261th global virus crisis

White-hat hacker B concluded: "Bitcoin established a trading platform on November 17, 2009, and then Bitcoin skyrocketed from 0.0015 US dollars to 0.12 US dollars. Less than three months after the establishment of the Bitcoin trading platform, Bitcoin extortion occurred. The virus, if there is no conspiracy, who would believe it?"

White hat hacker C disdains Bitcoin such as unsecured network virtual currency: "The essence of currency is credit, and currency without credit is all waste paper. There is no doubt that Bitcoin is definitely a game of drumming and spreading flowers."

However, White Hat Hacker C still opposes White Hat Hacker B’s point of view: “I think the purpose of the Avengers organization is not so simple. Whether it is $0.0015 or $0.27, Bitcoin’s plate is too small. How much money do you make? The 108 hacking tools announced by the Avengers organization are valuable for each program. For example, several programs for Cisco products can allow attackers to bypass the firewall, and those hackers that are low-tech but very good at making money Hat hackers must be willing to spend money to buy these hacking tools. If the Avengers are obsessed with money, these 108 hacking tools should flow into the black rivers and lakes instead of being released for free on the Pirate Bay homepage. Moreover, I think the Avengers can attack the United States in this way. The top hacker organization of the National Security Agency will never create a global virus crisis for a mere millions of dollars. They must have other purposes."

The white hat hackers in the group have their own opinions, and no one can convince anyone.

Wei Dongsheng activated the authority of the chairman of Chunqiu Search to call the public opinion analysis system under the name of Chunqiu Search. Statistics show that the proportion of serious conspiracy theorists who hold similar views of White Hat Hacker C is relatively small; Conspiracy theorists have an extremely high proportion of Internet users. At least half of netizens tend to think that the Avengers and Bitcoin ransomware virus producers are hyping Bitcoin.

Their suspicion did not wrong Wei Dongsheng.

In 30 years of memory, the first Bitcoin trading platform was established on July 17, 2010; in this world, the first Bitcoin trading platform was established on November 17, 2009. This change is not the butterfly effect, but the direct intervention of Wei Dongsheng. Through the disguise of layer after layer of leather company, he helped several programmers to open the Bitcoin trading platform in advance.

Wei Dongsheng's Bitcoin trading platform is not for making money.

As the white hat hacker C said, the Bitcoin plate is too small. In fact, statistics from the background of the Bitcoin trading platform show that the size of the Bitcoin economy is still less than $1 million. In the 2009 China Rich List, Forbes estimated Wei Dongsheng US$26.5 billion. The US$1 million economic scale of Bitcoin has no sense in Wei Dongsheng’s eyes. Wei Dongsheng is too lazy to hoard Bitcoin and wait for it to appreciate. What about Bitcoin's appreciation of $20,000?

Who is willing to spend tens of billions of dollars to take over Wei Dongsheng?

With this free time, Wei Dongsheng might as well let the Rose Fund engage in wind and rain to buy more gold and short Greek government bonds.

Wei Dongsheng's investment in the Bitcoin trading platform only matches the decentralized characteristics of Bitcoin and other network virtual currencies, hoping to bypass the existing international financial system supervision. Before the establishment of the Bitcoin trading platform, Wei Dongsheng had taken advantage of time and capital to secretly control 70% of the Bitcoin economy at a very low cost; after the establishment of the Bitcoin trading platform, Wei Dongsheng continued to forge false cross-border transactions and quickly raised the bitcoin Exchange rate of the currency. As far as the result is concerned, whether the false transaction of left hand to right hand or the live advertisement of Bitcoin ransomware virus, Wei Dongsheng is really hyping Bitcoin.

Wei Dongsheng's hype about Bitcoin was just a matter of convenience.

The Bitcoin ransomware released by Wei Dongsheng's impact on China is limited to the Anti-Zhiyu Alliance and its related industries, and very few individual users are caught in the mud. It's nothing to do with it. Chinese netizens have witnessed the spread of the Bitcoin ransomware virus with onlookers, watching the fire from the shore to discuss whether the Avengers organization is hyping Bitcoin.

Outside of China, netizens are not so lucky. The hospital system collapsed, crowds of patients and their families were crowded in the hospital scratching their heads; the administrative system collapsed, all the documents in progress were delayed, there was no backup file, and it was even necessary to call one by one to request replacement.

February 1, 2010 was Monday, and various system crashes led to today’s black Monday.

In other words, loopholes are not invincible. Hackers know that there is a vulnerability A in Windows, and Microsoft and security software vendors do not know that there is this vulnerability, and hackers can use vulnerability A to invade other computers unscrupulously. If hackers invade with fanfare, the vulnerability A is well known, and Microsoft will definitely release a patch quickly to plug the vulnerability. Therefore, there is no invincible loophole in the world, and there is no invincible virus. As long as you understand the mechanism of the virus, as long as the existence of loopholes is discovered, a team of qualified security experts can deal with all viruses.

The destructive power of Windows system vulnerabilities only exists in the blank time period before Microsoft or security software finds it and blocks it.

As long as a certain virus is well known, security software vendors can always come up with solutions in time.

However, such a strategy can only solve conventional viruses.

