Ransomware

Can I protect my Windows XP computer from WannaCry?

WannaCry

Episode 1393

Lynn from Thousand Oaks, CA

Image: SecureList / AO Kaspersky Lab

Mary has an old XP computer and she's worried about getting the WannaCry virus. Can she get a patch to protect herself? Leo says that Microsoft has ended life for Windows XP, but did make a patch for it and she can go into Updates and get it. But according to Leo, 98% of infected computers with WannaCry are Windows 7 computers. So XP isn't even on the radar. It doesn't hurt to be safe, though.

WannaCry Ransomware Has a Possible Solution

Encryption

Episode 1391

WannaCry is ransomware that can lock up your data unless you pay the hacker who created it. WannaKiwi, however, finds the crypto key in your PCs RAM to undo the damage. It only seems to work about a third of the time, however. That's why Leo says to make sure you don't get it by altering your behavior, and by making sure you have current backups of your data should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse getting installed.

WannaCry Ransomware Mostly Affected Windows 7

WannaCry

Episode 1388

Last weekend, the WannaCry Ransomware bit several hundred thousand computer systems, including sixteen hospitals in the UK. The ransomware infected the systems and encrypted all data. The reason this one was really bad is that it was a "worm," or a "network aware virus" that would spread out over the local area network to find other computers to infect, and bring the whole establishment to its knees.

Have I been bit by ransomware?

Google Chrome

Episode 1389

Grover from California

Grover has a popup that says to call Microsoft Support. Has he been bit by ransomware? Leo says no, probably not. It's a phishing attack, but it's to try and get him to call in and then they charge him and access his computer. It's Scareware, really. He can ignore it, but it keeps popping up and he has to reboot his system to get rid of it. He even replaced the hard drive, but it didn't help.

WannaCry is the Latest Phishing Ransomware Attack

WannaCry

Episode 1389

The latest ransomware attack is called WannaCry and it's spreading via phishing email attacks. The ransomware not only encrypts your data — it also has a built-in kill switch on websites. Security researchers may have crafted a fix to it, but there's a catch. The encryption is done using Microsoft's bit locker, and the fix is to take advantage of a flaw in the cryptographic memory that keeps the keys in RAM so it can harvest them and unlock your data.

How can I get out of ransomeware?

Episode 1368

Scott from Los Angeles, CA

Scott got bit by ransomware on all his work computers. Since the data is backed up, the course of action is to wipe the drives, reinstall the OS, and restore from the backup. Always keep yourself backed up and updated to prevent things like this from happening.

Here's what you can do to protect yourself:

1. Keep all software and OS updated on your machine.
2. Run as a limited user. NEVER an Admin.
3. Do not click on links from strangers. Do not accept unexpected attachments.

Ransomware Attack Targets Hotel Door Locks

Episode 1359

Ransomware has always been a terrible plague of the internet, where bad guys inject software into your computer through phishing emails. They usually trick you by saying it's from your bank, the IRS, or even your boss asking you to open something. When you do that, it's an application that runs and scrambles all of your data and asks you to give them money to get the data back.

Has my Mac been infected with ransomware?

Episode 1276

Victoria from Corvales, OR

Victoria has an 09 iMac that runs El Capitan, but she got bit by ransomware. Leo says that's odd because the only ransomware is called "Transmission" and it's been eradicated after only being out in the wild for a day through Bittorrent. She gets a pop up that says "your computer is infected," though. Leo says that doesn't mean she has ransomware. It's actually a phishing scam trying to get her to install malware. And she can't get infected by it anyway. What it does mean is that the website is infected and she should avoid it.

Do I need an antivirus?

Episode 1273

Harold from Santa Rosa, CA

Harold's subscription of Eset Nod 32 is up. Should he renew? Leo says that the world has changed and that's why he doesn't take advertisers for antivirus software anymore. If Harold is running Windows 7-10, or running OS X in Mac, then he doesn't need an antivirus. Windows users have Microsoft Defender (formerly Security Essentials) and nobody really writes viruses for OS X, as Apple has a silent malware detector. There's ransomware that he can get bit by still, though. That's an encryption issue though, and Apple has a malware detector to prohibit that.