WannaCry ransomware attack based on NSA tools hits several countries


ransomeware

WannaCry ransomware attack seemingly based on leaked NSA hacking tools has hit companies, hospitals, schools in several countries. According to security researchers, the ransomware attack used a Windows exploit first developed by the United States National Security Agency.

National Health Service (NHS) England, and Telefonica, one of the largest telecom providers in the world, have each given out statements indicating that their systems have been brought to a grinding halt by a ransomware that Malwarebytes detects as Ransom.WanaCrypt0r. There have been reports of infections in 99 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan.

What is the WannaCry ransomware?

WannaCry encrypts data files and ask users to pay a US$300- $600 ransom in bitcoins. The ransom note indicates that the payment amount will be doubled after three days. If payment is not made after seven days, the encrypted files will be deleted. Victims who are affected with ransomware will see a wallpaper like this:

_wanadecryptor__720

A report from Reuters said that Asian countries reported no major breaches. It further added that the hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm”, or self spreading malware, by exploiting a piece of NSA code known as “Eternal Blue” that was released last month by a group known as the Shadow Brokers. Microsoft said it was pushing out automatic Windows updates to defend clients from WannaCry.

Source: 1, 2


Author: Sneha Bokil

Sneha Bokil is a tech enthusiast and is currently using OnePlus 3T but she still treasures her Nokia N70 (M). You can follow her on Twitter @snehabokil and on Google+