ransom ware worm
Hi all, Worth a read. Hope none of us have it. https://www.theregister.co.uk/2017/05/13/wannacrypt_ransomware_worm/
Forum Discussion
This ransomware attack encrypts all of your important files with a method with which only the hacker has the key. In order to get infected you have to click on an e-mail that was sent to you by a friend who has also been hacked. You pay $300 bitcoin and they let you decrypt your files. You don't pay and you've pretty much lost everything and need to reformat your drive.
Like I said before, the way the ransomware works is that it looks to a command & control host for further instructions. If it can't find the host then it locks the machine (encrypts all of the files). If it does find the host, the ransomware ends itself. The 22-year-old analyst found this out and bought the domain so that infected computers can connect to what the ransomware *thinks* is the command & control host, thus ending the hack. BUT, he warned that the malware is smart enough to re-manifest itself. It appears as if that's happening. I saw some news blurbs on it today but haven't had time to read them yet.
Like I said before, the way the ransomware works is that it looks to a command & control host for further instructions. If it can't find the host then it locks the machine (encrypts all of the files). If it does find the host, the ransomware ends itself. The 22-year-old analyst found this out and bought the domain so that infected computers can connect to what the ransomware *thinks* is the command & control host, thus ending the hack. BUT, he warned that the malware is smart enough to re-manifest itself. It appears as if that's happening. I saw some news blurbs on it today but haven't had time to read them yet.
