Ransomware Protection

Stephen Njuki 2017.05.15 05:44

The developers of this virus that almost shut down UK's NHS are allegedly redeveloping and improving it to wreck more havoc!

My question is what assurance do we have that virtual servers (esp. those offered by metaquotes in lieu of VPS) will be secure going forward.

Alok Dandekar 2017.05.15 08:54 #1

I just chatted with my VPS provider, and they said their servers are protected. I use one of the larger VPS providers.

Stephen Njuki 2017.05.15 09:18 #2

Alok Dandekar:
I just chatted with my VPS provider, and they said their servers are protected. I use one of the larger VPS providers.

If you are using your own VPS, say with Amazon, you could reinstall the instance.

What can people who have registered metaquotes virtual servers do?

Waseem Raza 2017.05.15 09:32 #3

Most system's are hit because they were not updated if you using win base they update it

Carl Schreiber 2017.05.15 10:40 #4

As far as I know infects the ransomware by emails with an executable code (e.g. click,..) and then is loads the malicious part from the internet.

What if you start an EA, script or indi, whose code you don't know, and that uses wininet.dll (InternetOpenW(),...) and shell32.dll (ShellExecuteW()) to start its 'work'?

So keep an eye on the allowed urls and the usable dlls.

ShellExecuteW not work on how to get a Creating an EA with

Stephen Njuki 2017.05.15 13:01 #5

Carl Schreiber:

As far as I know infects the ransomware by emails with an executable code (e.g. click,..) and then is loads the malicious part from the internet.

What if you start an EA, script or indi, whose code you don't know, and that uses wininet.dll (InternetOpenW(),...) and shell32.dll (ShellExecuteW()) to start its 'work'?

So keep an eye on the allowed urls and the usable dlls.

Oh!

So it is spread via email!! I guess that is a relief?...

Stephen Njuki 2017.05.15 13:03 #6

My particular EAs do not call those dlls but since the virtual servers are shared does that mean we are all still at risk?

William Roeder 2017.05.15 13:30 #7

Stephen Njuki: since the virtual servers are shared does that mean we are all still at risk?	Servers are shared, virtual servers are not. You could only infect your virtual server.

Stephen Njuki 2017.05.15 13:33 #8

whroeder1:

	Servers are shared, virtual servers are not. You could only infect your virtual server.

Okay, so you are certain Metaquotes' virtual servers are all independent images. For every registration that is a new installation?

William Roeder 2017.05.15 13:42 #9

Stephen Njuki: so you are certain	I'm not Metaquotes so I can't be certain of anything. But if everybody is running in the same virtual server, what's the point of using a virtual? That would be the same as everyone running on one PC. Couldn't work.

Expert Advisor Trading Software Virtual Terminal - does Where should the TC

Stephen Njuki 2017.05.15 13:45 #10

whroeder1:

	I'm not Metaquotes so I can't be certain of anything. But if everybody is running in the same virtual server, what's the point of using a virtual? That would be the same as everyone running on one PC. Couldn't work.

Fair points, noted. Thanks for that.

I hope you're right.

1 2

New comment