How to identify WannaCry malicious code from Vietnam Computer Emergency Response Center (VNCERT)

WannaCry malicious code is becoming the most dangerous threat today to cyber security worldwide, including Vietnam. When the computer is infected with this malicious code, you will not be able to access the files and data on the computer and must pay a virtual bit of Bitcoins to redeem that data.

In the face of such a dangerous situation, the Vietnam Computer Emergency Response Center (VNCERT) has issued urgent orders to monitoring units and agencies, preventing computers from connecting to the code control server. poison WannaCry.

1. How to handle the emergency WannaCry malicious code from the National Information Security Department
2. How to remove / fix ransomware WannaCry

Accordingly, each agency or unit should prevent connection to WannaCry malware control servers and update IDS / IPS and Firewall protection systems . information to identify malicious code WannaCry blackmail. To identify this extremely dangerous new malicious code, we can pass 33 IP addresses of WannaCry malware control servers (C&C Server), 10 WannaCry malicious files and 22 hash codes (Hash SHA- 256).

1. List of WannaCry malware control servers (C&C Server)

2. List of WannaCry malicious files

3. List of hash codes (Hash SHA-256)

One of the recommendations from VNCERT is that agencies need to quickly update official warnings on Microsoft websites for operating systems including Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86 , Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64.

1. Microsoft released an emergency patch to prevent ransomware from attacking
2. Downloading Windows patches for all versions to avoid being hit by a massive cyber attack, has affected 150 countries and is still spreading