WannaCry : All You Need To Know About This Trendy Ransomware

From the Start of this year, the Ransomware attacks are taking place in different regions around the globe. One such big ransomware which simple peeps into your computer like a boss and asks you WannaCry?

Yes true it really does that, How it does? , what the damage caused by this ransomware? everything we are going to discuss in this article.

So far this Ransomware has its impact on 2,00,000+ computers of around 100+ countries.

Ransomware is a Malicious program (Virus) which is made in such a way that its main goal is to lock the files in the target system with a key. It is usually spread through spam emails or malicious download links.


How WannaCry Works?


credits: endgame


This Ransomware affects only Windows supported Systems. To explain it in a simplified manner, the WannaCry Ransomware first gets into your computer via spam email or a malicious download, and then it scans your computer for the vulnerability (CVE-2017-0148) also know as SMB Remote Code Execution Vulnerability, Then it exploits the vulnerability and locks all the files of the computer and Shows you a pop up message asking to pay Ransom to get the key for the locked files.


The Target either has to lose his files or has to pay the Ransom to get his files back.

Apart from this the WannaCry Ransomware or either way known as WannaCry Decryptor scans the local network for more unpatched windows hosts and attacks them too.

It also scans random hosts in WAN and attacks the unpatched computers.

On an average, the Ransom is from $300-$600 which are to be paid in the equivalence of bitcoins.

A Security Researcher has found the Killswitch for the WannaCry Ransomware but the very next day The hackers came up with WannaCry 2.0 which now doesn’t have any Kill Switch. Also, it is also spreading to Linux systems which are using WINE.

The Security Researchers Around the Globe are trying to Reverse engineer the Malware.


How Could you Be Safe?


1. Always Do Security Updates

Security Updates includes patches for the vulnerabilities and flaws in your system. Especially if you are using any lower outdated version of Windows.

2. Patch The SMB RCE Vulnerability

The Microsoft has already released a Patch (MS17-010) for the supported system in the month of March, so make sure that you have that patch installed.
Apart from the Supported systems, observing the severity of the issue Microsoft has also issued Patches for its Unsupported versions of Windows as well, you can download them here. Download and apply patches.
3. Disable SMB in Your System
Even if you have installed the patches, you are advised to disable (SMBv1) protocol.
Steps  to disable SMBv1:
  • Go to Windows’ Control Panel and open ‘Programs.’
  • Open ‘Features’ under Programs and click ‘Turn Windows Features on and off.’
  • Now, scroll down to find ‘SMB 1.0/CIFS File Sharing Support’ and uncheck it.
  • Then click OK, close the control Panel and restart the computer.

4. Regularly Doing Backup

Users are advised to keep regular offline backups of their files, in order to prevent Data Loss by such attacks.

5. Safe Online Activities

Be suspicious about the Downloads you do from any random sites, and avoid opening any email from an unknown.

Always scan the links for Malware by using any online virus scanning websites like virus total.

6. Use a Good Anti-Virus Program

Anti-Virus Programs are mostly useful and reliable in this kind of situations make sure you have one good and reputed anti-virus program installed in your system and don’t forget to keep it up to date.


Lastly Stay Updated with the Cyber Security News to be safe in the Virtual World.