WCrypt ransomware attack under control | Sunday Observer

WCrypt ransomware attack under control

21 May, 2017

The Computer Society of Sri Lanka (CSSL) wishes to alert the public about the newest ransomware to hit cyberspace, WCrypt, which continues to infect computers across the globe.

The malware’s name is WCry, but analysts were also using variants such as WannaCry, WanaCrypt0r, WannaCrypt, or Wana Decrypt0r, the Computer Society of Sri Lanka said in a press statement.

Excerpts:

Experts claim the fast-moving wave of cyber-attacks across the globe maybe the result of exploitation of a security flaw exposed in documents leaked from the US National Security Agency. Ransomware is malicious software (malware) which locks a user’s files making them inaccessible unless a (usually large) payment is made to the hackers. Although exact figures are not known, the ransom demanded from each infected computer is estimated to range from USD 300 to USD 600.

“It has a ‘hunter’ module, which seeks out PCs on internal networks,” UK-based security architect Kevin Beaumont told CNN earlier today.

The virus is estimated to be spreading at a rate of ‘five million emails per hour’, primarily targeting computers with Microsoft Windows operating systems. Microsoft has released an official statement informing users to ensure their operating systems have been updated with the Microsoft Patch MS17-010, specifically developed to address this attack.

Latest reports claim that the spreading of the malware has been stopped, after a cyber-security analyst accidentally came across a solution. However, this should not be considered a ‘green-light’ and users should continue to exhibit the same level of awareness and follow security best practices as before.

The CSSL advises users to keep their operating systems and anti-virus software updated with the latest patches and definitions. Users should also refrain from opening suspicious emails, especially if they contain attachments as well as from clicking on unknown web links. 

Comments