May 15, 20179 yr Wanna Cry ransomware hits the heart of Bangkok BY JONATHAN FAIRFIELD Wanna Cry in Bangkok. Image: @ALiCE6TY9 BANGKOK: -- Thailand’s government is urging users to beware of the dangerous ransomware dubbed Wanna Cry which has hit at least 200,000 victims in 150 countries worldwide. Prime Minister Prayuth on Saturday instructed the Ministry of Digital Economy and Society to closely monitor the situation and advise the public where necessary. Despite a report on Monday claiming the ransomware had yet to be detected in Thailand, pictures shared on Twitter on Sunday claimed the contrary. The pictures revealed that two digital advertising hoardings had become infected with the virus and rather than displaying the usual advertisements, instead showed a message from hackers as the Bangkok traffic passed by. Full story: http://tech.thaivisa.com/wanna-cry-ransomware-hits-the-heart-of-bangkok/21648/ -- © Copyright Thai Tech 2017-05-15
May 15, 20179 yr 40 minutes ago, webfact said: Despite a report on Monday claiming the ransomware had yet to be detected in Thailand, pictures shared on Twitter on Sunday claimed the contrary. I personally have;learned to not believe a thing any government reports states to the press. What ever is stated I always believe the opposite and it usually comes true.
May 15, 20179 yr I don't get it, does this virus only affect to windows XP systems? Or also to Win10? And does it also affect legal licensed update windows XP systems? If not than Thailand is sure in danger.
May 15, 20179 yr Windows 10 was protected a few weeks ago if updates were installed but XP was not being updated so unless the recent emergency update installed it was open game. Thankfully someone had built in a kill switch into the software, which was activated, or this would have been many, many times worse. The problem these days is use of bitcoin type payment now makes it very attractive to a huge number of get rich quick types (well beyond geeks) so expect much more of this type activity, unless steps are taken to control payment systems. Make image backups and keep detached from computer seems to be a good idea now - unfortunately Windows 10 tried to prevent us doing that so it is not an easy task for people to follow through on.
May 15, 20179 yr I didn't "upgrade" to Windows 10, so I'm still using Windows 7. Don't think their patch covered W7, but not sure.
May 15, 20179 yr Believe 7-10 were patched prior to this issue but XT had not been (or not installed by many as not normally updated now). But a patch does not rule out getting hit by another version prior to a new patch so best to have secured image backup available just in case - at least you would be able to get most of your data restored (up to last backup) and a lost less need to wanna cry. This has become big business with the ability to extract ransom money so expect we can expect a lot more attacks. Edited May 15, 20179 yr by lopburi3
May 15, 20179 yr What Thailand needs urgently is not a new cyber security bill but a couple of hundreds top IT specialists to check and upgrade all government systems and sites and which could give security advice for other vitally important systems (hospitals, traffic light management etc.).
May 15, 20179 yr Nasty foreigners. Time to turn off all the internets that are not based in Thailand by Thais. Preferably the government as they will protect us.
May 15, 20179 yr 2 hours ago, samtam said: I didn't "upgrade" to Windows 10, so I'm still using Windows 7. Don't think their patch covered W7, but not sure. To prevent a WannaCry / WannaCryptor infection on windows 7 you need to disable something called SMB, I've included instructions to disable SMBv1, SMBv2 and SMBv3 on Windows 7 in this post. Note - there are different commands for other versions of windows - see the link at the end. Doing the following on a Windows 7 installation will stop it : Open a command prompt by clicking the 'round start menu button' then enter 'cmd' in the box at the bottom and press enter. Copy and paste the following 4 separate lines one by one into the black command prompt window that pops up. sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsisc.exe config mrxsmb10 start= disabled sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi sc.exe config mrxsmb20 start= disabled After each line there will be a confirmation that it worked on the screen. you must reboot the computer for this to become live and then you won't become infected with this particular variant of malware. The above information comes from : https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012 Also note that if you're on a corporate network that uses SMB for whatever reason then it might not be such a great idea to do this, speak to the systems administrator but for home users it's just fine. There are new variants of this malware circulating right now and they don't have the 'killswitch' in them.
