Bitcoin ransomware strikes again and new variants have emerged.

The impact of the WannaCry ransomware virus sweeping the world continues, and at least 150 countries are currently under cyber attacks. The reporter of Beijing Youth Daily learned that in addition to the network attacks on many colleges and universities in China, a considerable number of computers of enterprises and institutions were also recruited. According to British media reports, a 22-year-old British network engineer noticed that the blackmail virus had been constantly trying to enter an extremely special and non-existent website, he conveniently registered the domain name and unexpectedly blocked the spread of the virus. Unfortunately, the ransomware will continue to spread in the future. Yesterday afternoon, the national network and information security information notification center urgently reported that a variety of ransomware broke out worldwide, and the “anti-virus method” accidentally discovered by British guys had expired. Many domestic units have been attacked by viruses. On the evening of May 12, WannaCry ransomware spread in many countries around the world. The networks of many domestic universities were attacked by ransomware, and a large number of important materials such as students’ graduation papers were encrypted by viruses, only the payment of ransom can be restored. Yesterday, the reporter of Beiqing Daily learned that not only campus network, but also some enterprises and institutions were affected by the virus. According to a staff member of Zhengzhou branch of China Unicom, on May 14, due to the influence of Bitcoin ransomware, all the computers of the unit were paralyzed. On May 13, the Exit-Entry office of Xiangshui public security bureau released a message saying that the exit-entry business was temporarily suspended due to a new virus attack on the public security network, and the specific recovery time was waiting for notice. “After a whole night, the data has not been recovered.” Yesterday, a policeman in Shandong told the reporter of Beiqing Daily that the computer that stores data in the unit was locked due to the blackmail virus, and he could only do nothing to learn computer major. Some gas stations of PetroChina are affected Also affected are PetroChina gas stations. Yesterday, PetroChina announced on its official website that around 22:30 on May 12, due to the outbreak of the global bitcoin ransomware virus, the normal operation of some gas stations belonging to the company was affected. The virus makes online payment functions such as gas station fuel card, bank card, and third-party payment unavailable. However, basic businesses such as refueling and sales are operating normally, and the security of fuel card account funds will not be affected. Yesterday afternoon, the reporter of Beiqing Daily got in touch with five PetroChina gas stations in Beijing. Among them, the staff of No. 12 gas station of China National Petroleum Corporation said that since the 13th, due to the impact of the new virus, various payment methods such as mobile phone payment and fuel card payment at the gas station have been affected, although emergency repair was carried out in the morning, the network was still unstable. The staff of China National Petroleum gas station told the reporter of Beiqing Daily that as of 4 pm, the national gas station still only accepted cash payment or fuel card of the national gas station. PetroChina said yesterday afternoon that it began to carry out the restoration work station by station according to the technical solutions verified on site. More than 80% of gas stations have recovered their network connections, and infected gas stations are gradually recovering fuel card, bank cards, and third-party payment functions. The staff of PetroChina Dahu Villa southwest, PetroChina EASTROC gas station and PetroChina Jingshun gas station told the reporter of Beiqing Daily that the functions of mobile phone payment and fuel card payment had been restored before noon. The spread of the virus was once accidentally blocked. News from Britain seems to bring a glimmer of hope to defeat the ransomware. British media reported on the 13th that a 22-year-old British network engineer noticed on the evening of the 12th that the ransomware was constantly trying to enter an extremely special and unexistent website, so he conveniently spent 8.5 pounds (about 75 yuan) to register the domain name, trying to use this website to obtain relevant data of ransomware. Surprisingly, the further spread of ransomware around the world has been blocked since then. This engineer and colleague analyzed that this strange website is probably a “checkpoint” set by ransomware developers to avoid being captured by cyber security personnel “, however, the behavior of registering the website unintentionally triggered the” suicide switch “provided by the program”. In other words, the ransomware must visit this non-existent website before each attack. If the website continues to exist, it means that the ransomware has not attracted the attention of security personnel and can continue to travel freely on the Internet; once the url exists, it means that the virus may be intercepted and analyzed. In this case, in order to avoid being controlled by network security personnel to obtain more data or even in turn, the ransomware will stop spreading. New variants of ransomware have emerged British network engineers and some network security experts who accidentally blocked the ransomware said that this method only temporarily prevented the further attack and spread of the ransomware, however, it cannot help those users who have attacked the ransomware, nor does it completely crack the ransomware. They speculate that the new version of ransomware is likely to make a comeback without this “suicide switch. This speculation really soon became a reality. Yesterday, the national network and information security information notification center urgently reported: monitoring found that the WannaCry Blackmail virus that broke out worldwide had a variant: WannaCry 2.0, which was different from the previous version, this variant cannot disable the spread of a variant ransomware by registering a domain name, which may spread faster. The Beijing Municipal Party Committee network information office, the Beijing Municipal Public Security Bureau, and the Beijing Municipal Economic and Information Commission also jointly issued the Notice on suggestions on the emergence and disposal of WannaCry ransomware worms. This notice requires all units to immediately organize internal network detection. Once a poisoned machine is found, the network will be disconnected immediately. It is strictly prohibited to use devices that can perform ferry attacks such as USB disks and mobile hard disks. According to the notice, it seems that formatting the hard disk can remove viruses. The European Cyber Crime Center, affiliated to the European Union Criminal Police Organization, said on the 13th that the scale of the ransomware attack was unprecedented and it was necessary to find suspects through complex international investigations, europol has cooperated with many countries to investigate the attack. Text/Our reporter Wang Tianqi integrated Xinhua news agency for pictures/Oriental IC The impact of the 2533 WannaCry ransomware virus sweeping the world continues, and at least 150 countries are currently under cyber attacks. The reporter of Beijing Youth Daily learned that in addition to many colleges and universities in China, there are also quite a number of enterprises and enterprises.

Read More

There are 155 stations with more than 100mm rainfall during heavy rainfall in Guangdong

There is not much rainfall in Guangzhou. Photo taken by Chen Xiaoxiao Zhongxin.com, Guangzhou, May 15 (Shen Zhao Zou Jinhua) the reporter learned from the chief defense officer of Guangdong province on the 15th that Guangdong province suffered a new round of heavy rainfall on the 15th, which led to Guangzhou city, conghua district and other places have launched high-level emergency response. From 8: 00 on May 14 to 4: 00 on May 15, there were 155 stations with rainfall over 100mm in Guangdong province. It is understood that this round of heavy rainfall is mainly concentrated in Guangzhou, Meizhou, Huizhou, Jiangmen, Yangjiang, Heyuan and other cities. Among them, stations such as Xishan station, Aotou town, Guanghua district, Guangzhou city, qixingdun station, Nankun town, Longmen county, Huizhou city, etc. received relatively heavy rainfall during the above periods, which were 242mm, 203.7mm, 184mm. The reporter learned from the Guangzhou three defense office that due to the impact of this round of heavy rainfall, a total length of about 250 meters scattered pipe surge occurred in the upper reaches of Longtan bridge on the left bank of the river bank of Zhijiang (II), Conghua district, the local government has organized personnel on-duty inspections and carried out emergency response work; Flooding occurred in the headway Primary School and urban area of Aotou town in Conghua district; 1900 mu of farmland in Aotou town in Conghua district was also flooded. Guangzhou Sanfang headquarters started the Level II emergency response to prevent rainstorm at 04:50 on May 15, and Conghua district started the Level I emergency response to prevent rainstorm at 5: 00 on May 15; Zhuhai City will flood control at 11:55 on May 15 (prevent rainstorm) level III emergency response has been upgraded to level II, and the current round of heavy rainfall prevention and control work has been fully organized. Deng Haiguang, deputy governor of Guangdong province and general commander of defense of Guangdong province, said when he went to the defense work of defense general of Guangdong Province on 15th that meteorological and hydrological departments should improve the pertinence and accuracy of forecast and early warning, and timely release fine forecast and forecast results, provide decision-making support for all regions to do defense work well; Guangdong defense manager should ensure the implementation of relevant defense measures in advance according to relevant forecast and early warning information, especially the implementation of personnel transfer measures in high-risk areas in advance. There is not much rainfall in Guangzhou. Chen Xiaoxiao shot zhongxin.com, Guangzhou, May 15 (Shen Zhao, Zou Jinhua) the reporter learned from the chief defense officer of Guangdong province on the 15th that Guangdong province suffered a new round of heavy rainfall on the 15th, to Guangzhou city, conghua district and other places started high-level response

Read More