Wednesday, June 28, 2017

Introduce New Virus Ransomware WannaCry - Recently Indonesia is overwhelmed with the news of a virus that has spread in various countries including Indonesia. The news of this virus was first appealed by the government of the Ministry of Communications and Informatics Indonesia (KOMINFO) through Press Release NO. 55 / HM / KOMINFO / 05/2017. This appeal to the public to take precautions against the threat of malware especially Ransomware type WannaCry.

What is Wansomware virus?
Wansomware virus is a virus that performs the action of encryption (change and lock) to the data / files in the computer and some information mentioned that this virus can also attack the smartphone and server. The main purpose of this Wansomware virus is to request a copy to the victim in the form of money with transfer / victim data mode is locked and threatened to the victim's data safety. This virus belongs to a group of malware or malicious software that the technique of spreading through the Internet network and emerged since 2005.

Langkah Alur Cara Kerja Virus Ransomware

Figure 1. Flow Step How Ransomware Virus Works

Ransomware virus is spread through internet networks such as social media and websites / websites. This virus will try to access the victim's computer and take over by modifying / destroying some programs and registry that eventually locks all keyboard key functions besides the number keys. Furthermore, the virus will start accessing data / files within the computer and perform the encryption process that is changing the data / files so that it is locked / inaccessible. In the encryption process there will be a description code that serves to open the data / file is locked earlier. This description code is sold by the Wansomware virus to the victim. On the computer screen will be a message stating the victim has done something (eg accessing pornographic content) or a message that the data / file is locked. To open / access the data / file, the victim is asked to pay to the perpetrator.

Read Also:
Recognize Symptoms and 5 WaysCry Ransomware Virus Prevention Steps

What about WannaCry?
Since 2005, Ransomware virus continues to be spread by owners or actors in various countries. In addition, this virus continues to be developed by the perpetrator and recently has mumcul the latest development of Ransomware virus is WannaCry. WannaCry generally has the same way of working with the Ransomware virus, but there are some things that are focused on this latest type of virus. WannaCry is focused on attacking users of Microsoft Windows operating systems such as Windows XP, Windows 7, Windows 8, and Windows 10. WannaCry does an attack on the Windows operating system through the SMB function.

SMB merpakan stands for Server Message Block which allows users to various files (file sharing) with other users through the network. The SMB function or protocol is used by Microsoft Windows and iOS as well as Linux. However, for Linux has another addition that is SAMBA. The concept of this SMB provides a service or feature that allows one user A to grant user B access rights to user A files. The permissions allow user B to view, modify, and delete files in user A.

Gambar 2. Tampilan Pesan Virus WannaCry (Sumber : KOMINFO)
Figure 2. WannaCry Virus Message View (Source: KOMINFO)

If WannaCry succeeds in accessing the computer, it will display a message saying that the victim's data / file has been locked and must make a payment of some money to open it. Based on information KOMINFO, nominal ransom requested by the perpetrator of 300 US dollars in the form of Bitcoin. Bitcoin is a type of currency to transact online. In addition, the offender also determines the time of payment and the data will be damaged or not guaranteed safety if payment exceeds the specified time.

WannaCry is a type of malware from Ransomware virus that attacks the computer through the function of SMB with the media spread through the Internet network

Source by Zonacerdas.

Best Sellers

Introduce New Virus Ransomware WannaCry
4/ 5