flaws of wannacry ransomware

flaws in wannacry ransomware

By Source, Fair use, Link

Dear Hoopers,

Today we are going to discuss – ‘WHAT IS WANNACRY RANSOMWARE AND THE FLAWS THAT CAUSED IT’. Billions of people in the world are using the internet. For sure, many of these users computers has been infected with viruses. There are a lot of different types but many people do not know how to figure out the problem. You can install anti-virus on your computer to prevent and to clean malicious software.

On May 21, 2017, a new massive computer virus was just identified. It is called WannaCry Ransomware. This malware targets computers running Microsoft Windows operating system by encrypting the files which are then held for ransom in digital payment system called Bitcoin. These ‘cybercriminals’ usually asks for $300 worth of Bitcoin if you want to decrypt all your files and data. But they will only accept bitcoin. Why bitcoin?. Because they will remain unknown even though their address and payment transactions are public. You can find out more about bitcoin on http://en.wikipedia.org/wiki/Bitcoin. WannaCry has quickly become the worst digital disaster. This massive virus spreads worldwide and the creators of this ransomware are still unknown. Once your system is attacked by WannaCry, all your data will be locked up. You will see the red message pop up and be stating “Oops, your files have been encrypted!”. They’re locking up computers at the hospitals, major companies, government offices and some businesses. The creators of the Ransomware will just give you three days to pay them. If you don’t pay them after three days, the ransom doubles and after seven days, all your files will be lost forever. They will let you decrypt some of your files for free but you have to pay them to decrypt everything. There’s no 100% guarantee that paying them will work. Cybercriminals are still anonymous. They might give you the key to decrypt your files or they might just steal your money.

What caused the ‘wannacry ransomware’ to affect Microsoft OS?

flaws of wannacry ransomware
Blue dots shows the systems hit by wannacry

What exactly made it so easy for the wannacry ransomware to affect PC’s running Microsoft’s OS?.Recently a group of hackers called the shadow brokers happened to dump a loads of tools believed to be used by NSA ( National Security Agency ). It contained a tool called ‘ EternalBlue ‘ – a tool which exploits a small vulnerability (which is now patched – MS17-010) of the Microsoft’s Windows OS. Wait but Microsoft has repented its error and released a new update to block the ‘EternalBlue’ from exploiting the vulnerability of its OS. Download it here

Flaws of wannacry ransomware – what made it cease temporarily ?

However there is a many flaws in the ransomware indicating an amateur interference in the creation of the ransomware. One of the major flaw is an easy to find kill switch which is not well concealed which was found by an 22 year old researcher.That is as soon as the ransomware affects a system it tries to connect to an unregistered domain name.The 22 year old found out the domain name after a some research and registered it.Now as the ransomware is able to connect to the domain it wont spread further and will be deactivated as soon as the domain is unavailable to connect the ransomware becomes active again. The reports are that the brains behind the ransomware is trying to bring down the domain by overloading the the address with bot traffic.Due to overloaded requests the domain becomes inaccessible this enables them to continue the spread of the ransomware.

How to fix this problem?

Be alert. Keep updating your operating system. Make sure that you are making backup routines and regularly saves copies of all files so you don’t need to worry about losing them once your computer have been infected with virus. Don’t just click the link that you don’t recognize. If somebody will send you a link, ask them first about it. Don’t go on websites that are not trusted. If your system has been hit, disconnect your computer from any networks it’s connected to. It should be removed from the network to prevent ransomware from attacking share drives. Get in touch with IT support company who will be able to solve the problem. This attack has impacted many large services and organizations. More ways to prevent the ransomware is given here.If one of the services impact your life, it is still not good even if your own computer is clean.

Given below is a video showing the ransomware virus in action..

Also visit: Keylogger complete guide to hacking

Do you guys have such interesting articles?. If yes, send it to us right now.We will publicize it and credit you for your content.Cheers Hoopers, take care.Hope all you guys enjoyed the article. If yes, please do subscribe to our posts and like our FB page.

Your Rating

About Eibel

A techie, an aspiring entrepreneur, a passionate blogger interested in internet and related stuff. Enjoys discovering new things on web and also share quality content .

Leave a Reply

Your email address will not be published. Required fields are marked *