network background popup

WannaCry FAQ

May 15th 2017

We have a had a number of enquiries lately about the Ransom Ware Vulnerability.

What is it ?

WannaCry also know as WanaCrypt 2.0 is a form of malware commonly known as "Ransom Ware".

Where did it come from ?

It was originally developed by the NSA in the US called "Eternal Blue" and was a way for them to secretly access computers. It was based on a flaw in windows machines, Unfortunately the NSA did not store this weaponized malware securely enough and someone hacked in and stole it. At this point it was loose and easily findable on the Internet.

If you see a screen like this, you're machine is definitely infected.

blog1

Here is a link below from Microsoft to check/scan if your PC has a virus.

https://www.microsoft.com/security/scanner/en-us/default.aspx

Who is responsible for this ?

At this point no one knows but there are a lot of smart people working on it and they will be caught eventually...This is my opinion.

Is someone making money from this ?

Yes, as with all ransom ware there is a money component.These are 3 discovered bitcoin Identifiers that victims are paying the ransom to Which is hardcoded into the Malware. As of 09:15 EST May 14, 2017 The total ransom paid is a total of $15,150.00 USD. This is surprisingly low, it's definitely going to rise. Check for yourself on its progress by clicking the 3 links below.


How did my computer get infected ?

If you're on a corporate network, you most likely got it from another computer on your network. If you're at home on a cable modem you got it through email phishing or visiting a hacked or a sketchy website.

How did it spread so quickly ?

As you most likely know by now, millions of computers were infected in a few short days and those most affected by this are on corporate, Government and University networks. It spreads on these networks by using a windows flaw that goes from machine to machine using Microsoft's SMB feature .

Here's a short list of victims from GITHUB

Is my website spreading this malware ?

I can only say that any DOSarrest customers using our advanced WAF are not spreading this Malware as we won’t allow this type of malicious traffic to get to your server.

Is it still spreading ?

No, good news ! This thing had a kill switch built into its code, so if any machine can access this site www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com it won't spread from that machine.

I'm infected, What should I do ?

We recommend that you wipe your machine clean and restore from back-ups....of course everyone has backups, Right ?

Need more info... Try

Github.com
Microsoft to get the free patch if you need it.

Jag Bains
CTO

Added By : Jag Bains

DDoS Article Categories