Innovative Computer Solutions

WannaCry Ransomware Attack – Malware/Virus/Programme

WannaCry Ransomware Attack, Ransomware is a type of malicious Virus or Programme or software,  it’s Compress or Encrypt your data in to there own RSA WannaCry Ransomware Attack2048 Method.  If you want to de-crypt the data they are asking money to decrypt.

The WannaCry ransomware attack is an ongoing cyberattack of the WannaCry (or WannaCrypt,[3] WanaCrypt0r 2.0,[4][5] Wanna Decryptor[6]) ransomware computer worm targeting the Microsoft Windows operating system. The attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the cryptocurrency bitcoin in 28 languages.[7] The attack has been described by Europol as unprecedented in scale.[8]

The attack affected Telefónica and several other large companies in Spain, as well as parts of Britain’s National Health Service (NHS),[9] FedEx, Deutsche Bahn, and LATAM Airlines.[10][11][12][13] Other targets in at least 99 countries were also reported to have been attacked around the same time.[14][15]

Most previous ransomware arrives by phishing emails, and it is alleged to be the case with WannaCry,[16] although there still aren’t any confirmations. However, once installed it uses the EternalBlue exploit and DoublePulsar backdoordeveloped by the U.S. National Security Agency (NSA)[17][18] to spread through local networks and remote hosts[19]which has not installed recent security updates to directly infect any exposed systems.[5][20] A “critical” patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack,[21] but many organizations had not yet applied it.[22]

Those still running exposed older, unsupported operating systems were initially at particular risk, such as Windows XPand Windows Server 2003, but Microsoft has now taken the unusual step of releasing updates for these operating systems for all customers.[3][23]

Shortly after the attack began a web security researcher who blogs as “MalwareTech” inadvertently established an effective kill switch by registering a website mentioned in the code of the ransomware. This slowed the spread of infection, but new versions have now been detected that lack the kill switch.[24][25][26][27][28]

 

Facebook