WannaCry Ransomware

Here is everything you wanted to know about WannaCry ransomware…

What is WannaCry ransomware?

The WannaCry ransomware virus strain is an extremely nasty strain of malware that locks the access to one’s computer data and demands money to release it. After the computer is infected, the attackers demand a ransom to be paid in exchange for decrypting the infected files. At the present time, the WannaCry ransomware only infects and encrypts the computer data files on Microsoft Windows based computers.

Thus far, the WannaCry ransomware virus strain has infected over 230,000 computers in 150 countries and growing.

If your system does get infected by the WannaCry ransomware virus strain, a pop-up window will appear with instructions to pay a ransom amount of $300. This payment demand is in US dollars but must be paid via Bitcoin. The pop-up will also display two countdown clocks: one showing a three-day deadline before the ransom amount doubles to $600 and another countdown clock showing a deadline of when your computer will lose the ability to access and unlock the data forever.

For those unfamiliar with Bitcion, it’s a digital currency and is popular among cyber criminals because it is unregulated and almost impossible to trace.

Unlike many viruses, the WannaCry ransomware virus strain doesn’t spread through infected e-mails, infected links, clicking on an infected attachment and/or compromised websites. WannaCry ransomware deploys it self via a worm base virus, spreading itself through networks, networks such as Bell, Rogers or telecom companies. The WannaCry ransomware takes advantage of a breach or security hole in many of the Microsoft Windows operating system versions in the networks and automatically executes itself on the infected computer.

How to protect yourself against the WannaCry ransomware attacks?

To protect yourself against the WannaCry ransomware virus strain attacks for Microsoft Windows 7 and up, Microsoft should have already patched your system providing your system is set for automatic updates. If not, make sure to get the latest patches from Microsoft. Earlier Windows systems, such as XP, Vista, etc, can now be patched manually also. Click the following link to learn more https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07

This is just the beginning of major ransomware infections around the world. Ransomware virus strains have been around for a while now but never on this scale or magnitude. The developers WannaCry ransomware virus strain made numerous errors when they deployed the WannaCry ransomware. Apparently, the developers embedded a kill switch in the code of the WannaCry ransomware virus. By accident, a cyber-security researcher discovered a kill switch and activated it by reregistering a peculiar domain name, which in turn prevented the spread of the WannaCry ransomware Malware to additional computers. And for that reason and that reason only, the WannaCry ransomware only infected 230,000 computers in 150 countries. Can you imagine that…

Please note, even though the cyber-security researcher known only by his Twitter account, @malwaretechblog, and with the help of Darien Huss of Proofpoint, a security firm, found and inadvertently activated the kill switch in the malicious software, they are without doubt considered hero’s and rightfully so.

As I am completing this post, the developers of the WannaCry ransomware have released a new strain without the “kill switch.”

WannaCry 2.0 ransomware

They're Back...

What is WannaCry ransomware?

As I mentioned in my previous post, new versions of the WannaCry ransomware have been spotted around the world. Thus far, the WannaCry ransomware virus strain has infected over 230,000 computers in 150 countries and still growing. Some sources are indicating that number is greater and is more like 300,000 computers are infected.

Analysis and security experts say the WannaCry 2.0 verion is now the work of someone else. It's quite common, they indicate, for copycats to take advantage of a high profile and successful attacks. Also extremely alarming, Kaspersky Labs have seen WannaCry samples that don't have the a kill switch. This allows the malware to continue to spread unchallenged. It's believed the new strain of WannaCry 2.0 malware will infect at least another hundred thousand or more vulnerable systems over time.

WannaCry fix that may potentially decrypt infected systems.

Finally some good news. French researchers have created a software fix for the WannaCry ransomware called the Wanawiki utility. This utility may potentially unlock an infected system. For the Wanawiki utility to work, the system cannot be rebooted and the Wanawiki utility needs to be ran as soon as possible. If not, the prime numbers the WannaCry ransomware uses for encrypting data files may be overwritten over time. This Wanawiki utility fix has been proven to work on infected operating systems running Windows XP up to Windows 7. Click the following link to get a copy of the Wanawiki utility fix https://github.com/gentilkiwi/wanakiwi/releases

Remember, you don't want to be infected by this virus. The WannaCry ransomware virus strain is an extremely nasty strain of malware that locks the access to computer data and demands money to release it. At the present time, the WannaCry ransomware only infects and encrypts the computer data files on Microsoft Windows based computers. Therefore, Apply the Patches Microsoft has supplied for Windows XP up to Windows 10. Click the following link to learn more https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07

What does MR PC DOCTOR specialize in?

Microsoft Windows or MAC OSX Systems


Computer Repairs and IT Services

MR PC DOCTOR specializes in computer problem solving. Our Computer Repair Services include virus removal, hardware installation and computer upgrades, boot problems, email problems, Microsoft Windows OS problems & Apple - Mac OS problems. For more information on Computer Repair Services, please call (905) 841-0266 or use our contact page.

Virus, Trojan, Worm, Malware and Spyware Removal

MR PC DOCTOR also specializes in removing unwanted Viruses, Trojan Horses, Worms, Malware and Spyware. For more information on Viruses, Trojan Horses, Worms and Malware removal, please call (905) 841-0266 or use our contact page.

Data Recovery: Restoring Data and Peace of Mind

Data loss only needs to be temporary. At MR PC DOCTOR we prove it again and again to many business clients and personal computer owners. We've made possible what other companies say is impossible: recovering lost data from crashed hard drives and storage media. Even if your hard drive has been destroyed by the nastiest viruses there is a very good chance we can save your important data. If you have data problems call (905) 841-0266 or use our contact page.

Software Training

MR PC DOCTOR offers Software Training from the comfort of your home or office. Our Software Training is designed specifically around your needs. Whether you're looking for Software Training in Toronto or in BC, we can do it. Our one on one or online remote Software Training tutorials are the same as the Software Training courses available in a classroom setting, but to your specific needs. If you want to learn more about Software Training call (905) 841-0266 or use our contact page.