What is Wanna Cry virus? The virus is a ransomware where the attackers take over the system and block access to a smartphone, computer or tablet and then ask for ransom to have it unlocked. In order to take control over the system, the attackers need to place a malicious software within its network which is done by getting the target to click on a link or have it downloaded by mistake.
The hacker then launches the attack and locks all files. It is a gradual process and the files are encrypted one after the other.
The hacker leaves two files with the user, one is – what to do next file and the other is the WannaDecryptor program. On opening the software it informs the users about their files being encrypted and warns them about having their files deleted if a certain ransom is not paid. The payment is asked in Bitcoin and the address for the payment to be sent is mentioned. Instructions are given on how Bitcoins can be purchased.
When was Wanna Cry virus first discovered?
Wanna Cry Virus was first discovered by the United States Security Agency who saw a defect in the operating system of Microsoft Windows which let it carve its path or to get access to computers used by the enemy and terrorist states. This flaw and the tool to exploit it with malicious software were publicized recently by a hacker group by the name ‘Shadow Brokers’.
How far has this virus spread?
According to one of the news reports, there are more than 200,000 organizations across 150 countries who have been hit by the Wanna Cry Virus. One of the major sufferers were NHS trusts in the UK. Doctor appointments and operations were canceled and patients’ lives were at stake. They were a havoc in the NHS system, about 47 of them were compromised. Other major attacks were made on Telefonica and FedEx.
Has the Mayhem stopped?
The ‘kill switch‘ of the Wanna Cry Virus was accidentally hit by a 22-year-old young researcher working in Kryptos logic, England whose identity is hidden. On seeing a sample of the malware he saw that it connected to a certain domain that was not registered. The boy unknowingly bought the domain which was priced at $10.69 as his company tracks botnets, and if one is registered the spread of the botnet can be observed. Luckily by registering the virus stopped spreading which was hardcoded in the malware. However, the code can be changed and start this all over again.
How can be stopped?
Microsoft has already issued Windows updates which will help in keeping the Wanna Cry Virus off your tail. Besides firewall and a good anti-virus software should be used to protect your system. Always backup your files in a different system and set up pop-up blocker. Refrain from clicking on any links on suspicious websites or links in emails received from sites or people you don’t know. Anyone receiving a ransom threat should disconnect the internet on their system and inform the related authorities.