Jump to content

WannaCry: 386 Ransomware Samples Discovered


Recommended Posts



WannaCry - close to 400 samples found in the wild


WannaCry is one of the worst malware out there, mostly because it mixes a ransomware element with a worm component that helped it spread like wildfire. So far, close to 400 malware samples have been discovered in the wild. 


Security researchers from Trustlook have announced that, by their count, 386 WannaCry malware samples have been recorded to date.


Despite there being just a little over a week since WannaCry hit the news, infecting some 300,000 devices in 150 countries, hackers seem to have flexed their muscles quite a bit. As you know, WannaCry uses two NSA-hacking tools disclosed after hacker group Shadow Brokers dumped classified documents online. EternalBlue is a tool that takes advantage of a Windows vulnerability, while DoublePulsar helps it spread through networks.


The Windows vulnerability has since been patched and users are advised to update their systems if they haven't done so until now, as well as to install a security solution on their devices. It is believed that the original WannaCry infections didn't stem from someone carelessly falling for a phishing email scheme, but rather from the attackers scanning for open ports.


As mentioned above, Microsoft has released a patch and created one even for Windows XP, which had been discontinued and was no longer receiving security updates. It was believed that many of those infected were actually using XP, but later data shows that the truth was quite far from that and that most of the devices that fell prey to WannaCry were running Windows 7.


The long list of consequences

The NSA dump has quite a lot of consequences and they're only going to be more apparent. WannaCry was just the start, complete with its 386 samples. A new worm was discovered by researchers, called EternalRocks, which uses seven NSA hacking tools, compared to two used by WannaCry. Thus far, EternalRocks has not been weaponized with any type of malware, trojan and so on, but this can be done at any time.



Link to comment
Share on other sites

  • Views 518
  • Created
  • Last Reply


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...