Information Technology News.


Hackers unleash one of the biggest ransomware attacks so far

Share on Twitter.

Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

May 15, 2017

A group of hackers have unleashed Friday a ransomware worm variant that abuses the same security vulnerability as the lethal 'WannaCript'?ransomware.

Danish company Heimdal Security warned yesterday that the new Uiwix malware strain doesn't include a kill-switch domain, like the one that proved instrumental in minimizing the harm caused by WannaCrypt Friday, although this is subject to some dispute.

"As far as I know, there's only been two variants (one this morning) and none without a kill switch," asserted security researcher Dave Kennedy.

Other researchers, including Kevin Beaumont, are also telling us they haven't yet seen a variant of WannaCrypt without a kill switch either.

What isn't in question is that follow-up attacks based on something similar to WannaCrypt are likely and that various systems therefore really need protecting.

Black hats might well create a worm that attacks the same Windows security vulnerability more stealthily to install a potential backdoor on the many vulnerable systems still out there, for example.

To be sure, the WannaCrypt ransomware spread rapidly to devastating effect Friday using worm like capabilities that relied on a recently patched security vulnerability in Microsoft's SMB file-sharing services (MS17-010) in March.

It's important to note that WannaCrypt used a 'stolen' EternalBlue exploit originally developed by the U.S. National Security Agency before it was leaked by the Shadow Brokers in April.

WannaCrypt's original victims included the National Health Service, Spain's Telefónica and numerous other organizations across the globe.

A technician at Telefónica confirmed that the initial infection vector was a phishing email. The scale of the attack prompted Microsoft to take the highly unusual step of releasing security patches for unsupported operating systems, including Windows XP and Windows Server 2003.

Source: Heimdal Internet Security LLC.


Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.