Wana Decrypt0r 2.0 Ransomware : The Top Security Support in Dubai
Overview We are aware of a widespread ransomware attack which is affecting several IT organizations in multiple countries. A new ransomware attack called Wanna (also known as WannaCry, WCry, WanaCrypt, WanaCrypt0r and Wana DeCrypt0r) is encrypting files and changing the extensions to: .wnry, .wcry, .wncry and .wncrypt. The malware then presents a window to the user with a ransom demand. The ransomware spreads rapidly, like a worm, by exploiting a Windows vulnerability in the Windows Server Message Block (SMB) service, which Windows computers use to share files and printers across local networks. Microsoft addressed the issue in its MS17-010 bulletin. Analysis seems to confirm that the attack was launched using suspected NSA code leaked by a group of hackers known as the Shadow Brokers. It uses a variant of the ShadowBrokers APT EternalBlue Exploit (CC-1353). It uses strong encryption on files such as documents, images, and videos. Sophos Customers using
Comments
Post a Comment