Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.
“El día martes un nuevo ataque de ransomware dejó en evidencia que sigue habiendo sistemas desactualizados, falta de soluciones de seguridad y de planes necesarios para evitar una infección. Los ataques continúan creciendo y evolucionando, por lo que desde Eset seguimos apostando a que la prevención y la concientización son claves para evitar ser víctimas.”, aseguró Camilo Gutierrez, jefe del Laboratorio de Eset Latinoamérica
Con el fin de despejar todas las dudas en torno a este nuevo ataque global, la compañía comparte el siguiente cuestionario:
¿Cuáles son las características de este ransomware?
Se destacan tres aspectos que lo diferencian:
Cifrado: no solo cifra los archivos con una extensión determinada, sino que además intenta cifrar, generalmente con éxito, el MBR (Master Boot Record), que es el registro principal de arranque.
Propagación: tiene la propiedad de un gusano, o sea, puede propagarse a través de diferentes técnicas por la red logrando infectar nuevos equipos.
Exploit: hace uso de ellos para explotar vulnerabilidades en equipos que no han sido actualizados o no se les han instalado los parches correspondientes.
¿Es igual de poderoso que WannaCryptor?
Ambos tienen el mismo impacto: impiden el acceso a la información almacenada en el sistema. Sin embargo, este nuevo ataque no solo cifra la información que se encuentra en los equipos, sino que, luego de que se reinicia el sistema, deja inutilizable al sistema operativo, por lo que las víctimas se ven obligadas a realizar una reinstalación.
¿Qué es lo que hace exactamente esta amenaza?
Luego de que el ransomware es ejecutado, crea una tarea programada con el fin de reiniciar el equipo en un determinado tiempo, que no suele ser más de sesenta minutos. Además, verifica si existen carpetas o discos compartidos para propagarse.
A continuación, comienza a cifrar archivos que contengan una determinada extensión. A diferencia de la mayoría del ransomware, este código malicioso no cambia o agrega una extensión particular luego de cifrar cada archivo, una técnica muy utilizada por los atacantes para distinguir a los archivos infectados.
Por último, el malware intentará eliminar los registros de eventos para no dejar rastro alguno, como también ocultar sus acciones.
¿Cómo se propaga de un país a otro? ¿Llegó a Latinoamérica?
La propagación es una característica destacable de esta amenaza. Una vez que logra infectar un equipo, intenta extraer las credenciales del usuario para luego usarlas con PsExec y WMIC para realizar una búsqueda de carpetas y discos compartidos, y así propagarse por la red a la cual el equipo esté conectado. De esta manera, logra infectar equipos situados en distintos países y regiones.
Sí, llegó a Latinoamérica, en la mayoría de los casos a equipos de empresas multinacionales conectados en red con los de otras filiales en Europa o Asia, desde las cuales se propagó con su capacidad de gusano.
¿Qué se puede hacer para evitarlo?
Tanto en hogares como en empresas, contar con una solución antivirus es imprescindible. La misma tiene que estar correctamente configurada, contemplar qué puertos están abiertos y por qué.
Además, la red debe estar configurada y segmentada correctamente, y monitorear constantemente el tráfico para detectar algún tipo de comportamiento fuera de lo normal. Es esencial realizar un estudio detallado de la información más relevante y hacer backup de la misma, para que, en caso de que se cifre, haya una forma de restaurarla.
En cuanto a las contraseñas, es primordial llevar una buena gestión de las mismas, ya que si tan solo una de las máquinas infectadas posee las credenciales de administrador, podría infectar toda la red.
Si estoy infectado y no puedo acceder al sistema, ¿cómo tendría que avanzar?
Se podrían utilizar técnicas forenses para intentar correr en memoria otro sistema operativo y de esta forma acceder a los archivos cifrados. Sin embargo, no hay mucho que se pueda hacer más que aplicar el backup, lo cual sería crucial para evitar la reinstalación del sistema operativo.
En última instancia, si no hay backup, los cibercriminales siempre ofrecerán la opción extorsiva, pero desde ESET no sugerimos de pagar el rescate ya que mientras siga siendo rentable, el ransomware continuará creciendo.
¿Cómo están operando los atacantes? ¿Esperan un pago a cambio?
El proceso para recuperar la información es el mismo al que nos tiene acostumbrado este tipo de ataques. Una vez finalizada la infección, el ransomware emite las instrucciones, en donde los atacantes solicitan un pago en bitcoins, en este caso, equivalente a 300 dólares.
