webfact Posted May 15, 2017 Share Posted May 15, 2017 Wanna Cry ransomware hits the heart of Bangkok BY JONATHAN FAIRFIELD Wanna Cry in Bangkok. Image: @ALiCE6TY9 BANGKOK: -- Thailand’s government is urging users to beware of the dangerous ransomware dubbed Wanna Cry which has hit at least 200,000 victims in 150 countries worldwide. Prime Minister Prayuth on Saturday instructed the Ministry of Digital Economy and Society to closely monitor the situation and advise the public where necessary. Despite a report on Monday claiming the ransomware had yet to be detected in Thailand, pictures shared on Twitter on Sunday claimed the contrary. The pictures revealed that two digital advertising hoardings had become infected with the virus and rather than displaying the usual advertisements, instead showed a message from hackers as the Bangkok traffic passed by. Full story: http://tech.thaivisa.com/wanna-cry-ransomware-hits-the-heart-of-bangkok/21648/ -- © Copyright Thai Tech 2017-05-15 Link to comment Share on other sites More sharing options...
Bluespunk Posted May 15, 2017 Share Posted May 15, 2017 (edited) So much for the police protecting us... Edited May 15, 2017 by Bluespunk Link to comment Share on other sites More sharing options...
Cadbury Posted May 15, 2017 Share Posted May 15, 2017 It will make Thai Immigration wannacry if this ransomware gets into their system. Link to comment Share on other sites More sharing options...
anotheruser Posted May 15, 2017 Share Posted May 15, 2017 Somebody summon some outraged netizens to counter act this. Link to comment Share on other sites More sharing options...
lovelomsak Posted May 15, 2017 Share Posted May 15, 2017 40 minutes ago, webfact said: Despite a report on Monday claiming the ransomware had yet to be detected in Thailand, pictures shared on Twitter on Sunday claimed the contrary. I personally have;learned to not believe a thing any government reports states to the press. What ever is stated I always believe the opposite and it usually comes true. Link to comment Share on other sites More sharing options...
fruitman Posted May 15, 2017 Share Posted May 15, 2017 I don't get it, does this virus only affect to windows XP systems? Or also to Win10? And does it also affect legal licensed update windows XP systems? If not than Thailand is sure in danger. Link to comment Share on other sites More sharing options...
lopburi3 Posted May 15, 2017 Share Posted May 15, 2017 Windows 10 was protected a few weeks ago if updates were installed but XP was not being updated so unless the recent emergency update installed it was open game. Thankfully someone had built in a kill switch into the software, which was activated, or this would have been many, many times worse. The problem these days is use of bitcoin type payment now makes it very attractive to a huge number of get rich quick types (well beyond geeks) so expect much more of this type activity, unless steps are taken to control payment systems. Make image backups and keep detached from computer seems to be a good idea now - unfortunately Windows 10 tried to prevent us doing that so it is not an easy task for people to follow through on. Link to comment Share on other sites More sharing options...
samtam Posted May 15, 2017 Share Posted May 15, 2017 I didn't "upgrade" to Windows 10, so I'm still using Windows 7. Don't think their patch covered W7, but not sure. Link to comment Share on other sites More sharing options...
lopburi3 Posted May 15, 2017 Share Posted May 15, 2017 (edited) Believe 7-10 were patched prior to this issue but XT had not been (or not installed by many as not normally updated now). But a patch does not rule out getting hit by another version prior to a new patch so best to have secured image backup available just in case - at least you would be able to get most of your data restored (up to last backup) and a lost less need to wanna cry. This has become big business with the ability to extract ransom money so expect we can expect a lot more attacks. Edited May 15, 2017 by lopburi3 Link to comment Share on other sites More sharing options...
longtom Posted May 15, 2017 Share Posted May 15, 2017 What Thailand needs urgently is not a new cyber security bill but a couple of hundreds top IT specialists to check and upgrade all government systems and sites and which could give security advice for other vitally important systems (hospitals, traffic light management etc.). Link to comment Share on other sites More sharing options...
JHolmesJr Posted May 15, 2017 Share Posted May 15, 2017 wanna cry…they even named it for thailand. Link to comment Share on other sites More sharing options...
alocacoc Posted May 15, 2017 Share Posted May 15, 2017 Payments gain momentum. Now about 42000 USD. Link to comment Share on other sites More sharing options...
DLang Posted May 15, 2017 Share Posted May 15, 2017 Nasty foreigners. Time to turn off all the internets that are not based in Thailand by Thais. Preferably the government as they will protect us. Link to comment Share on other sites More sharing options...
ukrules Posted May 15, 2017 Share Posted May 15, 2017 2 hours ago, samtam said: I didn't "upgrade" to Windows 10, so I'm still using Windows 7. Don't think their patch covered W7, but not sure. To prevent a WannaCry / WannaCryptor infection on windows 7 you need to disable something called SMB, I've included instructions to disable SMBv1, SMBv2 and SMBv3 on Windows 7 in this post. Note - there are different commands for other versions of windows - see the link at the end. Doing the following on a Windows 7 installation will stop it : Open a command prompt by clicking the 'round start menu button' then enter 'cmd' in the box at the bottom and press enter. Copy and paste the following 4 separate lines one by one into the black command prompt window that pops up. sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsisc.exe config mrxsmb10 start= disabled sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi sc.exe config mrxsmb20 start= disabled After each line there will be a confirmation that it worked on the screen. you must reboot the computer for this to become live and then you won't become infected with this particular variant of malware. The above information comes from : https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012 Also note that if you're on a corporate network that uses SMB for whatever reason then it might not be such a great idea to do this, speak to the systems administrator but for home users it's just fine. There are new variants of this malware circulating right now and they don't have the 'killswitch' in them. Link to comment Share on other sites More sharing options...
alocacoc Posted May 15, 2017 Share Posted May 15, 2017 1 hour ago, ukrules said: To prevent a WannaCry / WannaCryptor infection on windows 7 you need to disable something called SMB, I've included instructions to disable SMBv1, SMBv2 and SMBv3 on Windows 7 in this post. Note - there are different commands for other versions of windows - see the link at the end. Doing the following on a Windows 7 installation will stop it : Open a command prompt by clicking the 'round start menu button' then enter 'cmd' in the box at the bottom and press enter. Copy and paste the following 4 separate lines one by one into the black command prompt window that pops up. sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsisc.exe config mrxsmb10 start= disabled sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi sc.exe config mrxsmb20 start= disabled After each line there will be a confirmation that it worked on the screen. you must reboot the computer for this to become live and then you won't become infected with this particular variant of malware. The above information comes from : https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012 Also note that if you're on a corporate network that uses SMB for whatever reason then it might not be such a great idea to do this, speak to the systems administrator but for home users it's just fine. There are new variants of this malware circulating right now and they don't have the 'killswitch' in them. I checked that several times. It looks, my Windows 7 Premium doesn't have this SMB features. I might be wrong, but it was mentioned on other places as well. Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 (edited) What's the Thai for 'serves you right'. Upgrade to Windows 10 was FREE, even to illegal copies of xp, 7 & 8, which most PCs in Thailand were running. I have even been in Bangkok Banks who are still running xp. Get Windows 10 Creators upgrade on all your PCs, it works fine, no problems with the software at all. Edited May 15, 2017 by wgdanson Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 9 minutes ago, alocacoc said: I checked that several times. It looks, my Windows 7 Premium doesn't have this SMB features. I might be wrong, but it was mentioned on other places as well. Get rid of Windows 7 and install 10. Link to comment Share on other sites More sharing options...
alocacoc Posted May 15, 2017 Share Posted May 15, 2017 Get rid of Windows 7 and install 10.Nothing wrong with with Windows 7.Sent from my SM-G900F using Tapatalk Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 3 hours ago, longtom said: What Thailand needs urgently is not a new cyber security bill but a couple of hundreds top IT specialists to check and upgrade all government systems and sites and which could give security advice for other vitally important systems (hospitals, traffic light management etc.). Bangkok Bank is still using xp. Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 Just now, alocacoc said: Nothing wrong with with Windows 7. Sent from my SM-G900F using Tapatalk Except that it is vulnerable to malware. Link to comment Share on other sites More sharing options...
alocacoc Posted May 15, 2017 Share Posted May 15, 2017 Except that it is vulnerable to malware.Not if the user regularly installs the updates which I do. Sent from my SM-G900F using Tapatalk Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 Just now, alocacoc said: Not if the user regularly installs the updates which I do. Sent from my SM-G900F using Tapatalk Why did you not upgrade for FREE to W10? And how old is the car you drive.......10 years? Link to comment Share on other sites More sharing options...
chrisinth Posted May 15, 2017 Share Posted May 15, 2017 6 minutes ago, wgdanson said: What's the Thai for 'serves you right'. Upgrade to Windows 10 was FREE, even to illegal copies of xp, 7 & 8, which most PCs in Thailand were running. I have even been in Bangkok Banks who are still running xp. Get Windows 10 Creators upgrade on all your PCs, it works fine, no problems with the software at all. You never had the option to upgrade to 10 from XP. Link to comment Share on other sites More sharing options...
alocacoc Posted May 15, 2017 Share Posted May 15, 2017 Just now, wgdanson said: Why did you not upgrade for FREE to W10? And how old is the car you drive.......10 years? Why I should? Win7 runs fine on my notebook. May be not Win 10. Since win 7 is fully supported by MS, no reason to change. In the worst case I would have to buy a new Notebook, since my Samsung isn't the newest one. But again, everything runs very well. Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 Just now, chrisinth said: You never had the option to upgrade to 10 from XP. You can get a real version of W10 for less than Bht4000 = no problems. Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 Just now, alocacoc said: Why I should? Win7 runs fine on my notebook. May be not Win 10. Since win 7 is fully supported by MS, no reason to change. In the worst case I would have to buy a new Notebook, since my Samsung isn't the newest one. But again, everything runs very well. Try W10, you'll be surprised and SAFE. Link to comment Share on other sites More sharing options...
alocacoc Posted May 15, 2017 Share Posted May 15, 2017 Just now, wgdanson said: Try W10, you'll be surprised and SAFE. Might be. But I'm concerned about availability of drivers for my 4 Year old Samsung. Link to comment Share on other sites More sharing options...
chrisinth Posted May 15, 2017 Share Posted May 15, 2017 Just now, wgdanson said: You can get a real version of W10 for less than Bht4000 = no problems. Of course you can. But that wasn't the point of my post; you told people that you could upgrade for free from XP to 10, I said you couldn't, that's all. Link to comment Share on other sites More sharing options...
Gumballl Posted May 15, 2017 Share Posted May 15, 2017 6 hours ago, fruitman said: I don't get it, does this virus only affect to windows XP systems? Or also to Win10? And does it also affect legal licensed update windows XP systems? If not than Thailand is sure in danger. Nobody should be running Windows XP. M$ dropped support for it long ago. Link to comment Share on other sites More sharing options...
wgdanson Posted May 15, 2017 Share Posted May 15, 2017 2 minutes ago, alocacoc said: Might be. But I'm concerned about availability of drivers for my 4 Year old Samsung. I upgraded a 3 yr old Intel NUC, no driver problems at all. Working like a dream.And no malware. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now