WannaCry, the massive ransomware attacks infected more than 250,000 systems around the world. The targeted organizations ran into major trouble as all of their important data was encrypted.
Microsoft released WannaCry patch for the Windows systems that are not getting mainstream support. If you are using Windows XP, Windows 8 or Windows Server 2003, you wouldn’t need to upgrade your system just to get rid of the threat of WannaCry.
How WannaCry Spreading Slows Down
While most of the IT people were busy accessing the damage of WannaCrypto Ransomware and patching their systems, there were other looking for its solutions. Researchers at Malware Tech labs while dissecting the malware code found a kill switch.
This kill switch was an unregistered domain name hardcoded into the malware code. As soon as the domain name (hxxp://ifferfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com) was registered by the researcher, malware stopped itself from spreading further.
Just after registration of the domain, he again runs the same sample in the virtual environment. The WannaCrypt encrypted all the files of the system and then started connecting to random IP addresses on the Port 445. Actually, it was not sure whether WannaCry was scanning SMB hosts or using NSA’s leaked exploit.
He admitted later that he was unaware of the fact that after registering the domain, WannaCry will slow down to spread. Though this was a tempory solution as hacker released an updated version of ransomware WannaCry 2.0. This version was released without and kill switch in place.
WannaCry 2.0 Ransomware New Variants
Although the registration of WannaCry kill switch domain prevents the ransomware from spreading like a worm, the threat is not eliminated. Hackers have released an updated version WannaCry 2.0 without a kill switch. Other variants of WannaCry Ransomware are also going to be a big threat. These ransomware variants incorporate SMB exploit due to which these are spreading worldwide at a fast pace.
At this time, there is no evidence about the working of these WannaCry variants. Eventually, the attackers will take an advantage of this campaign by spreading more threats.
No doubt this cyber attack campaign has shaken the entire security system. The security researchers of all over the world are working to find the facts of this ransomware.
Be Secure from WannaCry Ransomware Attacks
If you want to keep your organization systems free from the attacks of ransomware, you should apply latest security updates. Outdated systems are always vulnerable to the threats. Your little negligence can be an opportunity for the attackers.
Keeping a backup of your system data is a very good practice as the cyber threats are increasing dramatically. The important data can be infected by attackers, if you are not following security guidelines.