Pie de imagen: Aviso de que el equipo ha sido infectado.
¿Por qué se ha vuelto tan común el secuestro de datos?
Dentro de los puntos destacables se encuentran la falta de concientización y educación a nivel seguridad que tienen muchos usuarios y empresas. Una gran parte todavía no conoce el impacto que puede tener en un modelo de negocio un ciberataque hasta que es víctima y se ve obligada a pagar para recuperar su información.
Ante esta cuestión, a pesar de la velocidad con que circulan las noticias sobre ataques informáticos y los problemas que generan, los cibercriminales encuentran una motivación importante para continuar desarrollando nuevas amenazas.
¿El ataque está armado por una persona o un grupo? ¿Se necesitan conocimientos técnicos altos?
Resulta difícil pensar que una sola persona puede estar detrás de este ataque, ya que es una amenaza que incorpora varias técnicas en cuanto a exploits, propagación, y cifrado, así como para evadir medidas de seguridad. Sin embargo, no podemos asegurar cuántas son las personas involucradas en el desarrollo de un ataque de tal magnitud.
¿Se puede dar con los autores del ataque?
No por ahora. A diferencia de una botnet, por ejemplo, no hay un Centro de Comando y Control al que se conecte la amenaza como para rastrearlo y dar con los autores; y de usarlo, seguramente sería un servidor ajeno al cual atacaron para tomar el control y accederían desde TOR, logrando anonimidad. Por otro lado, el pago del rescate se hace en bitcoins y, por las características de esta criptomoneda, se hace prácticamente imposible rastrear su destino final.
Para más información ingrese al portal de noticias de ESET llamado WeLiveSecurity en: https://www.welivesecurity.com/la-es/2017/06/29/todo-sobre-nuevo-ataque-de-ransomware/
En los próximos meses estaremos emocionados de tomar las lecciones aprendidas en este vuelo para continuar el programa Aquila en su progreso y su fin de unir al mundo mediante la conectividad.
Las cadenas de suministro involucran piezas móviles complejas y dinámicas. Para mantenerse competitivo, debes crear un sistema flexible que pueda adaptarse a las interrupciones, aprovechar
La tecnología actual puede ayudar a desarrollar y sostener modelos de negocios nuevos y se ha vuelto cada vez más sofisticada. La puerta se abre y es el momento de ingresar.
The official is lying, but he has no evidence.It was the bastard nephew Li Ru, who turned pale.If you expected Xu Qi an to give valuable clues before, you are completely disappointed now.
This time the ancestor worship was safe and sound, and the task was successfully completed.Nangong Qianrou rolled her eyes and asked for him Father, are you really going to kill that kid Yang Yan immediately looked at Wei Yuan.
Xu New Year asked after dinner, Tang Brother faltered and changed the topic, but didn t give the last two couplets.The middle aged man with slightly frosted temples nodded slightly.
The man with a feminine temperament walked up to Wei Qingyi carelessly, looked at him, and immediately smiled He is actually a boy crazier than me, foster father, what should I do There was gloating in his smile.A train team stops slowly at the foot of Qingyun Mountain.
As the organizer, he has the right to give certain rewards, and the rewards come from the watchman s yamen.This was to kill Xu Qi an.Second, how can you improve the state of the gods when you practice Qi Neither status nor strength allow it.
If there is another time, I will punish you severely.In ancient times, licking dogs, licking friends and licking friends has become famous through the ages.
Li Yuchun stared blankly at the beans on the ground, covering his eyes in pain.After listening patiently for a while, she made sure that there was no one in the yard.
I can use one of the magical artifacts to go to the black market in exchange for rewards for opening the Heaven s Gate.There were no wounds on their bodies, and all of them went to sleep, but never woke up.
The first sentence of the opening A cell is the beginning of a life Ha, ha ha, ha ha ha Looking at it, Song Qing held the booklet tightly and laughed loudly.Ning Yan doesn t need to compare it with it.It is a sung song of plums through the ages.
When Xu Qi an saw the fate of the child, Xu Qi an s gradually cooling faith suddenly became hot and vivid.A few simple words are more important than a thousand gold.
Dizong s yin spirit has no shadow or form, so it s hard to kill.Because they were full of pastries, tea, snacks and wine, they simply stopped eating lunch.
