- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

Major Cyber Attack Kill Switch Found by Accident, But War Is Not Over

© Photo : PIxabayCyber crime
Cyber crime - Sputnik International
Subscribe
A security researcher has accidentally activated a "kill switch" to stop the spread of what the cyber community dubbed the largest global ransomware attack in history. But the threat is not yet eliminated.

FedEx Jet - Sputnik International
FedEx 'Experiencing Interference' With Some Windows-Based Systems Due to Malware
Cyber criminals on Friday used malicious software to exploit a flaw in Windows operating systems and infect hundreds of thousands of computers worldwide with a fast-spreading version of WannaCry ransomware.

The vicious cyberattack swept across the globe Saturday, hitting computers in nearly 100 countries, with Russia and the UK being among the most affected. It locked up critical systems of several high-profile organizations, such as Britain's National Health Service (NHS), Russian telecom company Megafon, Spain's largest telephone company, and international shipper FedEx, and attacked but was contained in other systems, among them the Russian Interior Ministry.

The number of new infections substantially dropped on Saturday after a security researcher, tweeting as @MalwareTechBlog, registered a domain name connected to the malware, thus discovering a secret "kill switch" that can prevent the malware from spreading.

​​"We are on a downward slope, the infections are extremely few, because the malware is not able to connect to the registered domain," said Vikram Thakur, principal research manager at Symantec, as cited by Deutsche Welle.

Unfortunately, the solution won't help fix systems already infected by the malware.

@MalwareTechBlog has also warned in a tweet that even though the breakthrough halted the unfolding epidemic, more attacks may soon follow. The researcher explained that the attackers may still rewrite the code and relaunch the cycle and urged everyone to promptly patch their systems.

The WannaCry's mechanism of operation is believed to have originally been exposed in the US National Security Agency (NSA) documents dumped in April by a hacking group calling itself Shadow Brokers.

Hacker - Sputnik International
Russian National Extradited to US for Allegedly Developing Malware Toolkit - DOJ
Ransomware operates like a digital blackmail scheme. It slips into a system and locks it up by encrypting files and data. Then a red screen pops up, saying, "Ooops, your files have been encrypted" and demanding that the user pays hundreds of dollars in the virtual currency Bitcoin or else the information will be deleted. The extortionists behind WannaCry have reportedly received about 100 payments from victims.

It is unclear from which country the ransomware attack was run and whether it was launched by a group of hackers or an individual.

Microsoft said it released Windows updates to defend against WannaCry in March, but many users and organizations hadn't updated their systems accordingly.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала