[CRTech] Christian Radio Tech [MSG 79898]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
Re: The "Wannacry" ransomware attack
To: CRTech <crtech@crtech.org>, The BROADCAST eList <broadcast@radiolists.net>
Subject: Re: The "Wannacry" ransomware attack
From: Stu Engelke Lists <audiotoantenna@gmail.com>
Date: Sat, 20 May 2017 17:12:15 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=UDOn7TB97ImzMogCbzToQyICE58D6sfzWrKZN9LOXaY=; b=KKcDRdMBz3JG15Z7HVUTt6Ffn1iJ4FU/0Fyd6ev4zUo3EA502q+FbmALqZwz+0SrlI jJeIvDIHVnMOySeIsTQUh+t4wYy6Ad7SPafYrOkXgn4JTCTWzadbmeXQg7mMAitvlijg Q/ythFHbN9RFe9cG9aaYnksGZ0qXQvF5bkX4yfZZ+oxNGCiYgTDSF6lVbY9Lg2/bUxtt jxRNdhCFCkym9hzU1xlMctNmsppYJvC2ORRQsLSxFIbprgUkzMXomHiK5XEEQ6I8BQtt dY7sKRPgJdruPzxbZnPdjRFDwNHEI5P9Liug5vuBY3SJs2O+Emrk5/iT61JPhLnVapWp xblg==
In-reply-to: <CAOkhgWpEugYgB43sVPZcGpmmujQhpNTja3-roQ4NA3=FYR66RA@mail.gmail.com>
References: <CAOkhgWpEugYgB43sVPZcGpmmujQhpNTja3-roQ4NA3=FYR66RA@mail.gmail.com>

I read that if you get the Wanncry malware on your pc DON'T turn it off. Disconnect from the network as fast as you can.
They found that they can search memory (RAM) for the encryption key and decriypt. The utility looks for prime numbers in memory. If you turn it off that goes away.

FWIW.
Stu



On Mon, May 15, 2017 at 3:10 PM, Willie Barnett <wbradiolists@gmail.com> wrote:
When I discovered that MS has released a patch for XP systems, I immediately & successfully applied it to my home system! :) WHEW!!

Here is a link to the Microsoft page that makes a number of versions of their patch available...
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/




--
Stu Engelke
 
Follow-Ups: RE: The "Wannacry" ransomware attack
(Andy Lynch <andy@myitguys.us>, 22 May 2017 12:46:42 -0000)
References: The "Wannacry" ransomware attack
(Willie Barnett <wbradiolists@gmail.com>, 15 May 2017 19:11:04 -0000)
Prev by date: Re: Ntrogen Regulator
(Ed Trombley, 19 May 2017 19:03:15 -0000)
Next by date: RE: The "Wannacry" ransomware attack
(Andy Lynch, 22 May 2017 12:46:42 -0000)
Prev by thread: RE: The "Wannacry" ransomware attack
(Bill Hurne, 15 May 2017 21:26:16 -0000)
Next by thread: RE: The "Wannacry" ransomware attack
(Andy Lynch, 22 May 2017 12:46:42 -0000)
CRTech.org