Bitbar Blackmail virus again struck, playing cards server is close.
The impact of the Wanna Cry extortion virus, which is sweeping the globe, continues, with at least 150 countries being attacked by the Internet. Beijing Youth Daily reporter learned that the domestic addition to a number of colleges and universities have been a network attack, there are a considerable number of enterprises and institutions of the computer is also the trick. According to British media reports, a 22-year-old British network engineer noted that the blackmail virus has been trying to enter a very special, does not exist the URL, he easily registered the domain name even blocked the spread of the virus. Regrettably, the future of the extortion virus continues to spread further. Yesterday afternoon, the National Network and Information Security Information Center emergency notification, the global outbreak of the blackmail virus appeared a variant, the British guy accidentally discovered the poisoning method has been invalid.
Many domestic units by the virus attack
On the evening of May 12, Wanna Cry extortion virus spread in many countries around the world, the domestic multi-university network suffered a blackmail attack, a large number of students and other important information by the virus encryption, only to pay ransom to recover.
Yesterday, Beiqing reporter learned that the impact of the virus is not just the campus network, also includes some enterprises and institutions.
According to a staff member of China Unicom Zhengzhou Branch, May 14, due to the impact of bitbell blackmail virus, the unit computer all paralyzed.
May 13, Xiangshui Public Security Bureau Exit-Entry Office issued a message that the public security network suffered a new virus attack, temporarily shut down the entry and exit business, the specific recovery time to wait for notice.
Yesterday, a police station in Shandong told Beiqing newspaper reporter, by the blackmail virus, the unit stored information computer is locked, learning computer professional he eventually can only helpless.
PetroChina part of the gas station affected
Also affected are the China Petroleum Gas Station. Yesterday, China Petroleum announced in its official website that at 12:23 on May 12, due to the global outreach blackmail virus outbreak, the company belongs to some of the normal operation of gas stations affected. The virus causes the network to pay for fuel stations, bank cards, third party payments, and so on. However, fuel and sales and other basic business is running normally, fuel card account funds security is not affected.
Yesterday afternoon, Beiqing reporter and the Beijing area five Chinese oil gas station made contact.
Among them, the staff of PetroChina Petrochemical 12 gas station, said 13, because of the impact of the new virus, gas station mobile payment, fuel card payment and other payment methods are affected, although the morning for emergency repair, But there are still network instability. China National Petroleum gas station staff told the Beiqing newspaper reporter, as of 4 pm, the country gas station still only accept cash payments or gas filling stations to pay the cost.
PetroChina said yesterday afternoon, according to field-proven technical solutions, began to implement the resumption of work by station. More than 80% of the gas station has been restored network connection, the virus infection of the gas station is gradually restored fuel card, bank card, third party payment function.
China Petroleum Great Lakes Hill southwest, China Petroleum Dongpeng gas station, China Petroleum Jingsun gas station staff told Beiqing newspaper reporter, has been restored before noon mobile payment and fuel card payment function.
The virus was once blocked by accident
The news from the UK seems to have brought a glimmer of hope for the fight against the blackmail virus.
British media reported on the 13th, a 22-year-old British network engineer on the evening of 12 note that the extortion virus is constantly trying to enter a very special, does not exist the site, so he easily spent £ 8.5 (about 75 yuan ) Registered the domain name, trying to use this site to obtain the data related to extortion virus.
It is inconceivable that the subsequent spread of the virus in the world has been blocked.
The analyst and colleague analysis, this strange URL is likely to be extortion virus developers in order to avoid being set by the network security personnel set the "checkpoint", and the behavior of the registered website does not intend to trigger the program comes with "suicide switch The
In other words, the extortion virus in each attack before the visit to this non-existent Web site, if the URL does not exist, indicating that the extortion virus has not yet caused the attention of security personnel, you can continue to unobtrus the network; and once the site exists, The virus has been intercepted and analyzed possible.
In this case, the extortion of the virus will stop spreading in order to avoid getting more data from the cyber security personnel or even to control it in turn.
Blackmail virus has been a new variant
Accidentally blocking the extortion of the British network of engineers and some network security experts have said that this method is currently only temporarily prevent the further attack and spread of the blackmail virus, but can not help those who have been attacking the virus has been the user, but also not completely crack this blackmail virus.
They speculate that the new version of the blackmail virus is likely not to bring this "suicide switch" and come back. This speculation really became a reality soon.
Yesterday the National Network and Information Security Information Center Urgent Notification: Surveillance found that the outbreak of the WannaCry extortion virus worldwide appeared variants: WannaCry 2.0, and the previous version of the difference is that this variant can not be registered by a domain name to close the variants extortion The spread of the virus, the variants may spread faster.
Beijing Municipal Commission of Communications, the Beijing Municipal Public Security Bureau, the Beijing Municipal Commission also issued a "Wanna Cry blackmail on the emergence of variants and disposal of the proposed notice."
The notice requires all units to immediately organize the network detection, once found poisoning machine, immediately disconnected, strictly prohibit the use of U disk, mobile hard disk and other equipment can be ferry attack. "Notice" said that at present it seems that the hard disk format can remove the virus.
EU Interpol's European Center for Cybercrime 13, said the size of the extortion virus attack unprecedented, need to find a complex international investigation of criminal suspects, the EU Interpol has cooperation with the multinational investigation of the attack.
Playing cards game room is close, the computer has crashed.