|Posted by Conspiracy Cafe on May 14, 2017 at 2:45 PM|
The program basically locked users out of their own files and demanded a $300 ransom to get their files back. US experts warned against paying the ransom as there is no guarantee the hackers will release the data.
Technicians around the world are scrambling to apply computer patches and restore infected ones, amid fears that the ransomware worm that seized-up 200,000 computer systems in more than 150 countries, could wreak a new round of havoc Monday morning when businesses reopen and employees log on.
The spread of the virus dubbed WannaCry had slowed but cybersecurity experts warned that new versions of the worm are likely, even as the extent of the damage caused by Friday's attack remains unclear.
Meanwhile, a global manhunt is on for the perpetrators of the attack that is being described as the biggest-ever cyber ransom attack.
"The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits," according to a statement issued by Europol, Europe's police agency.
Europol said a special task force at its European Cybercrime Centre was "specially designed to assist in such investigations and will play an important role in supporting the investigation."
Payment via bitcoin
Victims of the attack received a message on their computer screens demanding $300 (275 euros) via the virtual currency, Bitcoin, saying: Ooops, your files have been encrypted!”
The perpetrators demand payment within three days or the price will double, and they threaten to delete the files altogether if payment is not received within seven days.
Follow MalwareHunterTeam @malwrhunterteam
There is a new version of WCry/WannaCry ransomware: "WanaCrypt0r 2.0".
4:24 AM - 12 May 2017
But experts and government officials alike warn against giving in to the hackers' demands.
"Paying the ransom does not guarantee the encrypted files will be released," the US Department of Homeland Security's computer emergency response team said. "It only guarantees that the malicious actors receive the victim's money, and in some cases, their banking information."
Security experts attributed the apparent success of the WannaCry virus to a "perfect storm" of conditions, including a well known and highly dangerous security hole in Microsoft Windows, users who didn’t apply a Microsoft patch, and malware designed to spread quickly once inside a network, be it a business, government or university.
Microsoft and the NSA
Microsoft said the situation was "painful" and that it was taking "all possible actions to protect our customers."
The Seattle-based tech giant issued guidance for people to protect their systems, while taking the highly unusual step of reissuing security patches first made available in March for Windows XP and other older versions of its operating system.
Follow Microsoft ✔@Microsoft
Microsoft releases #WannaCrypt protection for out-of-support products Windows XP, Windows 8, & Windows Server 2003:http://msft.social/VIIqP4
2:55 AM - 13 May 2017
Customer Guidance for WannaCrypt attacks
Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software....
In addition, the perpetrators were able to borrow a weaponized "exploit" that was apparently created by the US National Security Agency (NSA), to launch the attack.
British cybersecurity expert Graham Cluley doesn't want to blame the NSA for the attack.
"There are other criminals who've launched this attack, and they are ultimately responsible for this," he said. "But there's clearly some culpability on the part of the U.S. intelligence services. Because they could have done something ages ago to get this problem fixed, and they didn't do it."
bik/rc (Reuters, AP, AFP)