Skip to main content
Black Listed News
Trending Articles:
Trending Articles:

An NSA-derived ransomware worm is shutting down computers worldwide

Published: May 13, 2017
Share | Print This


Source: Ars Technica

 

A highly virulent new strain of self-replicating ransomware is shutting down computers all over the world, in part by appropriating a National Security Agency exploit that was publicly released last month by the mysterious group calling itself Shadow Brokers.

As Ars reported earlier, the malware known as wanna, wannacry, or wcry, is causing disruptions at banks, hospitals, telecommunications services and other mission-critical organizations in multiple countries, including the UK, Spain, Russia, Germany, and Turkey. The UK government's National Health Service and Spanish telecom Telefonica have both been hit extremely hard. The Spanish CERT has called it a "massive ransomware attack" that is encrypting all the files of entire networks and spreading laterally through organizations.

Remember Code Red?

Another cause for concern: wcry copies a weapons-grade exploit codenamed Eternalblue that the NSA used for years to remotely commandeer computers running Microsoft Windows. Eternalblue, which works reliably against computers running Microsoft Windows XP through Windows Server 2012, was one of several potent exploits published in the most recent Shadow Brokers release in mid-April. The Wcry developers have combined the Eternalblue exploit with a self-replicating payload that allows the ransomware to spread virally from vulnerable machine to vulnerable machine, without requiring operators to open e-mails, click on links, or take any other sort of action.

So-called worms, which spread quickly amid a chain of attacks, are among the most virulent forms of malware. Researchers are still investigating how Wcry takes hold. The awesome power of worms came into sharp focus in 2001 when Code Red managed to infect more than 359,000 Windows computers around the world in 14 hours.

Read More...

Share This Article...


Emigrate While You Still Can! Learn more...




SIGN UP TO GET BLACKLISTED NEWS DELIVERED RIGHT TO YOUR INBOX

More Blacklisted News...

Blacklisted Radio
Blacklisted Nation
On Twitter
On Reddit
On Facebook
Blacklisted Radio:
Podcasts on Youtube
Podcasts on Demand
Podcasts on Spreaker
Podcasts on Stitcher
Podcasts on iTunes
Podcasts on Tunein

Our IP Address:
198.245.55.242

Sponsors:
good
longboard
brands


ONNIT Labs





BlackListed News 2006-2017