May 15, 20179 yr 1 hour ago, ukrules said: To prevent a WannaCry / WannaCryptor infection on windows 7 you need to disable something called SMB, I've included instructions to disable SMBv1, SMBv2 and SMBv3 on Windows 7 in this post. Note - there are different commands for other versions of windows - see the link at the end. Doing the following on a Windows 7 installation will stop it : Open a command prompt by clicking the 'round start menu button' then enter 'cmd' in the box at the bottom and press enter. Copy and paste the following 4 separate lines one by one into the black command prompt window that pops up. sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsisc.exe config mrxsmb10 start= disabled sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi sc.exe config mrxsmb20 start= disabled After each line there will be a confirmation that it worked on the screen. you must reboot the computer for this to become live and then you won't become infected with this particular variant of malware. The above information comes from : https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012 Also note that if you're on a corporate network that uses SMB for whatever reason then it might not be such a great idea to do this, speak to the systems administrator but for home users it's just fine. There are new variants of this malware circulating right now and they don't have the 'killswitch' in them. I checked that several times. It looks, my Windows 7 Premium doesn't have this SMB features. I might be wrong, but it was mentioned on other places as well.
May 15, 20179 yr What's the Thai for 'serves you right'. Upgrade to Windows 10 was FREE, even to illegal copies of xp, 7 & 8, which most PCs in Thailand were running. I have even been in Bangkok Banks who are still running xp. Get Windows 10 Creators upgrade on all your PCs, it works fine, no problems with the software at all. Edited May 15, 20179 yr by wgdanson
May 15, 20179 yr 9 minutes ago, alocacoc said: I checked that several times. It looks, my Windows 7 Premium doesn't have this SMB features. I might be wrong, but it was mentioned on other places as well. Get rid of Windows 7 and install 10.
May 15, 20179 yr Get rid of Windows 7 and install 10.Nothing wrong with with Windows 7.Sent from my SM-G900F using Tapatalk
May 15, 20179 yr 3 hours ago, longtom said: What Thailand needs urgently is not a new cyber security bill but a couple of hundreds top IT specialists to check and upgrade all government systems and sites and which could give security advice for other vitally important systems (hospitals, traffic light management etc.). Bangkok Bank is still using xp.
May 15, 20179 yr Just now, alocacoc said: Nothing wrong with with Windows 7. Sent from my SM-G900F using Tapatalk Except that it is vulnerable to malware.
May 15, 20179 yr Except that it is vulnerable to malware.Not if the user regularly installs the updates which I do. Sent from my SM-G900F using Tapatalk
May 15, 20179 yr Just now, alocacoc said: Not if the user regularly installs the updates which I do. Sent from my SM-G900F using Tapatalk Why did you not upgrade for FREE to W10? And how old is the car you drive.......10 years?
May 15, 20179 yr 6 minutes ago, wgdanson said: What's the Thai for 'serves you right'. Upgrade to Windows 10 was FREE, even to illegal copies of xp, 7 & 8, which most PCs in Thailand were running. I have even been in Bangkok Banks who are still running xp. Get Windows 10 Creators upgrade on all your PCs, it works fine, no problems with the software at all. You never had the option to upgrade to 10 from XP.
May 15, 20179 yr Just now, wgdanson said: Why did you not upgrade for FREE to W10? And how old is the car you drive.......10 years? Why I should? Win7 runs fine on my notebook. May be not Win 10. Since win 7 is fully supported by MS, no reason to change. In the worst case I would have to buy a new Notebook, since my Samsung isn't the newest one. But again, everything runs very well.
May 15, 20179 yr Just now, chrisinth said: You never had the option to upgrade to 10 from XP. You can get a real version of W10 for less than Bht4000 = no problems.
May 15, 20179 yr Just now, alocacoc said: Why I should? Win7 runs fine on my notebook. May be not Win 10. Since win 7 is fully supported by MS, no reason to change. In the worst case I would have to buy a new Notebook, since my Samsung isn't the newest one. But again, everything runs very well. Try W10, you'll be surprised and SAFE.
May 15, 20179 yr Just now, wgdanson said: Try W10, you'll be surprised and SAFE. Might be. But I'm concerned about availability of drivers for my 4 Year old Samsung.
May 15, 20179 yr Just now, wgdanson said: You can get a real version of W10 for less than Bht4000 = no problems. Of course you can. But that wasn't the point of my post; you told people that you could upgrade for free from XP to 10, I said you couldn't, that's all.
May 15, 20179 yr 6 hours ago, fruitman said: I don't get it, does this virus only affect to windows XP systems? Or also to Win10? And does it also affect legal licensed update windows XP systems? If not than Thailand is sure in danger. Nobody should be running Windows XP. M$ dropped support for it long ago.
May 15, 20179 yr 2 minutes ago, alocacoc said: Might be. But I'm concerned about availability of drivers for my 4 Year old Samsung. I upgraded a 3 yr old Intel NUC, no driver problems at all. Working like a dream.And no malware.
Create an account or sign in to comment