Ransomware is the number one cybersecurity threat facing consumers and business worldwide. (Trustlook posted research last month on just how big of a problem for consumers ransomware is becoming.)
Today’s WannaCry outbreak is just more evidence of the severe threat posed by ransomware. Banks, telephone companies and hospitals have all been ensnared in the worldwide hack, with the malware locking down computers while demanding a hefty sum for freedom.
The attack has hit close to 100,000 computers across China, Russia, Spain, Italy and Vietnam, but the UK hospitals have attracted the most attention because real lives at risk while their devices are locked down.
The malware used in the attacks encrypts the files and also drops and executes a decryptor tool. The request for $600 in Bitcoin is displayed along with the wallet. It’s interesting that the initial request in this sample is for $600 USD, as the first five payments to that wallet is approximately $300 USD. It suggests that the group is increasing the ransom demands.
Trustlook has identified the following files used in the WannaCry ransomware attack. Analysis is ongoing, and we will update this blog with more information.