The largest cyber attack in the world: Ukraine came under attack

Large-scale hacker attack brought down tens of thousands of computers around the world, criminals to extort $ 300 in bitcoin to unlock the data. This was stated on Twitter, one of the experts on cyber security from Avast Jakub Krostek, betrays TV channel “112 Ukraine”.

According to him, attacked at least 57 thousand computers are infected with the application cryptographer WannaCry or its variations. This virus encrypts information on the computer and demands to pay a ransom of $ 300. bitcoin for the decryption.

57,000 detections of #WannaCry (aka #WanaCypt0r aka #WCry) #ransomware by Avast today. More details in blog post:

— Jakub Kroustek (@JakubKroustek) 12 may 2017

“According to our data, the cyber criminals mainly focused on Russia, Ukraine and Taiwan, but the viruses also succumbed to hospitals throughout England and the Spanish telecommunications company “Telefonica”, – said Krostek.

The company urged all Windows users to completely update their systems with the latest patches. “Avast detects all known versions WannaCry… We will continue to monitor this outbreak,” summed up Krostek.

Note, currently there is no information about who might be behind this attack, whether it is centralized or carried out by different groups.

In addition, the network has already appeared tips from experts on how to protect themselves from the virus Wana Decrypt0r.

“If you work on Windows — you are at potential risk. But do not panic and do not try to restart the computer! Better save your important data to an external drive or to the cloud, as long as it works. And go to rest. If you then find that your computer is still infected, you just reinstall the system and restore the data from backup,” reads one of the messages.

Also one of the bloggers is an excerpt from the forum of Kaspersky Lab.

Recommendations for treatment:

— Make sure you have enabled security solutions.
— Install the official patch (MS17-010) from Microsoft that closes the vulnerability in SMB server used in this attack.
— Make sure that the products “Kaspersky Lab” included component “Monitoring system”.
— Check the whole system. Detecting malicious attack as MEM: Trojan.Win64.EquationDrug.gen, reboot the system. Again make sure you have the hotfix MS17-010.