WannaCry ransomware attack -Everything to Know
The WannaCry ransomware attack is an ongoing worldwide cyberattack by the WannaCry ransomware cryptoworm, which targets computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.
| Date | 12 May 2017 – present |
|---|---|
| Location | Worldwide |
| Also known as | WannaCrypt WanaCrypt0r Wana Decrypt0r 2.0 WCRY WNCRY |
| Type | Cyberattack |
| Theme | Ransomware encrypting files with $300 – $600 demand (via bitcoin) |
| Cause |
|
| Outcome | Over 200,000 victims and more than 230,000 computers infected |
The attack started on Friday, 12 May 2017, and has been described as unprecedented in scale, infecting more than 230,000 computers in over 150 countries. Parts of Britain's National Health Service (NHS), Spain's Telefónica, FedEx and Deutsche Bahn were hit, along with many other countries and companies worldwide.
WannaCry spreads across local networks and the Internet to systems that have not been updated with recent security updates, to directly infect any exposed systems. To do so it uses the EternalBlue exploit developed by the U.S. National Security Agency (NSA), which was released by The Shadow Brokers two months before. A "critical" patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organizations had not yet applied it. Those still running exposed older, unsupported operating systems such as Windows XP and Windows Server 2003, were initially at particular risk but the day after the outbreak Microsoft took the unusual step of releasing updates for these operating systems too. Almost all victims are running newer Windows 7.
Shortly after the attack began, a web security researcher who blogs as "MalwareTech" discovered an effective kill switch by registering a domain name he found in the code of the ransomware. This greatly slowed the spread of the infection, but new versions have since been detected that lack the kill switch. As per official news agencies reports, the cyber attack has slowed down drastically and has died down as of 19 May 2017.
 |
| Scree shot From Victim after attcked by WannaCry Ransomeware Virus
Attacker attacks System with wannacry virus and excrypts all its Data into un recongnizable format . and That encrypted form of data gets of no use .
And it can make a big loss to various Companies goverment Organizations .
When Data gets successfully encrypted by Wannacry virus . Then a pop Window appears which is linked above in the Document . In which all the information is displayed about what happent to my data . and method of Recovering my Data. Then there is a payment page which asks a payment of
300$ in form of Bitcoins .
and after the payment Data automatically gets decrypted .
This is the whole process of WannaCry ransomeware Attack .
|
0 Comments:
Discuss Your Queries and Suggestions Here..