Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack.

Pieter Arntz, Malware Intelligence Researcher, Malwarebytes

May 13, 2017

1 Min Read
Image Source: Malwarebytes Labs

Reports of two massive, global ransomware attacks are dominating the news. As workers in Europe are heading home for the weekend, ransomware is shutting down their systems. Here’s what we know so far.

Big targets
National Health Service (NHS) England, and Telefonica, one of the largest telecom providers in the world, have each given out statements indicating that their systems have been brought to a grinding halt by a ransomware that Malwarebytes detects as Ransom.WanaCrypt0r. The ransomware has also been observed hitting companies in Spain, Russia, Ukraine, and Taiwan.

Method
The ransomware is spread using a known, and patched, vulnerability (MS17-010) that came from a leaked NSA set of exploits that we reported on our blog in April. Our research shows the encryption is done with RSA-2048 encryption. That means that decryption will be next to impossible, unless the coders have made a mistake that we haven’t found yet.

The demanded ransom of $300 and the potential risks to the public that come with the targets being big utility and healthcare companies seem to be in shrill contrast. We can only hope that the companies that were hit will be able to get their backups deployed quickly and can start the recovery from this cyberattack. 

Protection
Consumers and businesses alike should be sure their systems and software are updated with all current patches in order to stop the spread of infection. We’ll continue to update this post as news develops and provide additional technical analysis throughout the day. Visit Malwarebytes Labs to stay up to date on the latest news from our malware intelligence and research teams. 

About the Author(s)

Pieter Arntz

Malware Intelligence Researcher, Malwarebytes

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights