There are two ways this strain of ransomware is infecting large businesses, governments, and other entities around the world:
- An attack via a vulnerable Windows Server Message Block (SMB) service which windows uses to share Files/Printers across networks.
- The Microsoft PxExec tool with admin credentials from target computer.
These problems have been patched by Microsoft, but there are still users out there who have not downloaded the patches for their Windows Operating Systems so the ransomware keeps spreading.
To fight back and protect yourself from this global ransomware attack make sure you do the following:
1) You have Windows Automatic Updates turned on and you are up to date. If you don’t have auto update on, you can download the security update for your version of Windows HERE
2) Make sure your copy of SUPERAntiSpyware is the latest edition and is current with the latest definitions. If you own the Professional Edition, make sure Real-Time Protection is enabled.
3)Backing up your computer regularly and keeping a recent backup copy not connected to any PC. We recommend using Support.com Online Backup which we offer on our online shopping cart as an optional offer when purchasing SUPERAntiSpyware Professional.