A Sky, cable and digital tv forum. Digital TV Banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Digital TV Banter forum » Digital TV Newsgroups » uk.tech.digital-tv (Digital TV - General)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.tech.digital-tv (Digital TV - General) (uk.tech.digital-tv) Discussion of all matters technical in origin related to the reception of digital television transmissions, be they via satellite, terrestrial or cable. Advertising is forbidden, with no exceptions.

So anyone get hacked then?



 
 
Thread Tools Display Modes
  #1  
Old May 13th 17, 08:34 AM posted to uk.tech.digital-tv
Brian Gaff
external usenet poster
 
Posts: 6,505
Default So anyone get hacked then?

Be funny if the bbeb did?

I have been reading about this.
It seems in order to get the code you have to either open a file attached
to an email or click a link on an email. If its not caught and if the
machine is running anything from vista sp2 to the latest build of wiindows10
and their server derivatives, and you have not installed a critical update
sent out recently, then the code exploits a bug in the network code and
spreads to every drive and machine it can get at regardless of permissions.
However it only encrypts certain file extensions, about 20 we know about so
far, adding an extension to them as well to identify them. Thus the machine
will run, but a message is displayed asking for 300 Eu in bitcoins with
instructions on how to pay.
In five days the amount is doubled.
It also sends out emails to people in any address books with the malicious
code and will only stop this activity if it can see a given domain name has
been created. This allows the creator to suspend the spread remotely
without any kind of access to the infected machines.

There are rumours about that the actual code to exploit the networks was
actually discovered by the NSA in the US and they kept quiet about it, but
some mole pinched it and has used it by posting details online a couple of
months back. the Microsoft folk put out a patch but it seems many people
have been lax in applying it making any machine on a network the vector into
infection of all machines.
Its interesting to note that from people I've spoken to running end of life
xp machines, nobody seems to have actually got this code. Maybe they are
just careful with their emails?

I've scanned all my machines looking for the .txt file it drops, but none of
them has it.

I think this shows that really anti virus and spyware software is only good
if people are not stupid, and in many cases, they cannot protect against
something they do not know about.
It is obviously naive to expect everyone to have patched their machines
with the windows updates.
Brian

--
----- -
This newsgroup posting comes to you directly from...
The Sofa of Brian Gaff...

Blind user, so no pictures please!


  #2  
Old May 13th 17, 09:52 AM posted to uk.tech.digital-tv
Ian Jackson[_7_]
external usenet poster
 
Posts: 17
Default So anyone get hacked then?

In message , Brian Gaff
writes





I think this shows that really anti virus and spyware software is only good
if people are not stupid, and in many cases, they cannot protect against
something they do not know about.
It is obviously naive to expect everyone to have patched their machines
with the windows updates.


I wonder if it is just coincidence that the XP update server went AWOL
about a week ago, and hasn't reappeared?


--
Ian
  #3  
Old May 13th 17, 11:01 AM posted to uk.tech.digital-tv
Roderick Stewart[_3_]
external usenet poster
 
Posts: 1,964
Default So anyone get hacked then?

On Sat, 13 May 2017 09:34:20 +0100, "Brian Gaff"
wrote:

Be funny if the bbeb did?

I have been reading about this.

[snip thorough description of recent NHS ransomware attack]

So have I. There's a lot of detail, and not all of the journalists
writing about it seem to understand it fully (no surprise there), but
as far as I can gather if you're using Windows 10 with all its
patches up to date (or not Windows at all), then you're probably safe.
Naturally you should also have antivirus software running, and have
changed the default file properties in Windows so as not to hide file
extensions, and exercise a bit of common sense about what files you
open. If you're an NHS hospital running Windows XP, all bets are off.

Rod.
  #4  
Old May 13th 17, 11:44 AM posted to uk.tech.digital-tv
Roderick Stewart[_3_]
external usenet poster
 
Posts: 1,964
Default So anyone get hacked then?

On Sat, 13 May 2017 12:01:36 +0100, Roderick Stewart
wrote:

Be funny if the bbeb did?

I have been reading about this.

[snip thorough description of recent NHS ransomware attack]

So have I. There's a lot of detail, and not all of the journalists
writing about it seem to understand it fully (no surprise there), but
as far as I can gather if you're using Windows 10 with all its
patches up to date (or not Windows at all), then you're probably safe.
Naturally you should also have antivirus software running, and have
changed the default file properties in Windows so as not to hide file
extensions, and exercise a bit of common sense about what files you
open. If you're an NHS hospital running Windows XP, all bets are off.

Rod.


Excuse me replying to my own message, but let's call it a postscript,
as I've found an interesting bit of further info about it here-

http://www.thedailybeast.com/article...down-hospitals

The relevant passage is this-

[start quote]
If there’s a bit of hope, it comes from a curious feature in the
attack code that was first noted on Friday by Darien Huss, a security
researcher at Proofpoint. It turns out that upon infecting a new
target, WannaCry tries to contact a server at a particular domain
name— a dot-com address consisting of a long string of gobbledygook
letters and numbers ending in “gwea.com”.

If it’s not able to reach that address, WannaCry begins its dirty work
of taking files hostage and looking for places to spread. But if it is
able to connect, it shuts itself down immediately. The mechanism was
likely coded by the malware’s creator as an emergency stop button, in
case the worm began behaving in unexpected ways.

