Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.
“El día martes un nuevo ataque de ransomware dejó en evidencia que sigue habiendo sistemas desactualizados, falta de soluciones de seguridad y de planes necesarios para evitar una infección. Los ataques continúan creciendo y evolucionando, por lo que desde Eset seguimos apostando a que la prevención y la concientización son claves para evitar ser víctimas.”, aseguró Camilo Gutierrez, jefe del Laboratorio de Eset Latinoamérica
Con el fin de despejar todas las dudas en torno a este nuevo ataque global, la compañía comparte el siguiente cuestionario:
¿Cuáles son las características de este ransomware?
Se destacan tres aspectos que lo diferencian:
Cifrado: no solo cifra los archivos con una extensión determinada, sino que además intenta cifrar, generalmente con éxito, el MBR (Master Boot Record), que es el registro principal de arranque.
Propagación: tiene la propiedad de un gusano, o sea, puede propagarse a través de diferentes técnicas por la red logrando infectar nuevos equipos.
Exploit: hace uso de ellos para explotar vulnerabilidades en equipos que no han sido actualizados o no se les han instalado los parches correspondientes.
¿Es igual de poderoso que WannaCryptor?
Ambos tienen el mismo impacto: impiden el acceso a la información almacenada en el sistema. Sin embargo, este nuevo ataque no solo cifra la información que se encuentra en los equipos, sino que, luego de que se reinicia el sistema, deja inutilizable al sistema operativo, por lo que las víctimas se ven obligadas a realizar una reinstalación.
¿Qué es lo que hace exactamente esta amenaza?
Luego de que el ransomware es ejecutado, crea una tarea programada con el fin de reiniciar el equipo en un determinado tiempo, que no suele ser más de sesenta minutos. Además, verifica si existen carpetas o discos compartidos para propagarse.
A continuación, comienza a cifrar archivos que contengan una determinada extensión. A diferencia de la mayoría del ransomware, este código malicioso no cambia o agrega una extensión particular luego de cifrar cada archivo, una técnica muy utilizada por los atacantes para distinguir a los archivos infectados.
Por último, el malware intentará eliminar los registros de eventos para no dejar rastro alguno, como también ocultar sus acciones.
¿Cómo se propaga de un país a otro? ¿Llegó a Latinoamérica?
La propagación es una característica destacable de esta amenaza. Una vez que logra infectar un equipo, intenta extraer las credenciales del usuario para luego usarlas con PsExec y WMIC para realizar una búsqueda de carpetas y discos compartidos, y así propagarse por la red a la cual el equipo esté conectado. De esta manera, logra infectar equipos situados en distintos países y regiones.
Sí, llegó a Latinoamérica, en la mayoría de los casos a equipos de empresas multinacionales conectados en red con los de otras filiales en Europa o Asia, desde las cuales se propagó con su capacidad de gusano.
¿Qué se puede hacer para evitarlo?
Tanto en hogares como en empresas, contar con una solución antivirus es imprescindible. La misma tiene que estar correctamente configurada, contemplar qué puertos están abiertos y por qué.
Además, la red debe estar configurada y segmentada correctamente, y monitorear constantemente el tráfico para detectar algún tipo de comportamiento fuera de lo normal. Es esencial realizar un estudio detallado de la información más relevante y hacer backup de la misma, para que, en caso de que se cifre, haya una forma de restaurarla.
En cuanto a las contraseñas, es primordial llevar una buena gestión de las mismas, ya que si tan solo una de las máquinas infectadas posee las credenciales de administrador, podría infectar toda la red.
Si estoy infectado y no puedo acceder al sistema, ¿cómo tendría que avanzar?
Se podrían utilizar técnicas forenses para intentar correr en memoria otro sistema operativo y de esta forma acceder a los archivos cifrados. Sin embargo, no hay mucho que se pueda hacer más que aplicar el backup, lo cual sería crucial para evitar la reinstalación del sistema operativo.
En última instancia, si no hay backup, los cibercriminales siempre ofrecerán la opción extorsiva, pero desde ESET no sugerimos de pagar el rescate ya que mientras siga siendo rentable, el ransomware continuará creciendo.
¿Cómo están operando los atacantes? ¿Esperan un pago a cambio?
El proceso para recuperar la información es el mismo al que nos tiene acostumbrado este tipo de ataques. Una vez finalizada la infección, el ransomware emite las instrucciones, en donde los atacantes solicitan un pago en bitcoins, en este caso, equivalente a 300 dólares.
