, Microsoft, Operating System,

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 







Comments

Popular Posts (Last 7 Days)

Giant Anaconda | World's Biggest Python Snake Found in Amazon Rainforest | Longest Python Attacks

Tags :Animals, Video, Wildlife, Youtube, Anaconda, Snakes This Post Was Published On My Steemit Blog
Earned : $00.00 SBD Converted to USD @0.90$ Rate = $00.00 USD
First Time heard about Steemit ? Click Here To Know...

Steemit bug found in “TAG”

Steemit bug found in “TAG”
image credit I just found a serious bug on steemit TAG. Today I published a news cum TIL post with 5 tags -
wilt news newslink til steemitnews https://steemit.com/wilt/@royalmacro/what-i-learnt-today-darkweb-raises-funds-for-assassinating-both-donald-trump-and-mike-pence But, my post is visible in only one section in “wilt”. Other tags are not working anymore. I searched frequently in the following sections which I tagged – https://steemit.com/created/newshttps://steemit.com/created/newslinkhttps://steemit.com/created/tilhttps://steemit.com/created/steemitnews My post is invisible in the above sections. It’s only visible in -
https://steemit.com/created/wilt
Update : I just found a solution. I used 4 tags instead of 5. Now, my post is visible to all 4 sections. Tags : Blockchain, Bugs, Cryptocurrency, Steemit,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steem…

What I Learnt Today : Pterodactyl was not only the flying dinosaur, There were many

What I Learnt Today : Pterodactyl was not only the flying dinosaur, There were many
image source & credit : LINK We are all familiar to Pterodactyl, the flying dinosaur. But, actually there existed so many flying dinosaurs. The common name of all this “flying dinosaurs” is Pterosaurs. There are about 130 genus of Pterosaurs existed in the jurassic period. Here I listed some of them — 1. Pterodactyl The Pterodactyls had a couple of very wide wings up to 40 feet long. But, these wings are not similar to modern bird’s wings. There were no feathers , their wings were made of a leathery substance. They lived near the sea in the cave & trees. They ate sea fish, large insects & other small dinosaurs. We found their fossils in Europe, North America, Australia, and Africa.
Pterodactyl
image source & credit : LINK
Pterodactyl Fossil
image source & credit : LINK 2. Petinosaurus Petinosaurus wings were formed by membranes of skin and other soft tissues. And also there were no feat…

“Tears on Cheek of Africa” My Original Abstract Art

My Original Abstract Art “Tears on Cheek of Africa”

The love with lands surrounded by
the Mediterranean sea to north,
Sinai Peninsula keeps a house with whom?
Suez and red having room. Forest and her ancient folk
always in our feelings and talk,
All the mankind having so curious
You,more I think mysterious. Beauty of her smile peeking, a truth
I know the truth, the truth.
The photographer committing suicide
never conceding the painful sight. A monster throwing away foods
In the water, children of you
Crying crying for a grain.
The moribund acting his last sequence
Why? a vulture waiting, a question. I love you, consider mother of lions
Smile revealing a secret, oh Africa!
enjoy :) Tags : Abstract, Art, Drawing, Painting, Poems, Poetry,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


South Africa is participating in largest and most advanced HIV vaccine trial program; makes its own history

image credit A big step for mankind - South Africa is participating in HIV (Human Immunodeficiency Virus) vaccine program. This vaccine could prevent HIV infection. The drug trial began last month. This program is called HVTN 702. About 5400 adults are participating in this HIV vaccine trial. Scientists say that this HIV vaccine program is the largest and most advanced trial program in South Africa.   “If deployed alongside our current armoury of proven HIV prevention tools, a safe and effective vaccine could be the final nail in the coffin for HIV,” said Anthony Fauci, director of the National Institute of Allergy and Infectious Diseases (NIAID), which falls under the American National Institutes of Health (NIH), a co-funder of the trial.   “Even a moderately effective vaccine would significantly decrease the burden of HIV disease over time in countries and populations with high rates of HIV infection, such as South Africa.”  image credit Dr Glenda Gray is the protocol chairman of HVTN …

fence of flower [An Original Abstract Art] - #01

Here I share my latest work on Abstract Art -- [ Series #01 ] fence of flower Tags : Abstract, Art, Drawing, Painting,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Buy/Sell Your Steem Dollars ($SBD) via Perfect Money, Skrill & Neteller [Try to build up my dream project]

I was very much inspired by reading the post made by Charlie Shrem -https://steemit.com/steem/@charlieshrem/the-price-of-steem-where-do-we-go-from-here-reflections-by-charlie-shrem So, I think to build up a project where I buy/sell Steem Dollars ($SBD) via Fiat currencies such as Perfect Money USD/EUR, Skrill USD/EUR/GBP, Neteller USD/EUR/GBP, Payza USD/EUR/GBP, Payeer EUR/USD/GBP & Advcash USD/EUR/GBP. Where to buy/sell ? I choose peerhub for my project. You may signup here with facebook or,  email address. I've just listed some sell orders for testing purpose only : $5 Perfectmoney USD for $6.25 SBD https://www.peerhub.com/items/7025 $5 Skrill USD for $6.25 SBD https://www.peerhub.com/items/7026 $5 Neteller USD for $6.25 SBD https://www.peerhub.com/items/7027
What's the fee ? I've yet not fixed the fee rates. However, the testing fee is now 5% plus $1 USD (minimum). How can you trust me ? COLLATERAL OR ESCROW ?  It's the big question & most important also. I can r…

FAMINE IN AFRICA

Tags :Life, Video, Youtube, Famine, Africa This Post Was Published On My Steemit Blog
Earned : $00.00 SBD Converted to USD @0.9132$ Rate = $00.00 USD
First Time heard about Steemit ? Click Here To Know...

[TIL] How to Draw a Leopard With Pencil - Big Cat

[video tutorial step by step] How to Draw a Leopard With Pencil - Big Cat
This video tutorial was made by Leonardo Pereznieto on youtube. visit : https://www.youtube.com/channel/UCaapxaQKJFJ6XC56CHgeTzw Tags : Art, Drawing, Sketch, Tutorials, Video, Youtube,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Flood in India

Tags :India, Photography, Travel, Flood, Water, Nature This Post Was Published On My Steemit Blog
Earned : $00.00 SBD Converted to USD @0.8647$ Rate = $00.00 USD
First Time heard about Steemit ? Click Here To Know...

Back to Top