HomeОбразованиеRelated VideosMore From: Computerphile

Wana Decrypt0r (Wanacry Ransomware) - Computerphile

20728 ratings | 971122 views
$300 or your files are toast: Dr Pound takes a look at the latest ransomware to be doing the rounds. How Wana Decrypt0r encrypts files: https://youtu.be/pLluFxHrc30 Microsoft Blog: http://bit.ly/Computerphile-Wana_MS Professor Ross Anderson's blog: http://bit.ly/Computerphile-Wana_Ross MalwareTech's blog: http://bit.ly/Computerphile-Wana_Mal End to End Encryption: https://youtu.be/jkV1KEJGKRA Internet of Things Problems: https://youtu.be/PLiE0Nr8VOE http://www.facebook.com/computerphile https://twitter.com/computer_phile This video was filmed and edited by Sean Riley. Computer Science at the University of Nottingham: http://bit.ly/nottscomputer Computerphile is a sister project to Brady Haran's Numberphile. More at http://www.bradyharan.com
Html code for embedding videos on your blog
Text Comments (1885)
R R (5 days ago)
cries in windows xp
I wonder if that ghost cube is solved yet
Jakob Lindskog (11 days ago)
Just use Arch Linux, btw I Use Arch, did I mention I run Arch
aT rOOt (18 days ago)
I Love sticking Microsoft in a VMBox and ripping the shiz out'f it
Gianluca Tartaro (20 days ago)
American government: “Oh wow, we found this exploit in windows that allows the spreading of malware! Should we tell someone..? Nah, let’s use this to our advantage and let them figure it out on their own.” Go figure it was another country that got screwed over by the USA’s selfishness as usual...
Fernando Molina (24 days ago)
Books [left to right ] : Security Engineering, Cryptography Engineering, Mastering Bitcoin, Secrets & Lies, C++: The Complete Reference, Cryptography and Network Security: Principles and Practice, Computers and Intractability, Hacking: The Art of Exploitation, Database Systems: The Complete Book, The Manga Guide to Databases, Cloud Computing, Pro WPF in C# 2010 All added to my list :) Except the last one, of course
gdm413229 (24 days ago)
Computerphile's next video should be all about Ghidra, the NSA's software reverse engineering toolset, released to the public in March. This toolset [Ghidra] was originally intended for malware analysis.
Dmitriy Chernoshey (1 month ago)
Asus update server got hacked and started spreading malware. Still cool with inability to turn off updates?
almarija printing (1 month ago)
is there any chance to decrypt .etols files
1337 h4x0r (1 month ago)
you actually can disable win 10 updates by creating a .reg file in notepad, copy and pasting it from a simple google search. edit that misinformation
H Majhail (1 month ago)
the spooks have hardware level backdoors (intel's management engine).
Shiki Ren (1 month ago)
Actually, you could, and still can, deactivate updates; But only by screwing around in the registry. Sadly I had to do that, as every single damn update I ran broke almost all programs I want, as well as microsoft-internal things like the cisual c++ redistributables, and I had to restore from a savepoint every single time.
John papichulo (1 month ago)
What's the status of melt down and spectre flaws?
Rory Campbell (1 month ago)
very interesting and beautifully balanced
Robi Parvez (2 months ago)
yes, you can turn off windows updates...i have been running my OS for 1 yr without updates.... it's annoying but i will for sure update it soon... anyway, nice video
Blue Eyes White Teddy (2 months ago)
I love the shadow brokers. I think it's far more ethical to tell everyone about the existence of these exploits and the fact that a so called "Security" agency knew about them and kept them a secret arrogantly thinking that nobody would know. Far more than someone who knows about an exploit and doesn't tell anybody so that everybody is vulnerable. What if some third party found the exploit and used it without telling anybody, far more problems could arise as microsoft wouldn't have put out a patch.
Tech Hashers (2 months ago)
Where did he get the virus
00UncommonSense00 (2 months ago)
I am using Window ME (Millennial Edition) so I am watertight. No virus will penetrate my fortress.
Ktkahghi (2 months ago)
hackers remote hacked my computer disabled some check boxes in my disk clean up. was wondering why my computer was so slow; 5 point some GB used in my memory dump file cache.
Palaash Atri (2 months ago)
Lesson ? Always use up to date software, and don't use Windows.
Aaron Hollander (2 months ago)
The original files once encrypted are deleted, I assume. Couldn't you recover the deleted files?
