‘Wanna Cry’ Ransomware Cyber Attack Hits 150 Countries and Infected 200,000 Machines Worldwide!


They demand that victims pay using bitcoins.

A virus that hit the NHS in England and Scotland, known as Wanna Decryptor or WannaCry, has infected 200,000 machines in 150 countries since Friday, May 12 2017. The virus spread throughout the internet using an exploit vector that Microsoft had issued. The attack has reached over 200,000 users, using 20 different languages to demand payments in the cryptocurrency bitcoin.

The virus has targeted large companies in Spain, as well as parts of Britain’s NHS. WannaCry is believed to use the EternalBlue exploit, which was developed by the U.S. National Security Agency to attack computers running Microsoft Windows operating systems.

According to the NHS incident director, pathology services were the most seriously affected, alongside imaging services, such as MRI and CT scans, and X-rays, which transmit images via computers. Hospitals were forced to cancel treatments and appointments, and divert ambulances to other sites.

With a little bit of luck, a researcher by the name of MalwareTech fortunately found an effective kill switch, which prevented further infections, and enough time to patch systems up. The 22-year-old saw that one of the web domains used by the attackers hadn’t been registered. So he registered the site, took control of the domain for $10.69 and started seeing connections from infected victims, hence his ability to track the ransomware’s spread.

I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental. — MalwareTech

Though the attack has been slowed down and contained, computer security experts are warning users of a possible second attack soon.

What is a ransomware?

According to Wikipedia, a Ransomware is a type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.

Source link