Scholar, wait for me.Xu Qi an chased after him, thinking that at critical moments, scholars still have strong adaptability.The more he is like this, the happier Mr.Zhou is, and he likes how others hate him, but they are helpless.
The demon clan in the north and Dafeng are like fire and water, while the kingdom of thousands of demons in the southern border is inextricably linked with the Buddhist sects in the western regions.He prefers to peel cocoons from the files, chew on those imperceptible details, and then draw conclusions.
In the purse, there is only a small exquisite jade mirror that is no bigger than a palm.Chu Caiwei slapped his pig s trotters away with a small hand, and her big almond eyes were full of vigilance Didn t eat Um.
I will offer ten taels of silver to treat the adult to drink tea.The pot thrower was thirty steps away from the porcelain pot, blindfolded, turned his back, and shot three arrows in total.
We also want to ask you about alchemy.Ask him about alchemy Jin Gong Jiang Lvzhong raised his eyebrows.
Lu Qing was like a vigorous female leopard, with two powerful long legs galloping, scolded coquettishly, and finally stabbed the high frequency trembling knife tip into the monster s abdomen.Destination Jiaofang Division He has experienced many similar entertainments in his previous life, but the form has changed from a dinner party to a visit to a kiln.
Sun Shangshu s face remained unchanged, he patted the armrest of the chair lightly, and said The Ministry of Punishment is in charge of criminal laws and laws, to share your majesty s worries, and to plead for the people, come here.Xu Qi an said in relief.At this time, Xu Qi an s smile, in the eyes of Master Hengqing, was like a devil s smile.
I have important clues to the robbery of tax money.Wang Butou boasted that he didn t want money.How much money for a night s sleep Xu Qi an s heart moved.
Emperor Yuan Jing changed from a side lying posture to a straight sitting posture.Brother Gongzi didn t respond to the oncoming killing move, and the funny expression of trampling ants to death was still on his face.
His clear thinking and meticulous logic won Yang Yan s task, and he appreciated and valued this little gong under his command more and more.The watchman is responsible for the security work.Xu Qi an thought for a while and said, Then come to my house for dinner after His Majesty worships the ancestors.
The eldest princess smiled brightly, and the lake light dimmed a bit.Wei Yuan stood shoulder to shoulder with the prisoner in a grand manner.
In sight, dozens of black shadows were rising and falling on the roof, rushing towards this side.Layer upon layer of surges, Sang Po seemed to come alive.
Xu Qi an opened the topic.Yang Zhenzhen was noncommittal.Holding his uniform, waist badge, and saber in both hands, he turned a blind eye to the followers behind him.
The eldest princess is worthy of being a top student.He walked out in a frivolous step, no one dared to stop him, he took a step, and the guards took a step back.
Old account, that is to say, is there a problem with that gong It seems to be called Xu Qi an.It doesn t matter what the breasts of the supervisor s disciple are.
Ms.Zhang Yang has been married to the deceased for ten years, why is she pregnant at this time alone Xu Qi an waited for them to finish before he had a chance to speak, Maybe the child didn t belong to the deceased at all If a man and a woman are in normal health, it is impossible not to have children for ten years, unless they deliberately avoid children.
This is my latest idea for grafting.I heard that you joined the watchmen, so help me find a death row prisoner.Xu Cijiu blushed for a while and nodded.Li Mubai was surprised and said Copying the quotations of the saints will help you step into the realm of self cultivation Why didn t the old man find out.
Similar feelings are often felt when fighting on the battlefield, which makes him afraid to move.The advantage is that it has strong explosive power.
The deeper the accumulation of merit, the heavier the cause and effect.Second Princess, please stay.Xu Qi an chased after her and shouted.
1 and you are both in the capital.This is obviously aimed at No.Xu Qi an learned the fighting technique in his previous life to parry, pretending to be exhausted.
Two I don t know, No.6 claims to be a Buddhist disciple of Yunyou, and plans to live in the capital for a long time.This scene also aroused the ideas of the guests who planned to stay in the Shadow Plum Pavilion and whispered to each other.
Layman Ziyang smiled.That s wrong, Zhang Shen, master of the art of war, laughed and drank tea Brother Yang is very ambitious, and he is paving the way for the life.Everyone immediately turned their attention to this alchemy wizard.
God rewarded him with the opportunity to time travel.In this world, there are always people waiting for you to go home at night and warming up meals for you in the kitchen.