Slow Cheetah (2 months ago)
just use Apple....
Tvrtko I Kotromanic (2 months ago)
Officer: How did the hacker escape? Me: I don't know he just ransomware
Marcello Wheeler (28 days ago)
Oh you...!!!
Erik Revaj (1 month ago)
:DDDDDD
D Robords (1 month ago)
Well played
Manda Putra (2 months ago)
I want my CS teacher like him -_-
ANTI ASMR (3 months ago)
that shirt gave me migraine attack:(
Edward Deaney (3 months ago)
“If you’re running XP, the first thing you should do is turn off your computer because you have no business running XP” - amazing!
Evanski (3 months ago)
Why is it not called "Wanna UnCry" ? Also why is it that when ever the NSA becomes awear of a data breach or Some one tells them a huge security risk The do the opposite of there job and ignore it
MGTOW REVELATIONS (3 months ago)
cant turn off updates in windows 10???? . . are you sure about that?? *INSTALLS KALI LINUX AND TURNS OFF ALL COMPUTERS ON INTERNET*
Leon Kowarschick (3 months ago)
Laughs in templeOS
steven gaming (3 months ago)
are you dantdm
Fried Mule (3 months ago)
Just some info, it's fairly easy to block windows 10 update, so check if your pc is blocked for some types of update! The way that update are blocked do not warn you in any way, you'll think that everything is perfect. And no I won't tell how to block update! :-)
Sarainia Angelsong (3 months ago)
Windows XP was soo many years ago for me maybe 6 to 10 ish years maybe as a guess :)
CattleRustler (3 months ago)
It propogates on port 445 Close port 445
TheEndTrend (4 months ago)
6:52 As a "lone wolf" SysAdmin, this kept me up at night back in 2017...honestly pretty terrifying, the thought of ransomware worm ripping through the corporate LAN you manage! Luckily I was able to react quickly enough and get everything patched.
who remembers the homemade lag-switches for mw2andalike games with a switch and cat5 cable, thats how you stop wanna cry from propagating,
Topher J (4 months ago)
I had to google what a “sandbox” or “virtual machine” was (to examine how code is being executed in a protected environment) so I really don’t know why I watch some of this stuff but holy hell I learn a lot. Thanks!
Leon Kunstek (4 months ago)
And that's why everyone shuld run MS-DOS on their pc so you can then tell the virus to go f**k himself.
MotorHead74808 (4 months ago)
I'm still rockin my Windows Vista machine. I just have a bunch of antivirus software and Opera (the last big web browser that supports Vista) to stay 'safe' online. Sadly though I'm in the process of switching to linux since my luck will run out eventually.
Addmix (4 months ago)
Imagine how surprised the guy who made wanacry when everyone everywhere was talking about it and thousands of people were paying them obscene amounts of money
Thanks for the videos... What is it about constantly setting up a left shoulder to be more up or expanded comparing to the right ...in other videos as well...:)))
Angelo Idisi (4 months ago)
America needs an NHS!
Zigr (4 months ago)
love it! awesome job with the interview mate :)
snippletrap (5 months ago)
He’s being awfully charitable to the CIA and NSA. I wonder what the odds are that Intel has installed backdoors in its microcode...for purposes of national security of course.
Martin S (5 months ago)
If I made a program which could remove this virus could I charge people for it?
Zawakawaka (5 months ago)
You can turn off windows updates(the automatic ones) simply by editing your registry. FYI Simple to do takes about 2 mins even for the computer illiterate.
Happy Man (5 months ago)
Hi everybody!Who can share references with me that will teach me how to create different kinds of viruses...because I am a "freshman" ...appreciate any anwser <3
TheReal_ist (3 months ago)
lol cute......
Chris Dannemiller (5 months ago)
One place where the cost of this can add up is in emulators. Hosting say a little Endian machine on a big Endian processor.
gooddrink7 (5 months ago)
This is me
Joel Devlin (5 months ago)
is that a walkman on your belt in 2017 because if so you are a god
Frits Rits (6 months ago)
Where does Wanacry store the private keys?
TheLT (6 months ago)
Guy still runs a Microsoft Intellimouse Explorer. :)
Fiks Anzo™ (6 months ago)
Ransomeware? Since when is the word "ransome" a thing?
