WannaCry Ransomware – Your Worst Nightmare

By: admin

Since its discovery on Friday afternoon, the WannaCry ransomware attack has continued to spread, impacting over 10,000 organizations and 200,000 individuals in over 150 countries, according to European authorities. However, while measures have been taken to slow the spread of the malware, new variations have begun to surface.

WannaCry is far and away the most severe malware attack so far in 2017, and the spread of this troubling ransomware is far from over.

What is WannaCry?

First and foremost, let’s clarify exactly what WannaCry is. This malware is a scary type of trojan virus called “ransomware.” As the name suggests, the virus in effect holds the infected computer hostage and demands that the victim pay a ransom in order to regain access to the files on his or her computer.

You can get full entrainment also playing wheel of bitcoin with online service, when want to enjoy free time.

RansomWare like WannaCry works by encrypting most or even all of the files on a user’s computer. Then, the software demands that a ransom be paid in order to have the files decrypted. In the case of WannaCry specifically, the software demands that the victim pays a ransom of $300 in bitcoins at the time of infection. If the user doesn’t pay the ransom in three days, the amount doubles to $600. After seven days without payment, WannaCry will delete all of the encrypted files and all data will be lost.

WannaCry paralyzed computers running mostly older versions of Microsoft Windows. The Russian security firm Kaspersky Lab said Monday that portions of the WannaCry program use the same code as malware previously distributed by the Lazarus Group, a hacker collective behind the 2014 Sony hack blamed on North Korea. But it’s possible the code was simply copied from the Lazarus malware without any other direct connection. Kaspersky said “further research can be crucial to connecting the dots.”

Another security company, Symantec, has also found similarities between WannaCry and Lazarus tools, and said it’s “continuing to investigate for stronger connections.”

Researchers might find some additional clues in the bitcoin accounts accepting the ransom payments. There have been three accounts identified so far, and there’s no indication yet that the criminals have touched the funds. But what good is money just sitting there as digital bits?

Although bitcoin is anonymized, researchers can watch it flow from user to user. So investigators can follow the transactions until an anonymous account matches with a real person, said Steve Grobman, chief technology officer with the California security company McAfee. But that technique is no sure bet. There are ways to convert bitcoins into cash on the sly through third parties. And even finding a real person might be no help if they’re in a jurisdiction that won’t co-operate.

Another possible slip-up: Nicholas Weaver, who teaches networking and security at the University of California, Berkeley, said good ransomware usually generates a unique bitcoin address for each payment to make tracing difficult. That didn’t seem to happen here.

The provide the best question to their students and students provides the relevant biology answers.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top