Ransomware: WannaCry

0

Hackers take full control of the system and encrypt all files

Ransomware is a type of cyber attack which involves the hackers taking full control of the victim’s computer system and blocking complete access to it unless and until a ransom is actually paid. The cyber criminals can only gain access of the victim’s system when malicious software is being downloaded by clicking and downloading a link by mistake.

Cyber criminals demand payment after locking the files

When the malicious software is downloaded on the affected system then the hackers actually launch an attack and it will be locking all the files with in the network. This attack takes place in a gradual manner where one file will be encrypted after the other. The cyber criminals after gaining full control of the system demand payment from the victim for unlocking the files.

WannaCry is a ransomware program that locks all kinds of data on the attacked system

WannaCry is also addressed as Wanna Decryptor and it is a kind of ransomware program which locks all kinds of data on the system. Then it will be leaving the affected system with only two files- one is the instructions on what all to be done next and another is the WannaCry software program itself. When the victim is going to open the software, it is going to communicate that all the files on his system has been encrypted and demand for certain payment .Failure to make the payment will result in the deletion of all the files .

Ransomware attacked around 300000 systems globally

The similar ransomware attack took place on 12th May that has already affected around 300000 systems worldwide .A message appeared on the victim’s system which communicated that his files had been encrypted and files would be unlocked only when victims will send around $ 300 to few of the bitcoin addresses. Failure to pay the mentioned amount within three days would double the payment and even after than if the payment is not made, all files from the system would be deleted. WannaCry also has the ability to spread itself across corporate networks even without any form of user’s interaction by exploiting the vulnerability with in the Microsoft windows.

Systems without latest security update are more vulnerable to ransomware attack

All those systems which do not have the latest security update are vulnerable to the ransomware attack. The hackers are requesting the ransome to be paid by using the bitcoins and WannaCry itself is generating unique bitcoin wallet address for each and every infected system. After that it is defaulting to the three bitcoin addresses for the payment process.

WannaCry attacks are linked o the Microsoft windows

Since attackers are not able to identify the victims who have made the payments, it is unlikely their files would be decrypted at all. The vulnerability of the attack is found to be linked to the Microsoft machines and they have been infecting Windows Vista, 7,8,10, XP and even found on the versions of Windows Server Software.

Comments are closed.