99 Countries Affected By Massive WanaCrypt0r Ransomware AttackThe hackers have used the leaked NSA tools to infect computers with WanaCrypt0r 2.0 ransomware. This malware exploits EternalBlue vulnerability and uses phishing emails to infect computers. Till now, Avast has recorded more than 75,000 infections in 99 countries. While WanaCrypt0r is most affecting Russian and European countries, the possibility of its arrival in the US can’t be denied. Earlier this year, hacking group Shadow Brokers claimed that it had stolen cyber weapons from the America’s NSA, which can be used to get unfettered access to the computers running Microsoft Windows and other operating systems. Now, the malicious software WanaCrypt0r 2.0 (aka WCry) is being used to carry out one of the biggest ransomware attacks of its kind.
As a result of the attack, sixteen National Health Service (NHS) organizations in the UK have been hit. Many of them have canceled patient appointments. Spanish telco Telefónica has also been hit.
After the attack, the ransom being demanded is $300 worth of bitcoins. The ransom message also has instructions on how to pay the ransom, explanation of the attack, and a timer:
More technical details can be found on Avast’s blog.
While the ransomware attack is mainly targeted to Russia, Taiwan, and Ukrain, the attack is showing its impact all around the world. Below is a map that shows the countries being targeted by WanaCrypt0r 2.0:
Today, WanaCrypt0r is available in 28 different languages, ranging from Bulgarian to Vietnamese. This malware is spreading by exploiting a vulnerability called EternalBlue.
This scam, most probably, has spread using a wave of phishing emails with malicious attachments that infect computers when users click on them. The official government advice is not to pay criminals behind such attacks.