Paul Morrey (6 months ago)
Great Video Thanks
Connor King (6 months ago)
12:20 ... Except TeX.
nadrojiskool (6 months ago)
Hm... Nah, I'm sure I'm still fine. If I wanted to waste my time with a new OS, I'd use something worthwhile.. like Linux. ..Computer's still running fine, though, so maybe tomorrow, 'kay? I mean, I'm definitely on Windows 10 (I see you there, Anon, don't hack me pls, ok ty).
obscenityib (6 months ago)
14:48 yes you can, and i have, so annoying
Shomz (6 months ago)
I wonder how someone didn't find a way to sue NSA for all the damage their malware had indirectly caused.
kazakh mustang (6 months ago)
computer viruses have so much in common with the actual biological viruses
Mohd Bouras (7 months ago)
Who else is annoyed by the camera position? shouldn't be in an eye level 🤔
Tony Nameless (7 months ago)
Lefty punched this guy's nose.
William J. (7 months ago)
I live in a small town, with a small hospital. The machine they use to do heart stress tests, runs on Windows 2000. SMH....
SkinnyCow (7 months ago)
Someone hacked the NSA and stole their backdoor exploits. Damn, those dudes must have a seriously large set of balls.
Elmo Victor (7 months ago)
I couldn't understand the part of the explanation about the unregistered web site, can someone explain it to me? Thank you!
EXcentriX (7 months ago)
Thats why the network stack and SMB shouldn't run with permissions, which allows them to write to the file system, nor being able to execute unsigned code. On Windows XP, the network runs under SYSTEM, which is basically sudo/root on Linux.It is above Administrator and cannot be restricted by policies. Microsoft did restrict that later down to a special user.
Fox (7 months ago)
It is possible to disable Windows Update in Windows 10. You have only to muck about with the Services (Open Services command, disable several of them)
Zanith50 (7 months ago)
Fast forward to now when a new win10 update deletes your files anyways........
The Ridgway Kids (7 months ago)
Wow. An unsolved mirror cube on your shelf. That’s a sin for cubers
Seraph (8 months ago)
If windows didn't aggressively force you to reset after an update then people wouldn't turn the updates off...
MakerInMotion (8 months ago)
So the people who paid got their data back?
David Bermudez (9 months ago)
In every website there are vulnerabilities for every Hacker’s Paradise none of safe
GD Presario (9 months ago)
Do wannacry 2.0
Nordic Husky (9 months ago)
I'll admit, I have disabled Windows 10 updates trough a 'bug' in Windows 10. Simply you can make it run the Windows Update service as a Guest user, preventing it from being able to run at all. The reason I did this, was about 4 months ago Microsoft force pushed a update onto my machine, which installed without my knowledge. After the update was installed, it had broken Windows entirely to the point of Windows Recovery not able to run properly as it was missing Administrator Rights. I contacted Microsoft about it, and it turned out the update was incompatible with my motherboard. As such I've lost faith in the automatic updates and rather stay vigilant on what I press / download on my computer.
Harper Chisari (9 months ago)
Nice shot kid that was one in a million
BloomSTRAD (9 months ago)
What do you mean "you have no business using Windows XP"? Many industries depend on the reliability of their programs running and at the rate Microsoft keeps dropping support for many of those essential tools they won't be able to keep up. There are also countless pieces of software we have all bought throughout the years that no longer work with newer versions of Windows.
Daniel Livingston (10 months ago)
TAKE ME TO POUND TOWN
Joe Williams (10 months ago)
How do you feel about the kernel level data mining that is built into the Windows OS?
Nordryd (10 months ago)
I want Dr. Pound to teach me Computer Science. I wish I had him when I was in college
Kevin 27 (10 months ago)
The only times i have issues with my pc when i update. So when i install windows 7 i install every update, then turn off updates. And i keep important data on an external drive.
Atif Khan (10 months ago)
compterphile ..i cant thank you enough....
Dan H (10 months ago)
Love the channel, very informative. However I disagree with the opinions stated in regards to windows 10. It is spyware plain and simple. I am aware of the vulnerabilities with using an older OS and am much more willing to be open to them instead of using the over intrusive mess that is Win10. With an older OS there is a CHANCE you could be open to an attack. With Windows 10 you are under attack from the get go.
Tony Colle (11 months ago)
It always scares me when someone says, "I'm from the government. I'm here to help. Trust me."
T. Hill (11 months ago)
I like your analogies very much.
