All the things you need to know about WannaCry | BrightTitan
bp-legacy,post-template-default,single,single-post,postid-10412,single-format-standard,eltd-core-1.1.1,flow-ver-1.3.7,,eltd-smooth-page-transitions,ajax,eltd-blog-installed,page-template-blog-standard,eltd-header-standard,eltd-fixed-on-scroll,eltd-default-mobile-header,eltd-sticky-up-mobile-header,eltd-dropdown-default,wpb-js-composer js-comp-ver-5.2.1,vc_responsive,no-js

All the things you need to know about WannaCry

Wannacry & MacBook Pro

All the things you need to know about WannaCry

Since the past weekend, the ransomware software called WannaCry has occupied the number one place on the agenda of the technology world. This unprecedented malicious software has been spreading all over the world since the past week. Security researchers said Friday that nearly 57,000 computers are affected by ransom software in more than 150 countries. It was fortunate to get in on the weekend, but it did not hinder the spread of ransom software. As of yesterday, more than 200 systems worldwide were affected by the malware.


WannaCry went on record as the most violent attack of 2017 until detection, and the solution to prevent the spread of this ransom software has not yet been found. In this file you will find out what WannaCry is, what improvements we have experienced, and what you can do to protect yourself.


What is WannaCry?


This malware is a scary kind of Trojan virus, called “ransom software”. As the name suggests, the virus takes control of the infected computer and the victim is being asked for a ransom so that the victim can access the files on the affected computer again.


What exactly it is doing?


Ransom software like WannaCry encrypts most or all of the files on one person’s computer. The software then comes with a ransom request to unlock the files. In the case of WannaCry, the software is asking the victim to pay amount of Bitcoin for the equivalent of 300 dollars. If you do not pay for seven days, WannaCry will delete the encrypted files and all the data will be lost.


According to Symantec, the types of files WannaCry targets and encrypts are as follows:


  • .123
  • .3dm
  • .3ds
  • .3g2
  • .3gp
  • .602
  • .7z
  • .ARC
  • .PAQ
  • .accdb
  • .aes
  • .ai
  • .asc
  • .asf
  • .asm
  • .asp
  • .avi
  • .backup
  • .bak
  • .bat
  • .bmp
  • .brd
  • .bz2
  • .cgm
  • .class
  • .cmd
  • .cpp
  • .crt
  • .cs
  • .csr
  • .csv
  • .db
  • .dbf
  • .dch
  • .der
  • .dif
  • .dip
  • .djvu
  • .doc
  • .docb
  • .docm
  • .docx
  • .dot
  • .dotm
  • .dotx
  • .dwg
  • .edb
  • .eml
  • .fla
  • .flv
  • .frm
  • .gif
  • .gpg
  • .gz
  • .hwp
  • .ibd
  • .iso
  • .jar
  • .java
  • .jpeg
  • .jpg
  • .js
  • .jsp
  • .key
  • .lay
  • .lay6
  • .ldf
  • .m3u
  • .m4u
  • .max
  • .mdb
  • .mdf
  • .mid
  • .mkv
  • .mml
  • .mov
  • .mp3
  • .mp4
  • .mpeg
  • .mpg
  • .msg
  • .myd
  • .myi
  • .nef
  • .odb
  • .odg
  • .odp
  • .ods
  • .odt
  • .onetoc2
  • .ost
  • .otg
  • .otp
  • .ots
  • .ott
  • .p12
  • .pas
  • .pdf
  • .pem
  • .pfx
  • .php
  • .pl
  • .png
  • .pot
  • .potm
  • .potx
  • .ppam
  • .pps
  • .ppsm
  • .ppsx
  • .ppt
  • .pptm
  • .pptx
  • .ps1
  • .psd
  • .pst
  • .rar
  • .raw
  • .rb
  • .rtf
  • .sch
  • .sh
  • .sldm
  • .sldx
  • .slk
  • .sln
  • .snt
  • .sql
  • .sqlite3
  • .sqlitedb
  • .stc
  • .std
  • .sti
  • .stw
  • .suo
  • .svg
  • .swf
  • .sxc
  • .sxd
  • .sxi
  • .sxm
  • .sxw
  • .tar
  • .tbk
  • .tgz
  • .tif
  • .tiff
  • .txt
  • .uop
  • .uot
  • .vb
  • .vbs
  • .vcd
  • .vdi
  • .vmdk
  • .vmx
  • .vob
  • .vsd
  • .vsdx
  • .wav
  • .wb2
  • .wk1
  • .wks
  • .wma
  • .wmv
  • .xlc
  • .xlm
  • .xls
  • .xlsb
  • .xlsm
  • .xlsx
  • .xlt
  • .xltm
  • .xltx
  • .xlw
  • .zip


How was the virus created?


There are different assertions about who is behind the WannaCry attack, but the source of the problem is the “EternalBlue” that the American National Security Agency has identified and secretly kept for future use in collecting information, which is being used by the open WannaCry Trojan horse. A pirate group called Shadow Brokers publicly disclosed the details of this defeat, so that this security dilemma came to light.


Is the danger over?


No, it’s not over yet. WannaCry was first discovered on Friday (May 12th), as it turns out that more than 57 countries have spread to more than 150 countries by the end of the day. Ransom software were mostly seen in European countries, and some big corporations and organizations, including banks, hospitals and government agencies, were out of business.


On Saturday, 22-year-old security researcher Marcus Hutchins unintentionally slowed the spread of the WannaCry virus. Hutchins wanted to track the spread of WannaCry by registering the domain name hidden in the virus code, which unintentionally slowed down the process. You can find details on the topic in Hutchins’ blog post. However, the spread of WannaCry did not stop, it just slowed down.


How to be protected from the ransom software?


Use whichever operating system you use, keep your system up-to-date, and install any available updates or security patches. Windows users using machines with Windows XP, Windows 8, or Windows Server 2003, especially, need to download this security update, which was released on Friday. In the meantime, although the system is not affected by the ransom software, it would be beneficial if you back up the files on your system to an external diskette or cloud server.


What should I do if my computer has the ransomware?


Unfortunately, WannaCry’s solution is not currently available. Antivirus companies and cyber security experts are looking for ways to break the passwords of files on infected computers. At the moment, however, no third party cracking solution is available. Hopefully, the affected users’ data is stored elsewhere as a backup because there is currently no other way to pay the fiduciary that is required to recover the files affected by WannaCry.

Jack Goodman

Founder & CEO of BrightTitan

No Comments

Leave a Reply