WannaCry-The Return of the Crypto Trojans

The WannaCry ransomware, a malicious cryptography-based Trojan, began its disruptive rampage on March 12, 2017, targeting Windows systems worldwide. Its reach extended even to critical infrastructures, though in many cases, this happened more due to chance than careful planning. What’s particularly alarming, however, is how the leak of the NSA‘s cyber arsenal unleashed such devastating consequences globally. This incident underscores the far-reaching impact of vulnerabilities in digital systems. Adding to the mix, Microsoft had already released a patch addressing these security gaps prior to the attack’s eruption. Yet the sheer scale of infections demonstrated how widespread unpatched systems can quickly spiral into chaos under such threats. This article delves deeper into the WannaCry phenomenon—its origins, the extent of its damage, and most importantly, actionable steps individuals and organizations can take to protect themselves from similar attacks in the future.

What was it? Causes of WannaCry’s diffusion

At the beginning of 2017, Malizia was still great when the hacker Shadow Brookers group sacked the NSA digital treasure chest and published exploit of the NSA team Equation Group. Among these there was also a gap in the versions of Windows File Smb, which Microsoft immediately resolved with MS17-010 after being known (KB 4013389). The tragedy begins already here, since Microsoft expired systems such as Windows XP or Windows Server 2003, although these systems are still in operation and used in the Public Administration.

The rest was therefore recycled only old Crypto-Trojan modules with adaptation to the new security hole and was made «WannaCry», which is also indicated as Wana Decrypt0r 2.0 and has been spread all over the world since 12 May 2017. The attacks are made in the classic way by e-mail, and the distribution is also available within the interested nets.

The encrypted rows of Trojan and take them hostile. The data should be released again with respect to the payment of $ 300 through payment methods such as Bitcon. WannaCry’s infection and way of working have documented seducurelist in a blog post.

Worldwide

The blackmairs are likely to be more than surprised by their own success. Systems, not only by private users, are interested in the world, with attention to Russia.

In Germany, he captured Deutsche Bahn as a prominent victim, whose exposure cards not only showed delays, but also the WannaCry unwilling umbrella.

The fact that the distribution – despite Microsoft’s patch – went around the world is so quickly related to two factors: on the one hand, the inattention of many administrators in the distribution of patch and on the other to leave the old systems still widespread such as Windows XP.

Back from Microsoft

While the Federal Criminal Police Office has already investigated the corresponding investigations in this country and the Federal Office for Information Technology (BSI) warns of Ransomware, a Twitter user was able to find an «emergency switch» in the Trojanecode and therefore stop further diffusion. He documented the exact discovery in a blog post.

For his part, Microsoft tries to limit the damage and is forced to take a step due to the global diffusion of the addition of a patch for systems already written such as Windows XP or Server 2003.

Guilt?

In the meantime, Microsoft has gone offensive and is mainly blamed for the United States government that the well -known security gaps are hidden and therefore stolen. Microsoft’s legal council even describes the scenario as if the American army had been stolen some of its «Tomahawk» marching planes.

An analysis can subsequently show which systems (operating systems) have been interested. The suspicion was born that the old XP systems are particularly affected. It is not just an ethical question that Microsoft can steal from the responsibility that the support for these systems has already been suspended in 2014.

At least Windows-10 users should be happy: the often criticized automatic update compulsion prevented worse on these systems and therefore plays the red Monds exactly with their arguments for the updates of the car in the cards.

Protection against equally stored attacks

The current Ransomware pandemic, which has encrypted its files such as documents, images or videos and can only release it again against the payment of a redemption. And good tips for the remedy when hit by yourself. Unless you have a real backup in hand.

In our article «Trojan protection strategies such as locy: The right backup!» Already in 2016 we have strategies for a real backup, but also traps of those who are updated again today.

(31 votes, media: 4.50 out of 5)

Loading …