The hacker, though, didn’t register the gwea.com domain name. On
Friday morning, a 22-year-old UK security researcher known online as
MalwareTech noticed the address in WannaCry’s code and found that it
was still available. “I saw it wasn’t registered and thought, ‘I think
I’ll have that,’” he says. He purchased it at NameCheap.com for
$10.69, and pointed it at a “sinkhole” server in Los Angeles, hoping
to gather information on the malware. “Immediately we saw 5 or 6
thousand connections a second.”
[end quote]

It's almost like a Doctor Who plot. Somebody has saved the world (or
what's left of it) for ten dollars, just by typing a bit of code. :-)

But as the article goes on to say, that's not the end of it, only a
stopgap. If the programmers of the malware get wind of this, they'll
only have to alter the code slightly and release it again. The moral
is clear; make sure your operating system and antivirus software are
up to date, particularly if you're a large organisation handling lots
of other people's personal data.

Rod.
  #5  
Old May 13th 17, 11:53 AM posted to uk.tech.digital-tv
Mike Tomlinson[_2_]
external usenet poster
 
Posts: 324
Default So anyone get hacked then?

En el artículo , Ian Jackson
escribió:

I wonder if it is just coincidence that the XP update server went AWOL
about a week ago, and hasn't reappeared?


M$ has released an XP patch for the latest hack.

--
(\_/)
(='.'=) "Between two evils, I always pick
(")_(") the one I never tried before." - Mae West
  #6  
Old May 13th 17, 12:01 PM posted to uk.tech.digital-tv
Ian Jackson[_7_]
external usenet poster
 
Posts: 17
Default So anyone get hacked then?

In message , Mike Tomlinson
writes
En el artículo , Ian Jackson
escribió:

I wonder if it is just coincidence that the XP update server went AWOL
about a week ago, and hasn't reappeared?


M$ has released an XP patch for the latest hack.

But the update server is AWOL (and has been for several days).
--
Ian
  #7  
Old May 13th 17, 12:53 PM posted to uk.tech.digital-tv
AnthonyL
external usenet poster
 
Posts: 148
Default So anyone get hacked then?

On Sat, 13 May 2017 10:52:15 +0100, Ian Jackson
wrote:

In message , Brian Gaff
writes





I think this shows that really anti virus and spyware software is only good
if people are not stupid, and in many cases, they cannot protect against
something they do not know about.
It is obviously naive to expect everyone to have patched their machines
with the windows updates.


I wonder if it is just coincidence that the XP update server went AWOL
about a week ago, and hasn't reappeared?


I'm just installing the XP patch as I write:

http://download.windowsupdate.com/d/...14fa6ee9dd.exe

--
AnthonyL
  #8  
Old May 13th 17, 01:17 PM posted to uk.tech.digital-tv
Andy Burns[_12_]
external usenet poster
 
Posts: 237
Default So anyone get hacked then?

Ian Jackson wrote:

But the update server is AWOL (and has been for several days).


AWOL when viewed in IE8 from an XP machine?

Or just redirects to a different web page if viewed with a different
browser/operating system combination?


  #9  
Old May 13th 17, 04:27 PM posted to uk.tech.digital-tv
Graham.[_12_]
external usenet poster
 
Posts: 363
Default So anyone get hacked then?

On Sat, 13 May 2017 12:44:41 +0100, Roderick Stewart
wrote:

On Sat, 13 May 2017 12:01:36 +0100, Roderick Stewart
wrote:

Be funny if the bbeb did?

I have been reading about this.

[snip thorough description of recent NHS ransomware attack]

So have I. There's a lot of detail, and not all of the journalists
writing about it seem to understand it fully (no surprise there), but
as far as I can gather if you're using Windows 10 with all its
patches up to date (or not Windows at all), then you're probably safe.
Naturally you should also have antivirus software running, and have
changed the default file properties in Windows so as not to hide file
extensions, and exercise a bit of common sense about what files you
open. If you're an NHS hospital running Windows XP, all bets are off.

Rod.


Excuse me replying to my own message, but let's call it a postscript,
as I've found an interesting bit of further info about it here-

http://www.thedailybeast.com/article...down-hospitals

The relevant passage is this-

[start quote]
If there’s a bit of hope, it comes from a curious feature in the
attack code that was first noted on Friday by Darien Huss, a security
researcher at Proofpoint. It turns out that upon infecting a new
target, WannaCry tries to contact a server at a particular domain
name— a dot-com address consisting of a long string of gobbledygook
letters and numbers ending in “gwea.com”.


iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com

actually
--

Graham.
%Profound_observation%
  #10  
Old May 13th 17, 04:35 PM posted to uk.tech.digital-tv
Andy Burns[_12_]
external usenet poster
 
Posts: 237
Default So anyone get hacked then?

Ian Jackson wrote:

If you try to access the website using Firefox, it takes you to W10
stuff. [I think you always did need IE (in recent times IE8) get to the
normal updates site.]


Yes you always needed IE for the site to actually deliver updates on an
XP machine, because it uses activeX. But I've seen elsewhere people
claiming it is down, merely because they see the non-IE/non-XP
redirection taking place
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 04:13 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.Search Engine Optimization by vBSEO 2.4.0
Copyright ©2004-2017 Digital TV Banter.
The comments are property of their posters.