• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Editorial WannaCry: Its Origins, and Why Future Attacks may be Worse

Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
WannaCry, the Cryptographic Ransomware that encrypted entire PCs and then demanded payment via Bitcoin to unlock them, is actually not a new piece of technology. Ransomware of this type has existed nearly as long as the cryptocurrency Bitcoin has. What made headlines was the pace with which it spread and the level of damage it caused to several facilities dependent on old, seldom-updated software (Hospitals, for example). It's not a stretch to say this may be the first cyberattack directly attributable to a civilian death, though that has not been concluded yet as we are still waiting for the dust to settle. What is clear however is WHY it spread so quickly, and it's quite simple really: Many users don't have their PCs up to date.




Indeed, the bug that WannaCry utilized to spread this rather old-school ransomware tech had been patched in Windows for about 2 months at the date of the outbreak. But many users were still not patched up. To be clear, this is not just hospital equipment and such that may be difficult to directly patch, but also end user PCs that simply aren't patched due to user ignorance or outright laziness. That as a cultural issue can be fixed relatively easily (and to some degree already is with the push of Windows 10 which handles this automatically for the user). But there is a more sinister twist to this story, one that indicates future outbreaks may be worse. The bug that enabled this to happen was leaked directly from the NSA, and had been known for much much longer than the patch for it has existed. In other words, this bug had been stockpiled by the US government for use in cyberwarfare, and its leak caused this attack.

Let me play you a theoretical scenario, one not so farfetched I would think. What if Microsoft had NOT had a patch ready at the time of this outbreak? What if the bug (which exists in the file sharing stack and has most Windows PC vulnerable by default) was exposed and we had to wait a couple days for a patch. What can you do to protect yourself then?

This seemingly nightmarish scenario is a good illustration of why stockpiling vulnerabilities in common software rather than reporting them is a bad practice rather than a good one. Of course, in the above situation, you could just turn your PC off until it all blows over, or turn off SMB1 file sharing in Windows (google will help you here). Or best yet, you could use a decent firewall setup that does NOT expose SMB ports to the internet (you can even block the ports in Windows Firewall, google again has the answers). But not all of us are power users. Most out there aren't, actually. A lot of users actually plug their computers directly into their modems. I know, because I've worked IT. I've seen it. And what about when someone finds a worse vulnerability, like in the TCP/IP stack? What then? Do you unplug your computer from the internet entirely? Ok, but who got infected first to tell you to do that? Someone had to take one for the team. Either way, damage has been done people.

This is why the practice of stockpiling exploits has to stop. The US government (and others, for that matter) should report exploits, not store them as cyber weapons. As weapons of war, they are as likely to hurt us in the end as our enemies, and that makes them very bad weapons in the perspective of one of the first rules of warfare; Don't hurt your own team.

Call me crazy, but that just seems like a weapon I'd rather not use. If a weapon hurts as many of your own team as your enemy or even close to that number, its time to retire that weapon. Of course, we aren't talking a literal injury or body count here, but the concept is the same. This is just a bad practice, and it needs to stop.

View at TechPowerUp Main Site
 
Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Notice: This is marked as an editorial, so treat it as such. This is not news and it may/may not make baby Jesus cry.
 
Joined
Oct 2, 2004
Messages
13,791 (1.94/day)
What's funny is that people who were using any kind of worthy AV (not Windows Defender) were protected since February 2017 when most companies captured early strains.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.65/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
This is why I wish John McAfee won POTUS. As the internet grows, attacks like this are going to become a near daily occurrence. Everyone needs to up their security game. More importantly, the internet itself has to change to counter cyber attacks.

As for government finding exploits and not talking about them: remember that the NSA likely used an exploit like this (or maybe this very one) to launch a successful cyber attack against Iran's centrifuges. No one got hurt and Iran's nuclear ambitions were hugely damaged/delayed. I think NSA should adapt a policy like Google. If it finds an exploit, it gives itself some time to use it, then it notifies whomever can fix it (in this case Microsoft), and then it publishes a document detailing the exploit some time after that. NSA gets their covert tools and the holes get plugged (which helps the government too because there's a lot of Windows systems around).
 
Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
As for government finding exploits and not talking about them: remember that the NSA likely used an exploit like this (or maybe this very one) to launch a successful cyber attack against Iran's centrifuges.

