Where is the WannaCry ransomware worm right now? Scary stuff

Where is the WannaCry ransomware worm right now? Scary stuff

For the handful of people who haven’t heard: there has been a worldwide massive ransomware attack which is holding computer’s data hostage across the world.

No this is not a plot for a new cyber movie (yet) but is real.

A malware known as WannaCry, has infected vulnerable computers running the old Windows XP operating system where the software encrypts the computer’s data and then displays a message asking for around $300 worth in Bitcoin. If the ransom is paid, the data would be decrypted. If not, the computer’s data is essentially useless.

This vulnerability was first discovered by the NSA – yeah the National Security Agency – who sat on this information and didn’t disclose it. When NSA’s own hacking tools were leaked onto the dark web, they were used to create this worm which has been spreading from computer to computer, infecting each one with the ransomware. The number of businesses and organizations infected is reported to exceed 100 000 spread across 150 countries. And this number grows continuously.

For a brief moment, the worm slowed its infection when a security researcher discovered a “kill switch”. There was a part of the code that sends a request to a domain, however that domain was not “live” as it wasn’t actually registered. The researcher, registered the domain just to monitor the data that makes a connection to it. Little did he know, that the malware writer wrote this kind of logic into the code. IF the domain was ever live, THEN stop spreading.

Since discovering this kill switch, the malware writer simply mutated the worm without the kill switch and sent it into the wild again so it now continues to spread around the world.

If you want to see how quickly this is spreading and where it is right now, check out the Malwaretech.com which tracks these outbreaks.

What can you do about WannaCry?

  1. If you are running any Windows XP computers, unplug them from the internet ASAP. Shut them down NOW.
  2. Ensure you have the latest operating system updates on your computers.
  3. Ensure that all your software packages are up to date too.
  4. When was the last time you rebooted your laptop? Some critical update requires a reboot but we tend to forget or ignore the messages. Don’t. Reboot now.
  5. You have heard this before: Do not click on links in emails from people you don’t know. If anyone such as PayPal, Amazon, UPS, or your bank wants you to do anything (change your password, run a trace, verify etc.) go to the main website and do it there. Not from an email link.

Liron Segev - TheTechieGuy

Liron Segev is an award-winning tech blogger, YouTube strategist, and Podcaster. He helps brands tell their stories in an engaging way that non-techies can relate to. He also drinks way too much coffee! @Liron_Segev on Twitter