WannaCry: WannaCrypt Ransomware in Action

On Friday, 5th May 2017,  a variant of WannaCrypt Ransomware (WannaCry) started spreading across the globe. It targeted a vulnerability in the SMB protocol, and leveraged an exploit stolen from the NSA (ETERNALBLUE) to do so. Variants were observed over the weekend, but they were either using the same kill switch domain, or a different one that was easily identified and purchased so the malware wouldn’t spread.

The report of this ransomware attack spread over the weekend and took less time than expected to get fame all over the world. Many have tweeted and spread awareness about this newly spread ransomware.

One particular vulnerability in Windows, leaked by a shady crew called Shadow Brokers, was used by the WannaCry hackers to give their ransomware a worm feature, allowing it to spread between vulnerable PCs silently and at speed. That flaw was exploited by a tool called EternalBlue and was patched by Microsoft in mid-March, but those who didn’t apply the update were still open to attack, resulting in affecting 48 UK National Health Service trusts, FedEx, Telefonica, Renault and Nissan car manufacturing plants, U.S. universities, Russian governments and Chinese ATMs, amongst many other systems across 150 countries.

However, a UK security researcher known as “MalwareTech“, who helped to limit the ransomware attack, had predicted “another one coming… quite likely on Monday”.
MalwareTech, whose name was revealed in UK media to be 22-year-old Marcus Hutchins, was hailed as an “accidental hero” after registering a domain name to track the spread of the virus, which actually ended up halting it.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

OSINT WIFI Tutorial: Track People using WiFi via Wigle

Due to the drastic growth of internet access, Wi-fi networks have become progressively popular. Wi-fi technologies link to the network topologies allows users to...

Why Attack Surface Analysis is a Core of Cybersecurity?

The pandemic of COVID-19 has changed the world dramatically. Almost all everyday actions have gone online: people work from home, students attend lectures through...

The Attack Surface Mapping guide for Ethical Hackers

This article explains how to map the attack surface in a precise and realistic way. An attack surface aims to figure out which areas...

Addressing Myths About Online Casinos & Security

Many people carry a perception that online casinos inherently involve a security risk. The sense is that these sites can be somehow “sketchy” or...