Warning of Monster computer bug, in a week of them.

Microsoft sent out a warning today about the Monster Computer Bug. I suspected that hackers will begin targeting the Windows 7 and Server 2008 platforms. As you may know, these operating systems will be vulnerable once Microsoft deems them at the end of life early in January 2020.

 

1. Very similar to WannaCry worm
2. Affects Windows 7 and Windows Server 2008. It also affects Windows 2003 and Windows XP—older versions of Windows that Microsoft doesn’t typically patch.
3. Windows XP users will have to manually download the update from Microsoft’s update catalog.
4. “This vulnerability is pre-authentication and requires no user interaction,”
5. The vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.”
6. Per Microsoft -it’s only a matter of time before attacker’s reverse engineer Microsoft’s patches and create malware. Thankfully, Windows 8 and Windows 10 machines aren’t affected by this vulnerability.
7. Go to the Microsoft site to manually download the patch.

The best way to address this vulnerability is to upgrade to the latest version of Windows.”

How it works

1. Previously WannaCry was downloaded from Dropbox URLs,
2. The vulnerability was exploited to drop a file on the vulnerable system.
3. which would then be executed as a service.
4. This would then drop the actual ransomware file onto the affected system, encrypting files with the. WNCRY extension.
5. A separate component file for displaying the ransom note would also be dropped.
6. Files with a total of 176 extensions, including those commonly used by Microsoft Office, databases, file archives, multimedia files, and various programming languages

 

Once the virus is activated, you will see a screen that says “Oops, your files have been encrypted! You will then have instructions on how to pay them to unencrypt your files. Be careful!!