I might agree on that front but there was something very different about that exploit: It had nothing to do with networking. It targeted offline computers and was delivered via a USB stick to an offline network.

Obviously in that instance, care had been taken and the potential for network/internet abuse of that exploit was 0.

However, if it was a networkable worm (unclear on this) what would've happened had that been leaked? You know the answer. The NSA isn't a vault of security as of late.

It may not even have been an exploit for that matter. More likely, knowing that USB drivers are privileged, it was simply a modified USB stick. That's relatively trivial if you know firmware programming.
 
Joined
Nov 21, 2010
Messages
2,223 (0.46/day)
Location
Right where I want to be
System Name Miami
Processor Ryzen 3800X
Motherboard Asus Crosshair VII Formula
Cooling Ek Velocity/ 2x 280mm Radiators/ Alphacool fullcover
Memory F4-3600C16Q-32GTZNC
Video Card(s) XFX 6900 XT Speedster 0
Storage 1TB WD M.2 SSD/ 2TB WD SN750/ 4TB WD Black HDD
Display(s) DELL AW3420DW / HP ZR24w
Case Lian Li O11 Dynamic XL
Audio Device(s) EVGA Nu Audio
Power Supply Seasonic Prime Gold 1000W+750W
Mouse Corsair Scimitar/Glorious Model O-
Keyboard Corsair K95 Platinum
Software Windows 10 Pro
What's funny is that people who were using any kind of worthy AV (not Windows Defender) were protected since February 2017 when most companies captured early strains.

Also the only people who were affected were the ones who weren't up to date on patches. Pointing out choice of AV at this point is like discussing what dental dam to use after going at it raw. Pointing out which AV being used is like telling car owner who's left all their doors unlocked with the keys in the ignition and as a result had their car stolen, people who were using x security system didn't get their car stolen.
 
Last edited:
Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Also the only people who were affected were the ones who weren't up to date on patches.

Yep, and as I noted, that's a lot more than we'd like to think.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.65/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
I might agree on that front but there was something very different about that exploit: It had nothing to do with networking. It targeted offline computers and was delivered via a USB stick to an offline network.

Obviously in that instance, care had been taken and the potential for network/internet abuse of that exploit was 0.

However, if it was a networkable worm (unclear on this) what would've happened had that been leaked? You know the answer. The NSA isn't a vault of security as of late.

It may not even have been an exploit for that matter. More likely, knowing that USB drivers are privileged, it was simply a modified USB stick. That's relatively trivial if you know firmware programming.
How do you think it infiltrated the facility in the first place? It attacked Windows (USB, RPC, Printer Sharing, fake shortcuts, JMicron/Realtek signed rootkit driver), then it silently infected devices on the network until it finds Siemens Step 7 industrial control software.
 
Joined
Jun 22, 2015
Messages
71 (0.02/day)
Processor AMD R7 3800X EKWB
Motherboard Asus Tuf B450M-Pro µATX +MosfetWB (x2)
Cooling EKWB on CPU + GPU / Heatkiller 60/80 on Mosfets / Black Ice SR-1 240mm
Memory 2x8GB G.Skill DDR4 3200C14 @ ----
Video Card(s) Vega64 EKWB
Storage Samsung 512GB NVMe 3.0 x4 / Crucial P1 1TB NVMe 3.0 x2
Display(s) Asus ProArt 23" 1080p / Acer 27" 144Hz FreeSync IPS
Case Fractal Design Arc Mini R2
Power Supply SeaSonic 850W
Keyboard Ducky One TKL / MX Brown
I don't think the NSA/CIA/GCHQ give a sh*t really.
If they could do this, and point the finger at the "Russkies" (or the next "Axis of Evil"), they would.

Its all fun and games for them (quite literally).

edit : Microsoft still haven't patched XP have they ?
 
Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Microsoft still haven't patched XP have they ?

They have, due to outcry.

How do you think it infiltrated the facility in the first place? It attacked Windows (USB, RPC, Printer Sharing, fake shortcuts, JMicron/Realtek signed rootkit driver), then it silently infected devices on the network until it finds Siemens Step 7 industrial control software.

As mentioned, it infiltrated via infected USB hardware.
 