CHRISTOPHER LEE (11 months ago)
I still use Xp windows 2000/me /98 /NT /95 /3.1 haha 😂
jolena auvuya (11 months ago)
Mike is nefarious, you can see it in his eyes, gotta be careful of this one ^-^
berke erayabakan (11 months ago)
Dude, one of your nostril is bigger than the other one.You should see a doctor. Thumbs up btw appreciate all the work !!!
Dan Kelly (11 months ago)
Format hard drive=problem solved.
Mk (1 year ago)
"not having a recent backup" biggest mistake since 1980s. if you have no backup, you deserve getting your data wrecked at some point in your life
I call it WannaCry, since it makes you want to cry
911gp (1 year ago)
Companies also use updates as a way for your device to become obsolete. Where should we draw the line between cheat and security ? Who gets the more profit out of the constant updates ?
richard vaughn (1 year ago)
I dont recommend having automatic updates enabled. I would rather manually do it because there have been many instances where the updates crash the system. I wait on others to find the broken updates and then install the stable updates only.
TheExileFox (1 year ago)
At the end of the video there is something that needs to be taken with a MAJOR grain of salt. you need to find the sweetspot, otherwise you will encounter issues that might actually be worse than a generic ransomware, provided you have a backup of your important data. What is the point of updating windows if there is a bug in this new flashy update that causes, lets say the WIFI card on your laptop to no longer be operational? I have already experienced this myself and got attacked verbally just because ASUS wasn't pushing driver anymore (they did for a while). But the actual chip manufacturer DO still provide a driver which is silently rejected by windows 10.
Larry Gall (1 year ago)
Has anyone seen, or does anyone know if this will look at secondary drives? (Please, no "you shouldn't chance it" replies).. I'm asking from a research point of view. Is it looking at set locations, like libraries, or is it doing a full drive scan for these file types.. If there was a .jpg file in a user defined folder in the root of C, or on a second drive (either SATA or USB), would it find and act on them? I think at this stage there should be enough info, since the video is 11 months old.
In the Pines (1 year ago)
This actually happened to me on one of my laptops. Fortunately, the info that was encrypted wasn't that important. I'm actually surprised that it isn't more common amongst other hackers as they haven't actually found a way to decrypt them afterwards, at least that I've heard of.
Marinus Bokslag (1 year ago)
You actually can turn off windows updates in windows 10, just not so easily an average user could manage.
Baldeep Birak (1 year ago)
Great insight into WCry.
TheEpiCool (1 year ago)
"ransomeware"
FrStProductions (1 year ago)
I do not believe it is ever just for the CIA to knowingly use exploits in systems without notifying the software developer. It has too many dangerous implications.
Bullwinkle Moose (1 year ago)
Microsoft Spyware Platform 10 is the one that is backdoored, not XP! I can block all the Microsoft backdoors in Windows XP but not in Windows 7/8.1 or 10 I was using XP-SP2 online without ANY MS security updates at all when wannacry hit and was not the least bit worried The antivirus expired 2 years ago and I still get ZERO persistent threats regardless of how many malware sites I visit I study malware with this machine all the time and simply block everything except firefox from getting Internet access using an aftermarket firewall Banning Flash, Java scripts, Net Framework, Silverlight & Adobe Reader will prevent the vast majority of malware blocking vulnerable ports & disabling SMB helps Use the portable "safe-XP" app to cover much of the remaining problems I Never use XP for Banking, personal information or sensitive passwords so no need to worry about exfiltration of data and I install Driveshield to make XP Read Only.... This allows me to test the effects of any malware and then simply reboot to get back to a clean machine Windows XP is safe "IF" you know what you are doing and what the limitations are However, You cannot block Government access to your computer with Spyware Platform 10 and you cannot close the backdoors It was designed as a Government Spyware Platform from the very beginning
Bullwinkle Moose (1 year ago)
The list of security tweaks I use when setting up XP is longer than what I describe here, but these are very important The thing to remember is, if you miss ANYTHING, you are completely screwed, but once it is set up correctly, it is far safer than Spyware Platform 10
Umer Raja (1 year ago)
Have the nsa taken credit for this ? Or did the media try to blame North Korea?
TheVergile (1 year ago)
ill turn off my Win XP and Win 7 installations the moment Microsoft puts out a good OS again. Had both 8 and 10 on work networks and personally I won't touch them with a 10 inch stick.

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.