the Ransomware WannaCrypt, also known as WannaCry or WanaCrypt0r, has infested more than 100.000 Windows PCs . The malicious software on a computer is active, looks for other PCs on the network and infects them. The cyber-attack a Windows vulnerability exploited SMB Protocol in the but Microsoft had closed mid-March.
probably it’s the affected systems mostly Windows XP machine, discontinued its support by Microsoft 2014 and which has been preserved typically no more security updates thus. World’s PCs with Windows XP but still on a market share of come seven percent . Meanwhile, Microsoft also for Windows XP, Windows Server 2003, and Windows 8 in order to reduce the spread of WannaCrypt has released a security update. The update called KB4012598 can be downloaded from the Microsoft Update Catalog . Microsoft in its security blog has released more information about the attack.
according to Microsoft involved in current Windows operating systems from the vulnerability. In addition, it recognizes the pest in Windows integrated virus protection solution Defender. WannaCrypt reached according to current findings not on a phishing attack on the computers of victims, but the the vulnerability CVE-2017-0144 . It was discovered by the U.S. secret service, National Security Agency (NSA) and concealed for years. Mid-April came numerous NSA brings into the hands of cyber criminals who offered them in the Darknet for sale.
according to the security company malwarebytes worm-like distribution has been stopped Meanwhile by WannaCrypt. An unregistered domain used by the malicious software was by a British security researcher, under the -handle @MalwareTechBlog is known, with the help of the Proofpoint employee adopted Darien Huss . The domain registration took place around 6: 00 a.m. California time, so that the infection in the United States was much lower than in Europe and Asia.
while infected in the UK especially calculator NHS of national health service (NHS) Deutsche Bahn of the attack is in this country apparently affected. On numerous information screens, a was to see image of the hacker software . The trains they but not disturbed. Is the Telecom Group Telefónica in Spain and in the USA the FedEx shipping service affected by the Ransomware attack.