Skip to main content

Widespread Ransomware Infecting Thousands Linked to NSA Exploit

ransomware

According to many reports across the web, a string of ransomware attacks has infected thousands of businesses from 99 countries worldwide. Sources say over 75,000 users globally were affected because of leaked NSA exploit published by the hacker group the Shadow Brokers.

Also read: Why South Korean Bitcoin Adoption Could Outpace Most Other Countries This Year

Wana Ransomware Infects 75,000 Computers Worldwide

A massive epidemic has recently stricken in close to a hundred countries, with more than 75,000 detections of the ransomware called Wanacryptor 2.0 (Wana). According to the Avast security blog and Krebs on Security a significant portion of businesses targeted stemmed from Taiwan, the Ukraine, and Russia. Additionally, a string of hospitals from Europe was attacked, Chinese Universities, the UK’s National Health Service (NHS), and the Spanish telecommunications giant Telefonica.

The Wana software is a malicious protocol that encrypts an individual or company’s files and demands a ransom to unlock the content. Reports from the Financial Times and other news outlets say the tool is linked to the group the Shadow Brokers and the recently leaked NSA exploits. Krebs on Security also details the ransomware is spreading due to a backdoor in Windows software.

“There are indications the malware may be spreading to vulnerable systems through a security hole in Windows that was recently patched by Microsoft,” the security firm details.

Widespread Ransomware Infecting Thousands Linked to NSA Exploit

Windows Vulnerability  

Wana infects a computer using the extension WNCRY which is tethered to the encrypted files. Malware Hunter Team was the first to notice the Wana malware and told the public a few weeks ago. The attack not only encrypts files but also downloads the latest Tor client for ransomware communications. To unlock the computer’s files, some amount of bitcoin must be sent to an address provided by the software. According to CCN-CERT, the tool attacks a vector in the Windows Server Message Block protocol, which has enabled the ransomware to spread exponentially across 75,000+ operating systems globally.

Widespread Ransomware Infecting Thousands Linked to NSA Exploit

There are over 100 strains of ransomware, but this particular case is being called the worst malware epidemic yet. One that also involves a Windows exploit allegedly crafted by the U.S. National Security Agency. So far reports detail a few businesses around the world are refusing to pay the ransom and some security groups believe a remedy will be found soon.

However, the attackers have so far accumulated at least 6.46 BTC (US$ 10,000) between three addresses hard-coded into the software. Investigators say they find it odd the attackers chose to use the same bitcoin addresses.

What do you think about the ransomware epidemic? Let us know in the comments below.


Images via Shutterstock, and Bleeping Computer. 


At News.Bitcoin.com all comments containing links are automatically held up for moderation in the Disqus system. That means an editor has to take a look at the comment to approve it. This is due to the many, repetitive, spam and scam links people post under our articles. We do not censor any comment content based on politics or personal opinions. So, please be patient. Your comment will be published.  

The post Widespread Ransomware Infecting Thousands Linked to NSA Exploit appeared first on Bitcoin News.

Comments

Popular posts from this blog

Eight Reasons to Use Cryptocurrency Payments in 2019

This article on cryptocurrency payments was written by Thomas Highwater, who is an a vid fan of all things crypto-related. Mr. Highwater teaches high-school level robotics and programming. *** While there is a growing number of fiat based-payment processors with a variety of practical tools and methods of payment, adding cryptocurrency payments into the mix provides consumers and merchants with unparalleled benefits. Some of these benefits include simplicity, lower overall cost, security, privacy and a greater level of control over one’s funds.  Reasons to Use Crypto Next Year Also read:  Wendy McElroy: Avoiding Fraud by Going Crypto-Anarchist Cryptocurrencies are numerous and versatile and can be utilized as entirely private bank accounts and payment cards for almost any occasion. They offer a multitude of ways to earn a form of interest with little or no effort and help users protect sensitive data and holdings on the go 24/7. 1. Fees There was a time, not that long ...

Microsoft releases Indic Phonetic keyboards for 10 languages under Windows Insider Program

New Delhi, December 10, 2018: Continuing its endeavor to make technology accessible and productive for all, Microsoft India has announced the availability of new Phonetic keyboards in Indian languages to members of the Windows Insider Program. The new feature is available in 10 Indian languages including Hindi, Bangla, Tamil, Marathi, Punjabi, Gujarati, Odia, Telugu, Kannada and Malayalam. The new Indic Phonetic keyboards are in addition to the Indic Traditional INSCRIPT keyboards already available with Windows. The new keyboards have been added to Windows Insider Preview Build 18272. Users participating in the program can immediately start using them and share their feedback. The keyboards are expected to be added to Windows 10 later, subsequent to which Indian language users won’t need to download and install any external Input Method Editors (IMEs) to input Indic text in a phonetic style. As words are typed using the existing keyboard, Indic Phonetic keyboards transliterate them ...