Pie de imagen: Aviso de que el equipo ha sido infectado.
¿Por qué se ha vuelto tan común el secuestro de datos?
Dentro de los puntos destacables se encuentran la falta de concientización y educación a nivel seguridad que tienen muchos usuarios y empresas. Una gran parte todavía no conoce el impacto que puede tener en un modelo de negocio un ciberataque hasta que es víctima y se ve obligada a pagar para recuperar su información.
Ante esta cuestión, a pesar de la velocidad con que circulan las noticias sobre ataques informáticos y los problemas que generan, los cibercriminales encuentran una motivación importante para continuar desarrollando nuevas amenazas.
¿El ataque está armado por una persona o un grupo? ¿Se necesitan conocimientos técnicos altos?
Resulta difícil pensar que una sola persona puede estar detrás de este ataque, ya que es una amenaza que incorpora varias técnicas en cuanto a exploits, propagación, y cifrado, así como para evadir medidas de seguridad. Sin embargo, no podemos asegurar cuántas son las personas involucradas en el desarrollo de un ataque de tal magnitud.
¿Se puede dar con los autores del ataque?
No por ahora. A diferencia de una botnet, por ejemplo, no hay un Centro de Comando y Control al que se conecte la amenaza como para rastrearlo y dar con los autores; y de usarlo, seguramente sería un servidor ajeno al cual atacaron para tomar el control y accederían desde TOR, logrando anonimidad. Por otro lado, el pago del rescate se hace en bitcoins y, por las características de esta criptomoneda, se hace prácticamente imposible rastrear su destino final.
Para más información ingrese al portal de noticias de ESET llamado WeLiveSecurity en: https://www.welivesecurity.com/la-es/2017/06/29/todo-sobre-nuevo-ataque-de-ransomware/
Los usuarios del software de Bentley pueden presentar sus proyectos en el programa de los Premios Year in Infrastructure, independientemente de la fase en la que se encuentre el proyecto.
La IA está siendo aprovechada por la industria de viaje como una oportunidad para atender a sus clientes de una forma más personalizada y más económica.
La tecnología de drones y la automatización están impulsando una nueva era en la industria minera. Desde la exploración autónoma hasta la optimización de la
She is the cousin of Qin Hu s cousin. As soon as Qin Hu dies, the huge family property of the Champion House will naturally fall on this cousin.Various counterattacks are meaningless to him. Previously, the Cyclops took a long time to smash out a small gap.
Qin Hu s ancestor was one of the four princes and twenty eight princes who founded the Yu Kingdom.Otherwise, the best way would be for him to go alone and leave Anros behind to clear the area around the territory.
Seizing the opportunity, she let the sickle rub against her golden armor.He had already made his plans. Of course, it doesn t matter if the other party is blind, he won t lose anyway.
Those who wanted him to die did not torture him to death in the court, but beat him to death with black hands in the military camp.Because he noticed that the other party s life fire was like a candle in the wind, and he would gradually die even if he didn t do anything.
Kill roared. A guard who wrapped himself in a cloak but still had traces of flames rushed out of the flames.The number is too many and the level is too low, so the best target is to be reduced.
In the underground world, the spirit is always in a state of tension, because no one knows where enemies will appear from.The immortal and extremely cunning adventurers are much more difficult to deal with than the dark elves.
Because the dark clouds in the sky affected his vision, Zhao Hao couldn t see clearly what it was.Windtalker I saw the other party coming over with Zhao Zhetian from the Kunpeng Chamber of Commerce and the lone wolf player Wu Mie Hongchen.
3,000 skill experience points are allocated to soul science, allowing the summoned undead to change from a first level skeleton soldier to a fifth level ghost.It is our turn to stand guard at this moment. If you don t do it, you will be dealt with by military law.
The meaning is obvious. If the other party fails to pass the sentence or finds a reason to refuse, he will directly turn against him and take action.The outermost spearmen made way for a passage. Step, step The swordsmen who had never had a chance to appear came out like tigers emerging from the cage.
At that time, Qin Hu felt like five thunders were striking his head.Two days later Zhao Haocai led his troops back to the Xionghou tribe.
The power is unmatched Unless they are of the same body type, anyone who dares to attack head on will end up in disastrous consequences.The reason why the combat power ceiling in the hero world is called the championship level is because the combat power above the championship level is not included in the regular combat power system.
