WannaCry Ransomware still lurking around, India also affected

The WannaCry ransomware that created mayhem in 2017 has not died out and security software firm Sophos stopped a whopping 4.3 million infection attempts globally in August 2019, out of which 8.8 percent were located in India, the firm revealed. WannaCry Ransomware still lurking around, India also affected

WannaCry Ransomware still lurking around, India also affected
Wannacry ransomware

According to the British cybersecurity firm, the WannaCry threat continues to live owing to the ability of new variants to bypass the ‘kill switch.’

‘Kill switch’ is a specific URL that, if the malware connects automatically ends the infection process and all had a corrupted ransomware component and could not encrypt data. 

Sophos endpoints stopped the 4.3 million attack attempts, which is essentially an endpoint protection product that combines anti-malware, web and application control and device control. 

“The WannaCry outbreak of 2017 changed the threat landscape forever. Our research highlights how many unpatched computers are still out there, and if you haven’t installed updates that were released over two years ago — how many other patches have you missed?,” Peter Mackenzie, Security Specialist at Sophos, said in a statement. WannaCry Ransomware still lurking around, India also affected

State of Ransomware among SMB
State of Ransomware among SMB

Here, some victims have been lucky because variants of the malware immunised them against newer versions but no organization should rely on this. Instead, the standard practice should be a policy of installing patches whenever they are issued, and a robust security solution in place that covers all endpoints, networks, and systems,” Mackenzie added. 

However, that it could infect these computers in the first place suggests the patch against the main exploit used in the WannaCry attacks has not been installed — a patch that was released over two years ago.

Researchers at Sophos have also traced the first appearance of the most widespread corrupted variant back to just two days after the original attack which took place on May 14, 2017, when it was uploaded to “VirusTotal”, but had not yet been seen in the wild. 

The original WannaCry malware was detected 40 times, and since then, SophosLabs researchers have identified 12,480 variants of the original code. 

Leave a Reply