WannaCry Ransomware attack has become one of the largest ransomware attack in the history within just few days. However, if you’re using an unsupported or outdated version of Windows OS, then you are strongly advised to either upgrade to Windows 10 or immediately install the latest patch issued by the Microsoft for Windows XP, Win Vista, 7 and 8, server 2003 & 2008. According to the European authorities, since its discovery on Friday, the malware attack has continued in order to spread this weekend, impacting more than 10,000 organizations and 250,000 individuals in over 150 countries.
Although, there are few measures have been taken to slow the spread of WannaCry Ransomware, new variants have begun to the surface. The variant of WannaCry Ransomware is known as Wana Decrypt0r, WCRY and WannaCryptor. Like other dangerous ransomware threats, this malware also blocks access to an infected system, encrypts the files stored onto it and then demands ransom money to unlock those files. Once infected with this noxious ransomware virus, victimized users are asked to pay up to 300 USD in order to delete the infection from their machine and provides decryption key for the file restoration.
WannaCry Ransomware attack began on Friday afternoon, where the malware affected National Health Service of England, prompted automaker Renault into the idle factories in France and many others. After this ransomware attack, a well-known and reputed security firm known as Malware Tech slowed the attack just by registering a website name that they discovered in WannaCry Ransomware’s code.
WannaCry Ransomware Using NSA’s Exploit to Spread Quickly
The developers of this ransomware are leveraging a Windows exploit which is harvested from the NSA known as EternalBlue. However, over a month ago, this exploit was dumped by the hacker’s group identified as ShadowBrokers. Microsoft has already released a patch for vulnerability in March (MS17-010), but most of the organizations and users who didn’t patch their computers are likely open to WannaCry Ransomware attacks.
Besides, the exploit has ability to penetrate into computers running unpatched version of the Windows XP operating system via 2008 R2 by exploiting the flaws in MS Windows SMB Server. That’s why, the WannaCry Ransomware campaign in distributing at an astonishing pace. Once a single PC in your organization hits by this ransomware, the malware looks for other vulnerable machines and infects them as well.
WannaCry Ransomware Infection Detected All Around the World
At the time of writing this security article, the WannaCry Ransomware infected 250,000 computers in more than 150 countries, including United Kingdom, United States, India, Russia, Germany, Vietnam, Philippines, Italy, Spain, Turkey and China, and that the number is still growing. According to the report, the WannaCry Ransomware attack had blocked work at 16 hospitals across the United Kingdom, after that, doctors become unable to access their patient files. Moreover, the malware is associated with Bitcoin wallets and were reportedly started filling up with cash.
Protecting Yourself From WannaCry Ransomware Attack
To protect yourself from WannaCry Ransomware, you have to patch your Windows PCs and servers against exploit (MS17-010). Also, you should always be suspicious of unfamiliar documents attached with spam emails, and should never try to click on the links inside those emails or attached documents unless you verify the source. Keep a good backup routine and makes their copies to any external storage device which is not always connected to the system. Most importantly, make sure that you run a credible and active anti-malware program on your computer and browse the web safely.