Wei Dongsheng’s Bitcoin ransomware virus is very different from the Bitcoin ransomware virus WannaCry in 30 years of memory, and it is also very different from conventional viruses.

At 10:00 on February 2nd, Yanjing time, the Spring and Autumn Security Butler team, under the leadership of Wei Dongsheng, "parsed" the infection mechanism and characteristics of the Bitcoin ransomware virus. The Spring and Autumn Security Butler did not hide it in secret, and immediately chose to unconditionally announce it to the public. Wei Dongsheng also reposted relevant information to You Jinliang's white hat hacker group as itm.

The information of the Spring and Autumn Security Manager suddenly caused a sensation in the white hat hacker group.

Because the Bitcoin ransomware virus is too special.

Compared with the previous Trojan horse virus, the Bitcoin ransomware has made a leap from quantitative to qualitative change, which is simply a technological revolution in the Trojan horse virus industry.

Modular!

The term modularization describes the characteristics of the Bitcoin ransomware virus.

Looking back at the history of progress in the Trojan horse virus industry, after 2007, the Trojan horse virus manufacturing has gradually become modularized and batched. Modularity here refers to modular programming, which means that the fully functional virus is divided into different functional modules, virus releaser, virus downloader, Trojan virus, backdoor program, etc., and merged into a super virus combination. In order to fight the anti-virus software, the virus will also load modules that attack the anti-virus software. Since then, Trojan horse virus creators have become more and more professional. A hacker does not need to waste time and effort to write the code of all modules, only the most core module, and other functional modules can buy the excellent products of the same industry and produce the virus in assembly. Such virus manufacturing, like the assembly line of an assembly factory, is extremely efficient.

Wei Dongsheng's version of the Bitcoin ransomware has a higher degree of modularity and is less difficult to manufacture in batches.

Bitcoin ransomware is simply divided into infection attack module, virus module, backdoor module, etc.

Among them, the infection attack module targets Windows, Unix, Linux, MacOS and other system vulnerabilities. The most powerful part of Wei Dongsheng’s Bitcoin ransomware is that the module is highly integrated and has a certain intelligent processing capability. The vulnerabilities of the infection module not only allow users to be free Deleted, there is a set of vulnerability editing templates, allowing users to upload new vulnerabilities discovered by themselves. In other words, the Bitcoin ransomware or its own eternal red tool allows the simultaneous use of dozens of vulnerabilities to spread attacks. If a loophole is blocked by a system patch such as Windows, users can also delete this useless loophole and upload other valid loopholes.

The virus module is the body of the Bitcoin ransomware virus, responsible for encrypting files and so on. The Eternal Red tool still allows users to freely delete and modify. If you don't want to engage in Bitcoin blackmail, you can delete it. Users either add a new virus to the virus module, or add a new Trojan horse to the backdoor program module, the Bitcoin ransomware virus immediately turns into a Trojan horse virus such as NS spyware, a pollution-free source of infection, disguised searchers, and netizen hacking Trojans.

Bitcoin ransomware is not so much a virus as it is a Trojan horse virus manufacturing assembly line, Trojan horse virus editing tool, and Trojan horse virus manufacturing one-stop.

Knowing the nature of Eternal Red, the white hat hacker group took a cold breath.

You Jinliang, who rarely speaks in the group, couldn't help but exclaim: "Virus Factory!"

You Jinliang did not overestimate the dangers of Eternal Red.

As an image metaphor, old-style virus attacks often fight alone, either with rifles, or machine guns, or fire suppression, or tank charge; while the eternal red tool can be modularized and concentrated to use completely different loopholes, like infantry, artillery, armored vehicles, The combined attack of aircraft and missiles is a corps operation that caught ordinary anti-virus software and firewalls by surprise. The Eternal Red tool’s legion combat thinking means that as long as there is a slight loophole in the security system of the defense, it can be captured by Eternal Red; the high degree of freedom of editing of the Eternal Red tool means that its variants will be endless; Eternal Red The template-based editing assistance of the tool means that the threshold for hackers is greatly reduced, and the emergence of new variants of Bitcoin ransomware is bound to be incredible.

At 12 o'clock on February 2nd, Yanjing time, an experimental variant of Bitcoin ransomware appeared on the Internet. After the virus invaded the computer, it used the user's computer to mine Bitcoin.

At 14:00 on February 2nd, Yanjing time, various variants of Bitcoin ransomware emerged in batches all over the world. Well, perhaps they should be called the mutant eternal red virus at this time. Because of many new variants of viruses, the creators may not agree with Bitcoin's monetary attributes or dislike the low value of Bitcoin. They have uninstalled the WannaCry_Enhanced module of the Bitcoin ransomware virus, and loaded their personal favorite virus modules in a different way.

At the same time, Wei Dongsheng stole the hacker toolkit from the NSA, and many large-scale non-technical-first websites may not fill in the loopholes in time because of tight time. Some hackers then used the Eternal Red tool to integrate the latest vulnerabilities announced by the Avengers organization to invade large websites in one fell swoop, and directly plant virus Trojans on the websites, causing batches of users who trust the large websites to become victims.

So far, the global virus crisis has broken out, and Trojan horse viruses are everywhere on the Internet.

If you like to re-take the road of the future, please collect it: (lightnovelpub.net) Re-take the road of the future. The literature is updated fastest.