Zarathustra[H]
Extremely [H]
- Joined
- Oct 29, 2000
- Messages
- 38,862
As we reported on yesterday, there was a little bit of a ransomware making its way around the world. It turns out, one of the reasons this outbreak was not as bad as it could have been was because of a lucky accident.
A security blogger who goes by the name of MalwareTech started digging into the WannaCry Ransomware while on vacation. He noticed that the ransomware was attempting to contact a specific address every time it infected a new computer. That address it was contacting, a long mess of numbers and letters, had apparently not been registered, so he paid $10.68 to register it. Turns out that the ransomware was programmed with a "kill-switch" stopping its spread if it got a response from that site, and as soon as the site responded, the ransomware stopped spreading.
While this particular strain of the ransomware has thus been stopped, this does not mean that future strains will have this same kill-switch. This discovery also does nothing for those who have already been impacted.
More detailed information can be found in MalwareTech's blog.
"The attention has been slightly overwhelming. The boss gave me another week off to make up for this train-wreck of a vacation."
For discussion regarding the original outbreak of the ransomware, please see this thread.
A security blogger who goes by the name of MalwareTech started digging into the WannaCry Ransomware while on vacation. He noticed that the ransomware was attempting to contact a specific address every time it infected a new computer. That address it was contacting, a long mess of numbers and letters, had apparently not been registered, so he paid $10.68 to register it. Turns out that the ransomware was programmed with a "kill-switch" stopping its spread if it got a response from that site, and as soon as the site responded, the ransomware stopped spreading.
While this particular strain of the ransomware has thus been stopped, this does not mean that future strains will have this same kill-switch. This discovery also does nothing for those who have already been impacted.
More detailed information can be found in MalwareTech's blog.
"The attention has been slightly overwhelming. The boss gave me another week off to make up for this train-wreck of a vacation."
For discussion regarding the original outbreak of the ransomware, please see this thread.
Last edited: