The rise of ransomware has caused a havoc in e-world especially on Windows environment. You might be aware of the past and recent ransomware attacks by cyber criminals. These attacks are clearly targeting MNCs and high profile victims. In this brief article, we will try to explain these jargons in layman’s terms.
Malicious codes which encrypt user data and demands a ransom for decryption. In the recent times, we have encountered many like WannaCry, Petrwrap, and more. All these are taking advantage of an exploit named EternalBlue.
Back on March 14, 2017, Microsoft issued a security bulletin [MS17-010] and patches for a flaw in Microsoft Server Message Block 1.0 (SMBv1) server. It’s not a new thing to ignore a Microsoft update, and many missed this update back then. Two months later on May 12, 2017, WannaCry outbreak happened. Microsoft issued urgent updates on the next day itself.
A month before the WannaCry outbreak, on April 14th, 2017, hacker group Shadow Brokers leaked an exploit code named ETERNALBLUE. This exploit is believed to be developed by USA’s NSA. According to Microsoft, NSA is responsible for this attack, as they were “stockpiling vulnerabilities” and other hidden bugs for their sake. A month later, on June 27th 2017, the exploit was again used to carry out a NotPetya cyber attack on vulnerable machines.
These codes spread mostly as attachments via emails. Once a system is compromised, it will steal the admin privileges, execute tasks, and encrypt the system. If the compromised system is in a network, then the code will spread to other connected insecure devices. WannaCry, the first in this series had a killswitch, which halted the outbreak. However, the modified variant Petya doesn’t have a kill switch at the moment.
Till date, several organisations have been impacted with Petya malware. Did you, your friend or colleague got into trouble with these malwares, if yes let us know how you dealt with it. Hope this article helps you to be aware of such malwares in future. Peace!
This post was last modified on July 8, 2017 11:53 am