Wanna Cry, the deadly ransomware which has affected more than 2 lakh computers across 150 countries, has been declared as a critical threat in India.
Computer Emergency Response Team of India (CERT-In) has red alert warning against this ransomware, which denotes maximum threat level.
In their warning and guidelines, CERT-In has requested infected users not to pay the ransom to the hackers, as it will make them even more powerful and deadly. CERT-In said, “Individuals or organisations are not encouraged to pay the ransom as this does not guarantee files will be released. Report such instances of fraud to CERT-In and law enforcement agencies,”
WannaCry outbreak broke on Friday night and has affected more than 2 lakh computers across 150 countries. The ransomware locks down the computers and asks ransom in bitcoins to release the lock. Till now, the magnitude of this outbreak has been unprecedented as it has affected hospitals, cars factories, IT offices and more domains.
Unprecedented Spread of Wanna Cry
Europol Director Rob Wainwright said that the threat from WannaCry was more deadly, as a ransomware combined the properties and functionalities of a worm to become more infectious, and the infection is spreading automatically, on an auto-pilot.
He said, “The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations..”
The figure of 2 lakh infected computers was derived till late Sunday evening, but as offices open on Monday, as people switch on their PCs, the actual magnitude and extent would be understood.
As per some analysts, WannaCry ransomware has the potential to scoop out $1 billion in bitcoins from their victims. However, till Sunday evening, close to $33,000 was paid to the hackers in bitcoins, in order to unlock their systems.
Ransoms from $300 to $600 are being demanded by the hackers who installed WannaCry ransomware.
Rob said, “(There have been) remarkably few payments so far that we’ve noticed as we are tracking this, so most people are not paying this, so there isn’t a lot of money being made by criminal organisations so far”
An Unlikely Hero Who May Have Stopped The Spread Of Wanna Cry
Meanwhile, a 22-year-old researcher, whose alias is MalwareTech, has become an Internet hero after he accidentally stopped the spread of WannaCry ransomware.
While undergoing research on WannaCry, this researcher located an unregistered domain residing inside the ransomware, and bought it for $10.69. After he pointed the domain to a sinkhole or a server which collects and analyses malware, he discovered that the domain is actually a kill switch, which can be used to control the ransomware.
In an email interview, he said, “I just [think] don’t that what I did was that significant. And as of now I’ve had a fair bit of thanks from different people which are really appreciated, but no job offers which is nice as I’m happy where I am.”, adding, “We found out that the domain was supposed to be unregistered and the malware was counting on this, thus by registering it we inadvertently stopped any subsequent infections,”
Here is his blog, where he has explained how he accidentally stopped the spread of WannaCry.
How To Stop Wanna Cry Ransomware
The massive spread of this ransomware has been made possible due to a security vulnerability in Microsoft’s operating systems: Windows XP, Windows Server 2003 and Windows 8. And these are the OS for which Microsoft doesn’t provide mainstream support.
However, understanding the massive scale of the infection, Microsoft has released a ‘highly unusual’ patch which basically covers up the Windows vulnerability, which involves the Server Message Block protocol, a file-sharing feature.
The patch can be downloaded from here.
Do let us know more resources and patches, which can stop the spread of WannaCry, by commenting right here.