Cyber Attack: New Dangerous Version Of Wanna Cry Ransomware

Share It On:

Recently, the internet faced a massive attack which is believed to be the most massive ransom-ware delivery campaign to date. The ransom-ware campaign hit computer systems of hundreds of private companies and public organizations across the globe.

Also known as ‘Wana Decrypt0r,’ ‘WannaCryptor’ or ‘WCRY,’ the Ransom-ware in question has been identified as a variant of ransom-ware WannaCry. Similar to other nasty ransom-ware variants, WannaCryblocks access to a computer or its files and demands money to unlock it.

After infecting the system, the ransom-ware demands the victims to pay up to $300 to remove the infection from their PCs. Not paying the ransom renders their PCs unusable, and files locked.

Using NSA’s Exploit to Spread Rapidly

The most interesting fact about this ransom-ware is that WannaCry attackers are leveraging a Windows exploit called Eternal Blue harvested from the NSA and dumped by Shadow Brokers hacking group over a month ago.

In response to the act by the Shadow Brokers hacking group, Microsoft released a patch for the vulnerability in March (MS17-010), but many users and organizations who did not patch their systems are open to attacks.

The exploit has the capability to penetrate machines running an unpatched version of Windows XP through 2008 R2 by exploiting flaws in Microsoft Windows SMB Server. And this is one of the reasons for spreading of WannaCry campaign at such an alarming rate.

Simply put, once a single computer in your organization is hit by the WannaCry ransomware, the worm looks for other vulnerable computers and infects them as well.

Infections from All Around the World

According to Kaspersky Labs, the campaign targeted over 45,000 computers in 74 countries, including United States, Russia, Germany, Turkey, Italy, Philippines, and Vietnam only over the first few hours and the number was still growing,

According to a report, the ransom-ware attack has shut down work at 16 hospitals across the UK after doctors got blocked from accessing patient files. Another report says, 85% of computers at the Spanish telecom firm, Telefonica, has get infected with this malware.

Malware Tech, another independent security researcher, reported that a large number of U.S. organizations (at least 1,600) had been hit by WannaCry, compared to 11,200 in Russia and 6,500 in China.

Bitcoin wallets seemingly associated with WannaCry were reportedly started filling up with cash.

According to BBC, “Power firm Iberdrola and utility provider Gas Natural were also reported to have suffered from the outbreak.,”

 Protect Yourself from WannaCry

The most important thing to do is to patch your Windows machines, and servers against Eternal Blue exploit (MS17-010) if you have not done it yet.

To safeguard against such ransomware infection, you should always be suspicious of uninvited documents sent an email and should never click on links inside those documents unless verifying the source.

To maintain a tight grip on all your important files and documents, keep a good backup routine in place that makes their copies to an external storage device that is not always connected to your PC.

And always make sure that you run an active anti-virus security suite of tools on your system, and most importantly, always browse the Internet safely.


Share It On:

Recent Posts

Dursikshya Education Network Successfully Concludes Finals of Discovery Education & Edutech’s National Coding Competition – Nepal Edition

Dursikshya Education Network Successfully Concludes Finals of Discovery Education &

Share It On:22nd December 2024, Kathmandu Dursikshya Education Network, in collaboration with Edutech India, Discovery Education UK, and ICT Frame

Child Online Protection in Nepal: Insights From UNICEF and ChildSafeNet Dialogue

Child Online Protection in Nepal: Insights From UNICEF and ChildSafeNet

Share It On:21st December 2024, Kathmandu A high-level dialogue on child online protection organized by UNICEF, in partnership with ChildSafeNet,

Support Your NPL Team With Ncell’s Exclusive PRBTs

Support Your NPL Team With Ncell’s Exclusive PRBTs

Share It On:20th December 2024, Kathmandu As the finale of the Nepal Premier League (NPL), the ‘Festival of the Himalayas,’

Garima Bank Cash Dividend Proposal: 5% for Shareholders

Garima Bank Cash Dividend Proposal: 5% for Shareholders

Share It On: 20th December 2024, Kathmandu Garima Bikas Bank has announced its decision to offer a cash dividend to

Citizens Bank and SM Dental Partnership: Exclusive Discounts for Digital Payment Users

Citizens Bank and SM Dental Partnership: Exclusive Discounts for Digital

Share It On: 20th December 2024, kathmandu Citizens Bank International Limited has formed a strategic partnership with SM Dental and

Nabil Bank Toll-Free Number for Easy Banking Support: 24/7 Access to Assistance

Nabil Bank Toll-Free Number for Easy Banking Support: 24/7 Access

Share It On: 20th December 2024, kathmandu Nabil Bank Limited has rolled out a new initiative to improve customer support