Tuesday, May 16, 2017

Very Very Important!!! Please Share Immediately...



Dear Team,
Please communicate this important message to all concerned and EOD team can send it to SPOCs also immediately. It is seen from the new that this Ransomeware Attack has created major havoc in many countries.
Hence, please share this to most of the wings..
Yours Sincerely,
(V M Sakthivelu)
Deputy Director CEPT
+919444227090
dd_cept@indiapost.gov.in
CSI Email
Dear DoP Users,
Please be informed that there is a global ransomware attack called “WannaCry” that has hit the assets across the world. Computers in thousands of locations have been locked by a program.

Unlike many other malicious programs, this one has the ability to spread across the network by itself.
Please be alerted and not to open unknown urls(links)/files or not to download unknown attachments from any sources of following extensions.
Also ensure that all the systems in environment having AV installed and up to date.
Files from extensions not to be opened:
1 .wncry
2 .wcry
File names not to be opened:
!WannaDecryptor!.exe
!WannaDecryptor!.exe.lnk
!WannaDecryptor!.bmp
!Please Read Me!.txt
d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa b.wnry
055c7760512c98c8d51e4427227fe2a7ea3b34ee63178fe78631fa8aa6d15622 c.wnry
402751fa49e0cb68fe052cb3db87b05e71c1d950984d339940cf6b29409f2a7c r.wnry
e18fdd912dfe5b45776e68d578c3af3547886cf1353d7086c8bee037436dff4b s.wnry
4a468603fdcb7a2eb5770705898cf9ef37aade532a7964642ecd705a74794b79 taskdl.exe
2ca2d550e603d74dedda03156023135b38da3630cb014e3d00b1263358c5f00d taskse.exe
97ebce49b14c46bebc9ec2448d00e1e397123b256e2be9eba5140688e7bc0ae6 t.wnry
b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25 u.wnry
Links/Domains not to be clicked/opened:
thegoldclubs.[com]/77g643
koreancars-club.[ru]/77g643
biolume.[nl]/77g643
outback-cycles.[de]/77g643
prystel.[com]/77g643
oklahomagunlawyers.[com]/77g643
balprodukt.[ru]/77g643
enboite.[be]/77g643
takipediliyoruz.[com]/77g643
kitchenandgifts.[com]/77g643
ws.osenilo.[com]/77g643
domainway.[de]/77g643
demelkwegtuk.[nl]/77g643
kbelgesi.[net]/77g643
taddboxers.[com]/77g643
villa31.[com]/77g643
jisrcenter.[com]/77g643
etadjewellery.[com]/77g643
bellevillenorfolkterriers.co.[uk]/77g643
jomajaco.[com]/77g643
geo-zamer.[ru]/77g643
panaceya-n.[ru]/77g643
bitsslab.[com]/77g643
We will you keep you posted with further actions to be taken, if required.
Regards,
CSI Security Team

No comments:

Post a Comment