Xu Qi an put away the mirror in satisfaction, and said to himself, don t be grateful too early, you will have to pay back the favor sooner or later.He is alone in this world, without a mobile phone, a computer, a keyboard man, or Japanese love education films.
Several colleagues were taken aback, and looked at Xu Qi an It s very reasonable.Seeing Xu Lingyue s outstanding beauty, Xu Qi an must have been molested, and even wanted to take her away.
The works of the alchemists of Sitianjian are widely circulated among the people, benefiting the common people.
Okay, I just have something else to ask you for help with.In about a month, the wrinkles will naturally fade.
Half an hour later, Du Heng and Lao You washed off the mud on their bodies, put on clean and warm clothes and shoes, and gathered around the fire pot to hold the They were eating rice with a sizzling bowl.The mountains and rivers shook, and birds flew in fright.
More importantly, Director Du himself was also infected at the time.And is there a vacancy for deputy director of the Department of Traditional Chinese Medicine and Internal Medicine now have.
He probably won t be able to pay for his living expenses just by farming.Wait, I still don t believe there is no reason. Du Heng ignored him and just looked at Pan Chengchi s leaving figure with cold eyes.
We ask caring people from all over the society to supervise.We might as well just stop doing it and ask the director of the outpatient department to cancel all outpatient clinics for the next few days.
Ah, what, where is the needle you just inserted Du Heng s anger became even more intense.Everyone is busy. After a day s work, the whole body is sore, and they just want to go home early to eat and sleep.
In addition, every time Director Du speaks, The breath is slightly lighter than the subsequent voice, and there is a problem of shortness of breath during the whole speaking process.He just had indigestion. Instead of using a knife, he cut his finger.
With Professor Du s level, he must know the basics of the deer and horse pulse, right Du Heng was still distracted by his own suspicions.Luo. The patient s acceptance and trust are definitely more effective than what he said.
But once a blockage occurs somewhere, then What is blocked is not only the flow of qi and blood, but also the excretion of toxins.The father in law fell silent. A week ago, he helped Du Heng deal with a burglary in his home.
Xiaobai s arm, Du Heng turned to the nurse and said, Take care of this place.Yes, we don t want those chemical products. Can Du Heng refuse Of course not So he responded directly with a smile, There is also this.
But just when Cao Yuanqing was about to ride away, Du Heng hesitated and asked Lao You to accompany Cao Yuanqing.Videos like an osteopath holding a patient, stretching and then listening to the patient s body making a clicking sound, and then the patient showing a look of surprise are really common nowadays.
Is she here too Then why didn t she come with me yesterday Be sick Xiao Heng got off work early today.Holding back the smell, Du Heng returned to his seat.
What also shocked him was that after Du Heng just twisted it, the sitting body of the male patient became limp and paralyzed in a state visible to the naked eye.But she knew her situation, so until this year, she had never talked to anyone.
Of course, the word pin is the original meaning, but the word pressure really made Du Heng pull out his hair.The result of suspected nasal cancer was said by Mr.
Ask the master to help you get rid of bad luck. As soon as Wu Shengnan finished speaking, Du Heng immediately frowned.But at this time Lao You, who had been following behind, couldn t help it anymore.
Let s talk about your most practical problem. Have you decided what you want to study When Tang Jinhan heard this question, he finally raised his head and looked at Du Heng, and his expression was extremely serious.Although he was surprised, Du Heng called Cao Yuanqing over immediately.
Du Heng did not publicize his discovery, but after returning, he used the newly established laboratory to directly conduct experiments on Nux vomica.He introduced the previous situation to Du Heng and Lao You.
However, when they saw Du Heng kneeling on the ground and carefully administering the needle, several of them had relaxed looks on their faces.How can a hospital as big as yours survive without you At this point, Wu Shengnan obviously didn t want to give in anymore, and he said dirty words as soon as he opened his mouth, Now, I ll help you walk.
When several people arrived at the clinic, his eldest disciple was already busy in the clinic.Even after an hour and a half of flight, it was followed by six hours After a train, another four hour bus ride, and finally a mountain road without even a motorcycle, Lao You still maintained his original expression.
In one afternoon, he tossed himself over and over again.Everything had been arranged, and Kang Zhirong had also planned the itinerary for the next few days, but as expected, something unexpected happened.
