Global Ransomware Attack Strikes 70K Systems (& Counting)

  /     /     /  
Publicated : 22/11/2024   Category : security


Global Ransomware Attack Strikes 70K Systems (& Counting)


A wave of ransomware attacks based on a Shadow Brokers vulnerability strikes Telefonica and organizations worldwide.



A massive global ransomware attack is underway and, according to researchers at
Kaspersky
, more than 45,000 systems worldwide have been hit with the malware. The malware, dubbed WannaCry, hits systems running Microsoft Windows on which a patch released on March 14, 2017 has not been applied.
The researchers note that, while immediately applying the March 14 patch release is considered critical, the ransomware itself doesnt depend on the vulnerability to work. Its the ransomware transmission and remote installation, rather, that appears to rest on the EternalBlue exploit patched by Microsoft.
According to the National Health Service, by mid-afternoon UK time,
16 NHS organizations had been hit with the attack
, in some cases requiring emergency patients to be directed to other hospitals after infected computers were shut down.
Spains
Telefonica was also hit
, with several sources indicating that the telecom firm had instructed employees facing a ransomware screen to simply shut down their computers and await further instructions.
An article on
Forbes.com
pointed out that the EternalBlue exploit was first described publicly in the
Shadow Brokers release of NSA hacking tools
. In general, the initial infection vector is a .ZIP attachment to a spam email, which, when opened, immediately infects the target computer. According to CN-CERT, the Spanish cyber emergency response team, vulnerable versions of Windows include:
Microsoft Windows Vista SP2
Windows Server 2008 SP2 y R2 SP1
Windows 7
Windows 8.1
Windows RT 8.1
Windows Server 2012 y R2
Windows 10
Windows Server 2016
Initial ransom demands were for US $300 in BitCoins, payable through a link on the announcement screen, though more recent infections seem to have increased the ransom demand to US $600 with the promise that the amount will continue to increase. Several security research teams report that they are working on decryption tools, but none are currently available.
As of this writing, most of the infected systems have been in Russia, with systems in Europe, Asia and Africa also infected. While North America is not free from infection, the numbers have so far been low. For all system administrators, its highly recommended that the advice of
Microsoft Security Bulletin MS17-010-Critical
be followed immediately.
For up-to-the minute information on systems that are infected and the response by researchers and government officials,
Twitters WannaCry Ransomware filter
feed is hard to beat.
— Curtis Franklin, Security Editor,
Light Reading
. Follow him on Twitter
@kg4gwa
.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Global Ransomware Attack Strikes 70K Systems (& Counting)