WannaCry ransomware attack hits several countries

Share this article

A fast-spreading ransomware tagged ”WannaCry”has hit over 74 countries around the world. In the first 24 hours, it has already infected over 114,000 Windows systems worldwide. Be careful not to click just any link you see in your web browser or email. Read the full report below:

As of Friday, Kaspersky Lab has recorded more than 45,000 attacks of ransomware in 74 countries around the world, mostly in Russia. The multinational cybersecurity and anti-virus provider’s Global Research and Analysis Team said in these attacks, data is encrypted with the extension “.WCRY” added to the filenames.

The attack by the ransomware, dubbed “WannaCry,” is initiated through an SMBv2 remote code execution in Microsoft Windows.

The exploit, codenamed “EternalBlue,” has been made available on the internet through the Shadow brokers dump on April 14, 2017, and patched by Microsoft on March 14.

“It’s important to understand that while unpatched Windows computers exposing their SMB services can be remotely attacked with the ‘EternalBlue’ exploit and infected by the WannaCry ransomware,” Kaspersky Lab’s Global Research and Analysis Team noted in a web posting.

“The lack of existence of this vulnerability doesn’t really prevent the ransomware component from working. Nevertheless, the presence of this vulnerability appears to be the most significant factor that caused the outbreak.”

The WannaCry malware encrypts the files and also drops and executes a decryptor tool. The request for $600 in Bitcoin, a cryptocurrency, is displayed along with the wallet.

As not all ransomware provides this timer countdown, said the team, the WannaCry attack shows computer users that “payment will be raised” after a specific countdown, along with another display raising urgency to pay up, threatening that the user will completely lose their files after the set timeout.

To make sure that the user doesn’t miss the warning, the tool changes the user’s wallpaper with instructions on how to find the decryptor tool dropped by the malware.

While Spain’s Computer Emergency Response Team CCN-CERT posted an alert on its site about the attack affecting several Spanish organizations, the National Health Service (NHS) in Britain also issued an alert and confirmed infections at 16 medical institutions.

Kaspersky Lab said its team has confirmed additional infections in additional countries, including Ukraine and India.

Culled from http://www.newsx.com/world/63481-ransomware-attack-hits-74-countries-kaspersky-lab

Related Posts

HOSTAFRICA Completes Acquisition of GO54, Becoming Nigeria’s Leading Hosting Provider

HOSTAFRICA, a leading web-hosting company in Africa, is excited to announce the successful completion of the acquisition of GO54 (formerly known as WhoGoHost)...

Reseller Hosting Service in Nigeria: GO54’s Comprehensive Solutions

A reseller hosting service has emerged as a lucrative business model in Nigeria’s burgeoning digital landscape. This service empowers entrepreneurs and businesses to establish their...

SME Bundles in Nigeria: How GO54 Provides Cost-Saving Solutions to SMEs

Small and medium-sized enterprises (SMEs) are the backbone of the Nigerian economy. However, these businesses often face challenges in accessing affordable and reliable business solutions...