It can be seen from the components that these are war machines.Therefore, the golden dragon and griffon are needed to intercept it from halfway.
If her stupid cousin hadn t said that he didn t have the slightest bit of water, she wouldn t have believed that a player could do that.They are also lichs, and their potentials will be different.
Because Chen Guogong had long wanted to break off the engagement with him.Naturally, she was able to use this barrier skill. Natural barrier.
Think about it, if the other party is really that level, then something would have happened if he looked at the other party like this, how could it not have any impact at all.The threats of fifth level wood elves and eighth level shadow swordsmen are completely different.
The current professional circle can be regarded as the entertainment circle.Contribution is measured using a standard. That is, 1 contribution point 100 gold coins, which can be redeemed individually at the church.
As a result, when victory was within easy reach, they could only return the favor with hatred.26 units of Deadwood Guards, as long as they are not facing Dragon Breath and have the blessing of Memphela, it is not a problem at all for a period of time.
This Qin Hu was extremely cruel to others, but he was obedient to this beautiful and beautiful fianc e, treating him like a treasure.If you were an ordinary player, it wouldn t be surprising that the other party had this confidence.
Hiss The witcher spiders spun their webs. Once these special spider webs are stuck, it is impossible for these guards to break free, even if they drink medicine.The orange fire ball is in the spell The top of the staff condensed, and then fell toward the orcs outside the front line of defense.
The third level unit of the castle camp is the archer Compared with the evolved fourth level marksman, the combat effectiveness is not at the same level, but it is good that the major forces can sponsor so many.Naturally, he cannot rely solely on level A to fight.
The team finally arrived at the hotel. Zhao Hao, standing on the top of the hotel, looked as if he saw prey falling into a trap.You know, the dragon s tail is as strong as a dragon s claws.
boom The extremely strong tree trunk had cracks visible to the naked eye.Switch careers After waiting for a minute, Zhao Hao returned to his peak state.
It will naturally be inconvenient when facing a small number of strong people.The people in the remaining areas did not speak out, but they obviously agreed with this proposal.
Even though its size is far smaller than that of the crystal dragon, it is definitely terrifying enough.
The caller turned out to be the beautiful assistant Tian Jiayi.Outrageous, H shares opened more than 80 points higher than Yadi, it s really crazy.
It is obvious that Fang Hong wants to compete with Microsoft in terms of front end and money making capabilities.Domestic agriculture is also in the midst of a big industry, a big market, and a big development industry.
This sector once again set up a new story, and once again bucked the trend and strengthened.If others lose money, it may make you gloat and comfort yourself.
Whether it is a domestic or foreign e sports club, profitability is always a problem.After a month of speculation, the value of the S3 mobile phone has begun to return to the mean.
A proper smartphone is responsible for both appearance and performance.54. At the opening of the market, it did not step back and went straight to the upside.
But things are obviously different now. The sudden drop in launch costs has mutually confirmed the previous economic feasibility demonstration reports of space photovoltaic power stations and solved a key technical difficulty, namely launch costs.It was necessary to keep the price below the floor price.
It s over. The League of Legends is about to be captured by Xiao Ling.Tuesday, June 19th. The A share market is about to open.
Understood
Huajia villa mansion. At this time, Hua Yongming looked at the list in his hand and asked in surprise Rotating director mechanism Hua Yu nodded and said Yes, we have received the news that Qunxing Capital will complete the reconstruction of the top level mechanism in January.Who will buy commercial housing when there are too many affordable public rental housing If no one buys commercial housing, why will housing prices rise How can land prices rise if house prices don t rise How can a city that relies on land sales to maintain fiscal revenue if land prices fail to rise can raise the issue So doing this kind of thing offends people, and it offends a large number of people.
488 billion yuan. The short term customers and the short term customers who were trapped in the quilt looked as if they were dead
End of Chapter After Tianzhou Online fell to the one word limit, in the next new week, it once again went out of the shrinking one word limit on Monday and Tuesday.These changes have also made domestic professional players suddenly become scarce.
Now it is basically certain that the strategy of Star Capital to build an independent valuation system has not been leaked.Expensive is no exaggeration at all
It is precisely to build confidence in the independent valuation system of Qunxing s listed subsidiaries that Fang Hong prevents Qunxing Capital s debt from being too high.
Nowadays, domestic hospitals, such as the MRI equipment in medical equipment, are almost all foreign products.To analyze from another angle is not to sell miserably, or to play crocodile tears.