But Du Heng s sudden movement of twisting people s heads really frightened the few people in front of him.Drink tea, I won t be an eyesore to you. Zhang Shiping stood up and left, and the beautiful tea maker beside him also left with him obediently.
They are tall, low, thick, and thin. They are all trees.
When the formation absorbs enough power, it can arouse the power of Jielei, which will definitely be a big surprise for the Bibo Huanyue Clan.You should know more about the enemy.Shao Nan is not someone who gives in easily.
Among them, the cyan light and shadow are flying with the sword, and the other two lights and shadows are flying in the air.This is the top 5,000 determined after testing about 100,000 fire control geniuses.
The specific power has not been tested yet, but the same door said, that The magical weapons of the seniors are all far more powerful than the magic weapons of the same realm.However, it quickly returned to normal, and nodded without a trace.
It is a pity that there will be no black shops within the range of any door to door.In the eyes of the Bibo Huanyue Clan, the human race is just a combination of toys and food.
No.huh No, you re big Hurry up and jump in, otherwise it will be too late.Fellow Daoist Tianfeng, do we still have to go inside Let s go Such a rare opportunity.
Min Haoyan looked curious.Those have nothing to do with us.Min Haoyan suddenly discovered that he had a problem with the intelligence he had grasped.
Otherwise, as soon as you reach the Golden Core realm, you will start refining your natal magic weapon, which is what happened.However, what is in it Is it like rumors that it is the magic spring where the magic cultivator originated It s really hard to say.
As the spirit of heaven and earth, Huo Linglong is quite smart.Several Void Returners gathered together and quickly thought of a solution.
Our sect can t afford it.The head said with great earnestness.Nearly two thousand chains burned at the same time, desperately absorbing the original power of the little fire spirit dragon.
In an instant, I felt weak, and my body was about to explode.Otherwise, every return to the void will not basically carry a treasure to break the formation.
This time, even the purple robed old man s complexion was not very good.After comparing with the last flame of anger test, this time Shaonan was determined to be the first in the preliminary competition of the fire control competition, and more people came to visit Shaonan.
The left hand resisted Shao Nan s attack.The index finger of his right hand was stained with his own blood, and he swiped quickly in the air, and soon a complex blood colored flying bird shaped rune was formed in the air.It is definitely not an easy task to make Shao Nan say a miracle things.
Different from everyone s reaction, when Huo Linglong was trapped by the three color chain, Shao Nan had a creepy feeling.He couldn t attack again in a hurry and could only deploy various defenses.
I guess I have no room for survival in Taichu Jubaozhai.However, Shao Nan would not give Zhenjun Puyang any chance to fight back.
This cave was obviously once lived in, and there are still some books such as miscellaneous talks and travel notes left in the study.Of course, the Great Elder in Lingxiao Pavilion is only in the late Jindan stage, which also makes Shao Nan quite relieved.
Shao Nan and the others were wiped out long ago.It s just that everyone didn t expect that Bibo Huanyue Island turned out to be the base camp of the Bibo Huanyue Clan.Someone is coming Lan Yin didn t say anything.Instead, he carefully sensed it with his spiritual sense, and sure enough, he found three people approaching quickly from behind.
I know, last time it was tossing for several months.I m still worried that you can t think of this, or that you don t have enough ambition.
Xinghuo Shinichi was overjoyed when he heard Shao Nan s voice.And the forbidden land of the magic spring disappeared with the abnormality, and returned to its normal appearance.
After listening to the chat of several people, Shao Nan frowned.This year, the first snow fell until December.However, perhaps because it had been brewing for too long, this snowstorm was extraordinarily heavy.
The cultivation of swordsmanship can t be left behind.But Shao Nan s fire sword was not surprising, and it didn t attract anyone s attention.
As long as there is a way.Then there is hope.Xiao Cao er, tell me quickly, how can I increase my speed Shao Nan knew that this was a trick played by Xiao Cao er.Xiao Cao er, do you know why I can t perceive the domain Shao Nan still didn t give up, and asked Xiao Cao er with an attitude of giving it a try.
Eset desarrolló un análisis sobre el nuevo ataque de ransomware que se inició en Ucrania, y cifró información de máquinas de todo el mundo, afectando compañías de distintas industrias como bancos, red eléctrica y empresas postales, entre otras. El ransomware (secuestro de información) es el término genérico para referirse a todo tipo de software malicioso que le exige al usuario del equipo el pago de un rescate.