Joined
Jul 16, 2014
Messages
8,115 (2.29/day)
Location
SE Michigan
System Name Dumbass
Processor AMD Ryzen 7800X3D
Motherboard ASUS TUF gaming B650
Cooling Artic Liquid Freezer 2 - 420mm
Memory G.Skill Sniper 32gb DDR5 6000
Video Card(s) GreenTeam 4070 ti super 16gb
Storage Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Steeseries Esports Wireless
Keyboard Corsair K100
Software windows 10 H
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
I don't think the NSA/CIA/GCHQ give a sh*t really.
If they could do this, and point the finger at the "Russkies" (or the next "Axis of Evil"), they would.

Its all fun and games for them (quite literally).

edit : Microsoft still haven't patched XP have they ?

actually they did, the released patch made headline news since so many were shocked that m$ put forth an effort..

Cant say much since I'll be accused of m$ bashing...

on second thought, I dont give a shit, if m$ receives any bashing, its prolly well deserved in one way or another, and maybe they might even step up a bit more often and fix exploits before they release them intentionally to the NSA/CIA/paying governments.
 
Joined
Nov 21, 2010
Messages
2,223 (0.46/day)
Location
Right where I want to be
System Name Miami
Processor Ryzen 3800X
Motherboard Asus Crosshair VII Formula
Cooling Ek Velocity/ 2x 280mm Radiators/ Alphacool fullcover
Memory F4-3600C16Q-32GTZNC
Video Card(s) XFX 6900 XT Speedster 0
Storage 1TB WD M.2 SSD/ 2TB WD SN750/ 4TB WD Black HDD
Display(s) DELL AW3420DW / HP ZR24w
Case Lian Li O11 Dynamic XL
Audio Device(s) EVGA Nu Audio
Power Supply Seasonic Prime Gold 1000W+750W
Mouse Corsair Scimitar/Glorious Model O-
Keyboard Corsair K95 Platinum
Software Windows 10 Pro
actually they did, the released patch made headline news since so many were shocked that m$ put forth an effort..

Cant say much since I'll be accused of m$ bashing...

on second thought, I dont give a shit, if m$ receives any bashing, its prolly well deserved in one way or another, and maybe they might even step up a bit more often and fix exploits before they release them intentionally to the NSA/CIA/paying governments.

That's crazy talk. If they were really working with spy agencies, it be far more easier for them simply to place a backdoor somewhere or write tailor-made software that defeats the OS security.
 
Joined
Nov 2, 2008
Messages
887 (0.16/day)
Processor Intel Core i3-8100
Motherboard ASRock H370 Pro4
Cooling Cryorig M9i
Memory 16GB G.Skill Aegis DDR4-2400
Video Card(s) Gigabyte GeForce GTX 1060 WindForce OC 3GB
Storage Crucial MX500 512GB SSD
Display(s) Dell S2316M LCD
Case Fractal Design Define R4 Black Pearl
Audio Device(s) Realtek ALC892
Power Supply Corsair CX600M
Mouse Logitech M500
Keyboard Lenovo KB1021 USB
Software Windows 10 Professional x64
There is some hope:

Proposed PATCH Act forces U.S. snoops to quit hoarding code exploits
http://www.theregister.co.uk/2017/0...o_force_intel_agencies_to_fix_found_exploits/

Two U.S. senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products.

The Protecting our Ability To Counter Hacking (PATCH) Act would set up a board chaired by an Department of Homeland Security (DHS) official to assess security flaws spies have found in code and hardware, and decide if manufacturers should be alerted to the bugs so they can be fixed for everyone.​

Now all we have to do is get the pinheads in D.C. to pass the legislation into law....
 
Joined
Nov 21, 2010
Messages
2,223 (0.46/day)
Location
Right where I want to be
System Name Miami
Processor Ryzen 3800X
Motherboard Asus Crosshair VII Formula
Cooling Ek Velocity/ 2x 280mm Radiators/ Alphacool fullcover
Memory F4-3600C16Q-32GTZNC
Video Card(s) XFX 6900 XT Speedster 0
Storage 1TB WD M.2 SSD/ 2TB WD SN750/ 4TB WD Black HDD
Display(s) DELL AW3420DW / HP ZR24w
Case Lian Li O11 Dynamic XL
Audio Device(s) EVGA Nu Audio
Power Supply Seasonic Prime Gold 1000W+750W
Mouse Corsair Scimitar/Glorious Model O-
Keyboard Corsair K95 Platinum
Software Windows 10 Pro
That law doesn't protect us, it protects them. This law just absolves them of any wrongdoing should this happen again.
 