Only by buying at that position can you achieve an intraday gain of more than 70 percentage points.17 points, a record low since the bear market in recent years.
Seeing that the transaction volume is in the tens of billions, family members have taken the orders again, haha This is a technical adjustment, please don t panic.73 today, closing at 2115. 18 o clock
Just this morning, after Quantitative Capital updated a new version for Xiao Ling last Saturday to launch the language interactive function, today there is a new version update for the company s search engine.
What do you think the result was Five people gathered together to catch V En, but the mid laner on the opposite side was counter killed.The so called high configuration and low price has also gained a group of loyal Where are the fans Mr.
When the tree roots have not reached the underground water source, it is regularly watered artificially, so that it can continue to take root while alive.Simply put, this plan is to allow other domestic mobile phone brands to use Xingyu Technology s operating system, mainly mid to low end brands.
This is simply a large scale DIY scene. Ma Gaoyuan is a science and engineering master, and he has strong hands on skills.Although stock index futures can be shorted, it does not meet the threshold for more than 90 of retail investors.
No problem, but ability here has nothing to do with qualifications, how about it Are you interested in following me Qin Dong was caught off guard when he heard this Ah this
Fang Hong looked at Qin Dong and smiled. He said I want to open more than 2,000 large and small zoos across the country, but the choice of the top leader has not yet been decided, and I have not found the right person.
Because the products of Xingyu Technology are ahead of all peers, not only are the products well made, but the services are also impeccable.It is time to adjust in the short term, so many people choose to be safe and hold on.
Fang Hong was quite surprised. Qin Feng s judgment was very sharp and forward looking, but he said calmly The chip is stuck in the neck Why See Hearing this, Qin Feng analyzed This is the year that Xingyu Technology and Apple will face direct competition.During the rise of this bull market, Galaxy concept stocks will not grab the limelight too much and just keep following.
Now these people are all pessimists, and they all make weird claims to see how long it can last.face covering. jpg Bull market It doesn t matter if you want to lose money in the bull market.
There was not enough margin to cover the bottom, and the funds entrusted by Wall Street were used, and the opponent s market could not be short sold and the Bitcoin was It doesn t matter if the price of a coin exceeds 10,000.after the child lets down his guard and approaches, the parent catches him and beats him.
When the market opened in the afternoon, many investors were forced to go short and chase the rise because they were afraid that the rise would be even stronger later.
Looking at the relaxed look on the face of the head of the Tian family, Ji Zhenglin couldn t help but roll his eyes and said It seems that Tianjiazhuang has gained a lot this time.Monks with multiple spiritual roots who can cultivate to the perfection of the golden elixir are very rare.
This time, the female ghost was slightly at a disadvantage at first, but In the end, special means were used to block Qingyang s Golden Spirit Ten Thousand Killing Sword, which made Qingyang s idea of expanding the results come to nothing.Then a huge force came from the arm, pulling Qingyang s ankle and going underwater.
It is not the peak of the mountain, but a sharp front.However, Qingyang relied on his memory to I still found the exact location through memory.
The surrounding area was so big that it was not easy to find Qingyang.What if the other party cheats or goes back on his word in the future Isn t it just a waste of money Therefore, the lure trick is of no use to Qingyang.
Blood Demons He teaches that he has both, so he has always been beaten and killed.Thinking that the Liu Gui family might lose Wantong Pavilion, their hearts became gloomy.
However, I have kept my master s teachings in mind.The Zhuyi Demon King was shaken and woke up from the confusion.
With their mutual cooperation, it is impossible. He was evenly matched with the golden elixir puppet.Thinking of this, the giant ghost king said loudly Take this opportunity, let s all take action together, fight a bloody road in front, and rush out of the siege of Huangchen Earth Spider as soon as possible.
It is only seven to eight thousand miles from Ziyan City to Qinglong Temple.This is the first time Qingyang has lived in such a luxurious courtyard since he has grown up.
At this time, in a main hall of the city lord s palace of Funiu City, a group of monks were discussing countermeasures.With the improvement of Qingyang s strength, Qingyang can now use the Drunken Immortal Gourd so that no one can see any flaws.
Qingyang has decided that from now on in the Nether Realm, he will not show his identity as a fairy monk unless he meets an acquaintance.This longevity eyebrow is really magical. An inconspicuous eyebrow can actually increase the life span by a hundred years.
There were dozens or dozens of people, and each one worked harder than the last.Even if it loses the second game, there is still a third game.
