![](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2017\/06\/27133416\/wannamore-ransomware-featured.jpg\")
<\/p>\n\u5c31\u5728\u51e0\u4e2a\u5c0f\u65f6\u524d\uff0c\u65b0\u4e00\u8f6e\u7684\u52d2\u7d22\u8f6f\u4ef6\u653b\u51fb\u5728\u5168\u7403\u7206\u53d1\uff0c\u8fd9\u6b21\u7684\u89c4\u6a21\u770b\u8d77\u6765\u4e0e\u4e0d\u4e45\u524d\u5e2d\u5377\u5168\u7403\u7684WannaCry\u52d2\u7d22\u8f6f\u4ef6\u4e0d\u76f8\u4e0a\u4e0b\u3002<\/p>\n
<\/p>\n
\u77ed\u77ed\u51e0\u4e2a\u5c0f\u65f6\uff0c\u5c31\u6709\u4e0d\u540c\u56fd\u5bb6\u7684\u597d\u51e0\u5bb6\u5927\u516c\u53f8\u62a5\u544a\u4e86\u611f\u67d3\u60c5\u51b5\uff0c\u611f\u67d3\u5f88\u53ef\u80fd\u4f1a\u8fdb\u4e00\u6b65\u8513\u5ef6\u3002<\/p>\n
\u76ee\u524d\u5c1a\u4e0d\u6e05\u695a\u8fd9\u79cd\u65b0\u51fa\u73b0\u7684\u52d2\u7d22\u8f6f\u4ef6\u5230\u5e95\u662f\u4ec0\u4e48\u3002\u6709\u4eba\u8ba4\u4e3a\u53ef\u80fd\u662fPetya\u7684\u67d0\u79cd\u53d8\u4f53\uff08Petya.A\u3001Petya.D\u6216PetrWrap\uff09\uff0c\u4e5f\u53ef\u80fd\u662fWannaCry\uff08\u5176\u5b9e\u4e0d\u662f\uff09\u3002\u5361\u5df4\u65af\u57fa\u5b9e\u9a8c\u5ba4\u4e13\u5bb6\u76ee\u524d\u6b63\u5728\u8c03\u67e5\u8fd9\u4e00\u65b0\u7684\u5a01\u80c1\uff0c\u4e00\u65e6\u4ed6\u4eec\u638c\u63e1\u4e86\u786e\u51ff\u7684\u4e8b\u5b9e\uff0c\u6211\u4eec\u4f1a\u66f4\u65b0\u672c\u6587\u3002<\/p>\n
\u8fd9\u6b21\u7684\u653b\u51fb\u770b\u4e0a\u53bb\u5f88\u590d\u6742\uff0c\u6d89\u53ca\u597d\u51e0\u4e2a\u653b\u51fb\u5411\u91cf\u3002\u6211\u4eec\u53ef\u4ee5\u80af\u5b9a\u7684\u662f\u653b\u51fb\u5229\u7528\u4e86\u4fee\u6539\u540e\u7684EternalBlue\u6f0f\u6d1e\uff0c\u81f3\u5c11\u5728\u516c\u53f8\u7f51\u7edc\u4e2d\u4f20\u64ad\u7684\u52d2\u7d22\u8f6f\u4ef6\u5229\u7528\u662f\u8fd9\u79cd\u6f0f\u6d1e\u3002\u4e86\u89e3\u5173\u4e8e\u6b64\u653b\u51fb\u7684\u66f4\u591a\u6280\u672f\u65b9\u9762\u4fe1\u606f\u3002<\/p>\n
![](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2017\/06\/27133735\/wannamore-ransomware-screenshot.jpg\")
<\/p>\n
\u76ee\u524d\u5df2\u77e5\u5361\u5df4\u65af\u57fa\u5b9e\u9a8c\u5ba4\u7684\u4ea7\u54c1\u80fd\u5229\u7528\u5361\u5df4\u65af\u57fa\u5b89\u5168\u7f51\u7edc\uff08KSN\uff09\u68c0\u6d4b\u5230\u8fd9\u79cd\u65b0\u578b\u52d2\u7d22\u8f6f\u4ef6\uff0c\u7ed3\u8bba\u5b57\u7b26\u4e32\u662fUDS:DangerousObject.Multi.Generic\u3002\u4e0b\u9762\u662f\u6211\u4eec\u5efa\u8bae\u5ba2\u6237\u91c7\u53d6\u7684\u63aa\u65bd\uff1a<\/p>\n
1.\u786e\u4fdd\u201d\u5361\u5df4\u65af\u57fa\u5b89\u5168\u7f51\u7edc\u201d\u548c\u201d\u7cfb\u7edf\u76d1\u63a7\u201d\u7ec4\u4ef6\u5df2\u6253\u5f00\u3002<\/p>\n
2.\u7acb\u5373\u624b\u52a8\u66f4\u65b0\u53cd\u75c5\u6bd2\u6570\u636e\u5e93\u3002\u5728\u63a5\u4e0b\u6765\u7684\u51e0\u4e2a\u5c0f\u65f6\uff0c\u6700\u597d\u591a\u66f4\u65b0\u51e0\u6b21\u3002<\/p>\n
3.\u4f5c\u4e3a\u4e00\u79cd\u989d\u5916\u7684\u4fdd\u62a4\u624b\u6bb5\uff0c\u8fd8\u53ef\u4ee5\u4f7f\u7528AppLocker\u529f\u80fd\u6765\u7981\u7528\u6267\u884cperfc.dat\u6587\u4ef6\u548cSysinternals Suite\u4e2dPSExec\u5b9e\u7528\u7a0b\u5e8f\u3002<\/p>\n
4.\u5b89\u88c5Windows\u7684\u6240\u6709\u5b89\u5168\u66f4\u65b0\u3002\u5176\u4e2d\u4e00\u4e2a\u5b89\u5168\u66f4\u65b0\u7279\u522b\u91cd\u8981\uff0c\u5b83\u4f1a\u4fee\u590dEternalBlue\u5229\u7528\u7684\u6f0f\u6d1e\u3002\u8bf7\u53c2\u9605\u5177\u4f53\u64cd\u4f5c\u8bf4\u660e<\/a>\u3002<\/p>\n
![\"\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/97\/2017\/06\/28102647\/Banner_1080x1080_mobile_blog_buy_CN_%E7%88%B1%E5%A5%87%E8%89%BA.jpg\" "\\"https:\/\/kas.pr\/c5tg\\"")
<\/a><\/p>\n