Joined
Nov 2, 2008
Messages
887 (0.16/day)
Processor Intel Core i3-8100
Motherboard ASRock H370 Pro4
Cooling Cryorig M9i
Memory 16GB G.Skill Aegis DDR4-2400
Video Card(s) Gigabyte GeForce GTX 1060 WindForce OC 3GB
Storage Crucial MX500 512GB SSD
Display(s) Dell S2316M LCD
Case Fractal Design Define R4 Black Pearl
Audio Device(s) Realtek ALC892
Power Supply Corsair CX600M
Mouse Logitech M500
Keyboard Lenovo KB1021 USB
Software Windows 10 Professional x64
I have to admit: Having a law is one thing; enforcing it is a different issue entirely....
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.65/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
There is some hope:

Proposed PATCH Act forces U.S. snoops to quit hoarding code exploits
http://www.theregister.co.uk/2017/0...o_force_intel_agencies_to_fix_found_exploits/

Two U.S. senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products.

The Protecting our Ability To Counter Hacking (PATCH) Act would set up a board chaired by an Department of Homeland Security (DHS) official to assess security flaws spies have found in code and hardware, and decide if manufacturers should be alerted to the bugs so they can be fixed for everyone.​

Now all we have to do is get the pinheads in D.C. to pass the legislation into law....
I hope it passes but I'm sure people in the intelligence oversight committee are going to do everything they can to stop it. At the same time, it doesn't go far enough: manufactures should always be notified. Someone (implements inherit bias either towards notification or away from it) shouldn't be deciding which holes will deliberately be left open and which won't. Government needs a standard operating procedure where the manufacture is always notified, it's just a matter of when.
 
Joined
Nov 21, 2010
Messages
2,223 (0.46/day)
Location
Right where I want to be
System Name Miami
Processor Ryzen 3800X
Motherboard Asus Crosshair VII Formula
Cooling Ek Velocity/ 2x 280mm Radiators/ Alphacool fullcover
Memory F4-3600C16Q-32GTZNC
Video Card(s) XFX 6900 XT Speedster 0
Storage 1TB WD M.2 SSD/ 2TB WD SN750/ 4TB WD Black HDD
Display(s) DELL AW3420DW / HP ZR24w
Case Lian Li O11 Dynamic XL
Audio Device(s) EVGA Nu Audio
Power Supply Seasonic Prime Gold 1000W+750W
Mouse Corsair Scimitar/Glorious Model O-
Keyboard Corsair K95 Platinum
Software Windows 10 Pro
I hope it passes but I'm sure people in the intelligence oversight committee are going to do everything they can to stop it. At the same time, it doesn't go far enough: manufactures should always be notified. Someone (implements inherit bias either towards notification or away from it) shouldn't be deciding which holes will deliberately be left open and which won't. Government needs a standard operating procedure where the manufacture is always notified, it's just a matter of when.

The way I understood the law they don't have to disclose any holes as long as they don't exceed a predetermined amount, when they do the evaluate which ones to keep and which to disclose. Kind of like a kid with too many toys and have to figure out which toys they need to send to the goodwill in order close the lid on the chest. Now what's stopping them from giving themselves a toy chest bigger than one they'll ever need?
 
Joined
Oct 22, 2014
Messages
13,210 (3.83/day)
Location
Sunshine Coast
System Name Black Box
Processor Intel Xeon E3-1260L v5
Motherboard MSI E3 KRAIT Gaming v5
Cooling Tt tower + 120mm Tt fan
Memory G.Skill 16GB 3600 C18
Video Card(s) Asus GTX 970 Mini
Storage Kingston A2000 512Gb NVME
Display(s) AOC 24" Freesync 1m.s. 75Hz
Case Corsair 450D High Air Flow.
Audio Device(s) No need.
Power Supply FSP Aurum 650W
Mouse Yes
Keyboard Of course
Software W10 Pro 64 bit
As mentioned, it infiltrated via infected USB hardware.
They also have the ability to carry out over the air exploits on remote machines that are not connected, without physical access, so even unplugging from the net is by no means a protection.
 
Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
They also have the ability to carry out over the air exploits on remote machines that are not connected, without physical access, so even unplugging from the net is by no means a protection.

Bridging air gap networks typically relies on "sneaker net" (Infected media of some type).

That's what I was referring to.
 
Joined
Mar 18, 2008
Messages
5,717 (0.98/day)
System Name Virtual Reality / Bioinformatics
Processor Undead CPU
Motherboard Undead TUF X99
Cooling Noctua NH-D15
Memory GSkill 128GB DDR4-3000
Video Card(s) EVGA RTX 3090 FTW3 Ultra
Storage Samsung 960 Pro 1TB + 860 EVO 2TB + WD Black 5TB
Display(s) 32'' 4K Dell
Case Fractal Design R5
Audio Device(s) BOSE 2.0
Power Supply Seasonic 850watt
Mouse Logitech Master MX
Keyboard Corsair K70 Cherry MX Blue
VR HMD HTC Vive + Oculus Quest 2
Software Windows 10 P
And some people still think internet of things is a good idea. Yeah right, imagine all of your appliances are now turned into bricks and constantly reminding you need to pay to have them fixed. IoT is one of the stupidest idea ever invented under the cloud computing BS. Take a look at the mother nature as our best teacher. After billions years of evolution are species happily sharing genetic information? Hell no. Each individual species have built up their defense to degrade foreign DNA as much as they can. Even your sweat contains trillions of RNAse that will degrade ANY RNA you may touch.

Get everything into the net is a horrible horrible idea. It is just TNT waiting for a spark. Unfortunately the Wannacry situation showed as there are no shortages of such spark.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.65/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
That one attack that happened recently was conducted by leveraging IoT products (like internet-connected security cameras). IoT always was and always will be a terrible idea. Manufacturers creating updates is not likely in the first place, compound that with actually installing the updates (especially on IoT products where people assume it's perfectly safe by nature) and massive attacks are going to become increasingly commonplace.

At least there's intelligent enterprise routers out now that perform deep packet inspection to find and stop malicious activity. Systems like that need to be rolled out to all consumers stopping widespread infections before they start.
 
Joined
Apr 18, 2016
Messages
184 (0.06/day)
NSA trying to destroid the Bitcoin and blaming to Nort Korea,,:pimp:
 

Frick

Fishfaced Nincompoop
Joined
Feb 27, 2006
Messages
18,914 (2.86/day)
Location
Piteå
System Name Black MC in Tokyo
Processor Ryzen 5 5600
Motherboard Asrock B450M-HDV
Cooling Be Quiet! Pure Rock 2
Memory 2 x 16GB Kingston Fury 3400mhz
Video Card(s) XFX 6950XT Speedster MERC 319
Storage Kingston A400 240GB | WD Black SN750 2TB |WD Blue 1TB x 2 | Toshiba P300 2TB | Seagate Expansion 8TB
Display(s) Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case Fractal Design Define R4
Audio Device(s) Line6 UX1 + some headphones, Nektar SE61 keyboard
Power Supply Corsair RM850x v3
Mouse Logitech G602
Keyboard Cherry MX Board 1.0 TKL Brown
VR HMD Acer Mixed Reality Headset
Software Windows 10 Pro
Benchmark Scores Rimworld 4K ready!
actually they did, the released patch made headline news since so many were shocked that m$ put forth an effort..

Cant say much since I'll be accused of m$ bashing...

on second thought, I dont give a shit, if m$ receives any bashing, its prolly well deserved in one way or another, and maybe they might even step up a bit more often and fix exploits before they release them intentionally to the NSA/CIA/paying governments.

Bash MS all you want, but be correct and coherent.

Worth noting is how windows 10 was/is not affected by the SMB spreading exploits.
 
Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Worth noting is how windows 10 was/is not affected by the SMB spreading exploits.

Incorrect. It was affected, the patch just got auto applied ontime. If you had updates disabled and used RTM, it was most certainly vulnerable.

NSA trying to destroid the Bitcoin and blaming to Nort Korea,,:pimp:

Lol, no. Just no.


This law just absolves them of any wrongdoing should this happen again.

Not what the bill proposes.
 
Top