I still need to use the God Control Pill. Come and control your subordinates.He had the confidence in his heart not to panic when things happened.
Qingyang used the five giant swords to Inside the ravine nearly ten feet deep.A magnificent mansion covers an area of more than ten miles.
A good man does not suffer the immediate loss. He is not an opponent now, so he can only choose to retreat first and report to his father later.What s more, in order to prevent the news from leaking, they may be killed or imprisoned.
in fact, he was helping Qingyang. As soon as these words came out, Shifu Zhenjun was immediately furious and said Qingyue Zhenjun, what do you mean by this What do you mean, there must be a reason that everyone doesn t know Could it be that you mean My son deserves to be killed because he made a mistake Humph, in the world of immortality, strength is respected, what qualifications does he, a small golden elixir monk, have to reason with the leader of my majestic Lingfu Sect After Zhenjun Shifu said, Zhenjun Qingyue Still calmly said What Zhenjun Shifu said is wrong.
If this continued, he would definitely be trapped in a tight siege and lose his life.
Above his head, Nascent Soul jumped out of his body.Its existence cannot be discovered whether it is observed with the naked eye or scanned with spiritual consciousness.
It s settled, I m waiting for news from Fellow Daoist Li Senior Brother Liu Ziyun almost jumped up, he said excitedly.Not to mention that this was proposed by his master, Brother Hu, who would start refining the pill even if he delayed his practice.
Master, I m waiting for you to complete the mission together Li Yuanba said with a smile.A monk who has mastered the magical power of Innate Yimu is an invincible little strongman.
Even the Yuqing Sect and the Baidi Sect sent the Hell s Crystal Essence to Sword Intention Chongxiao Pavilion in return for allowing them to use the Space Acceptance Formation.He was in a semi reclusive state in the Zheng an Mountains.
This fourth grade spiritual tea was naturally brought out by Li Shiming.Just rebuilding these foundations will require a lot of energy and time.
Li Yuanba had a lot of fourth grade elixirs in his hands, and fourth grade elixirs were hard currency.Perhaps this has something to do with the fit between the monk s soul and body.
The application of speed rules, when will Golden Corpse be able to use speed rules He murmured to himself.The three people left the cave and flew into the air to wait.
This was the thunder bead made by the great monk. Li Yuanba recognized the thunder bead.Li Yuanba put away the mid stage golden corpse with a wave of his hand.
He came to the conclusion that the four luminous stones on the soul gathering plate were in a state of consumption.During the alchemy task, he not only saw the refining task of the third grade elixir, but also the refining task of the fourth grade elixir.
This place is close to the Sword Intent Chongxiao Pavilion.They will only take action against the Great Monk Luo Pei when they are sure, and take down the Great Monk Luo Pei in one battle.
He smiled. If he were a big thief, he might be able to easily sneak into this store by using these loopholes in the formation.Now, relying only on Li Yuanba to accept the elixir refining commissions from the great monks in Sword Intent Chongxiao Pavilion, he could really accumulate There are too few elixirs for the great monks.
The original fragments of the hell creatures, as well as the hell creatures that had just emerged, were all turned into powder in an instant after the sword intent appeared.When Brother Qiao saw this scene, he wanted to persuade him, but after mumbling several times, he couldn t.
Although he could not sense the aura of the battle due to the distance, he recognized that the fighting party was a sword cultivator from the Sword Intent Chongxiao Pavilion just by seeing the flying sword attack method.His current state has no protection at all. If he is really affected by the aftermath of lightning, he doesn t have to worry about being injured, but he will definitely lose face in front of his disciples.
If the gravity here had an effect on Ten Thousand Swords Peak , he might not be able to bear the weight of Ten Thousand Swords Peak alone many levels ago.Brother Lou winked at the distant monks Wu Da and Teng Da.
There are no monks in the library. In this situation, most of the Nascent Soul monks have their own tasks and are responsible for various defense tasks.Shi Ximing s training notes were just a study note on how to become a spiritual cultivator.
The core monks of these two superpowers are relatively sober, trying hard to maintain the emotions of their fellow sects, and keeping pace with Jianyi Chongxiao Pavilion at almost the same pace.They saw with their own eyes that a monk was hit by a hell creature.
Not to mention Lu Shi, Wan Zheng and Senior Sister were also quite surprised.But this kind of defense consumes a lot of money, and the mountain magic weapon s defense power also has an upper limit.
Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.