What is a Ransomware?

It is explained very well in this video shared by ESET.


In less than 24 hours, the WannaCry ransomware borrowed from leaked NSA exploits to spread across at least 75,000 PCs. The National Health Services has been left puzzled after a ransomware cyber attack which led to patients being turned away and emergency services being re-routed. A statement from the NHS pointed to a particular virus called Wanna Decryptor. “The investigation is at an early stage but we believe the malware variant is Wanna Decryptor,” explained a spokesperson. “At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this.

Screenshot of an infected PC

How does Wanna Decryptor work?

The malware is delivered as a Trojan through a loaded hyperlink that can be accidentally opened by a victim through an email, advert on a webpage or a Dropbox link. Once it has been activated, the program spreads through the computer and locks all the files with the same encryption used for instant messages.Once the files have been encrypted it deletes the originals and delivers a ransom note in the form of a readme file. It also changes the victim’s wallpaper to a message demanding payment to return the files.

How can you remove it?

Obviously not by paying them. Scrubbing malware from systems is an arduous and lengthy task. The scale of infections in this case already suggests it may be an impossible one. Governments and law enforcement agencies will probably try to identify the “command and control” servers from which the malware is being run. If intelligence efforts can pinpoint those and seize control of them, then the encryption keys could be released to all infected networks.

An alternative may be that WannaCry’s operators turn over the keys themselves: the success of the ransomware has made them the top global target for the west’s cyber security community overnight. Even the most hardened criminal organisation is likely to worry about such prominence.

How to avoid

Do not click on unknown links in email. Use a good security solution in your PC. Do not use Keygens from torrent websites.

LEAVE A REPLY

Please enter your comment!
Please enter your name here