Sihai network

How to prevent the outbreak of new blackmail virus?

4hw.org: according to foreign media recently, a new round of blackmail computer virus is rampant in some European countries, including banks, airports and other large enterprises. At present, the source of the virus has not been determined. It is said that the attack ability of this round of super virus is no less than that of blackmail virus in May. So in the face of such a powerful virus, what precautions should we make in advance?

As soon as wanna cry left, Petya came (the local area network can also spread more exaggeratedly). This virus is currently breaking out in the world, among which Ukraine and Russia are the most seriously affected.

After the analysis of Petya by a technology magnate, it is found that the new blackmail virus still uses the "eternal blue" vulnerability, which is the main reason why it can spread as fast as wanna cry.

In addition, it should be noted that Petya virus will modify the MBR boot sector of the system. When the computer is restarted, the virus code will take over the computer before the windows operating system and perform malicious operations such as encryption.

Compared with wanna cry, this time Petya blackmailed the virus more ruthlessly, and it can also spread in the non network LAN. Of course, hackers wanted to blackmail more money, but what broke them was that they only received 29 ransoms, worth 7497 US dollars (about 51000 yuan).

Considering the scope of blackmail virus, the hacker Petya is afraid to spit out blood.

For such extortion, experts warn that even if you pay the ransom, you may not get back the locked documents. After all, the attacker is not a good person. At the same time, the funds may also help hackers launch the next round of attacks.

The funniest thing is that users who pay the extortion fee are tasked with Petya's ransom payment system. This article is compiled by sihai.com.cn and reprinted with the source. The original link: http://www.4hw.com.cn/life/

So how to prevent the new blackmail virus?

First of all, there are some ports in the system that we can't use at ordinary times, but there are dangerous ports, such as 139, 135, 445 and so on. Windows is on by default. At this time, we can manually close these ports! Next, I will introduce a way to close all dangerous ports that we want to close at one time through windows group strategy!

Secondly, generally, the computer has a security protection software, which can detect and intercept the virus in time when it is automatically downloaded. This is the best way to install a Kingsoft poison bully, 360, or Tencent computer steward on the computer.

Then open the anti-virus software home page -- real-time protection function, you can see that there are many heavy protections here, including download protection items, which can avoid automatic or manual download to viruses. This article is compiled by sihai.com.cn and reprinted with the source. The original link: http://www.4hw.com.cn/life/

1. If we get this virus, the computer will be forced to lock. In this case, we can enter the computer system through the PE system stored on the U disk or computer CD. 2. After entering the PE system, we can export the files we want, and then directly reinstall the system to solve the problem of computer poisoning. 3. In addition, we can download them again directly Computer anti-virus software, such as Tencent computer housekeeper, and then use its virus killing function to clean and kill the Trojan virus in the computer.