Short Bytes: The hackers have used the leaked NSA tools to infect computers with WanaCrypt0r 2.0 ransomware. This malware exploits EternalBlue vulnerability and uses phishing emails to infect computers. Till now, Avast has recorded more than 75,000 infections in 99 countries. While WanaCrypt0r is most affecting Russian and European countries, the possibility of its arrival in the US can’t be denied.Earlier this year, hacking group Shadow Brokers claimed that it had stolen cyber weapons from the America’s NSA, which can be used to get unfettered access to the computers running Microsoft Windows and other operating systems. Now, the malicious software WanaCrypt0r 2.0 (aka WCry) is being used to carry out one of the biggest ransomware attacks of its kind.
Dozens of countries have been hit with this cyberextortion attack that locks up computers and holds user’s files for ransom. Multiple companies, government agencies, and hospitals have become a target of this attack. Security firm Avast has recorded more than 75,000 detections of WanaCrypt0r 2.0 in 99 countries.
As a result of the attack, sixteen National Health Service (NHS) organizations in the UK have been hit. Many of them have canceled patient appointments. Spanish telco Telefónica has also been hit.
More technical details can be found on Avast’s blog.
While the ransomware attack is mainly targeted to Russia, Taiwan, and Ukrain, the attack is showing its impact all around the world. Below is a map that shows the countries being targeted by WanaCrypt0r 2.0:
Today, WanaCrypt0r is available in 28 different languages, ranging from Bulgarian to Vietnamese. This malware is spreading by exploiting a vulnerability called EternalBlue.
This scam, most probably, has spread using a wave of phishing emails with malicious attachments that infect computers when users click on them. The official government advice is not to pay criminals behind such attacks.
Have something to add to this story on WanaCrypt0r ransomware? Don’t forget to share your views.