Over the past few days, many businesses have reported infections from the latest round of ransomware called WannaCrypt. This massive cyberattack is likely to have stemmed from stolen tools used by the National Security Agency (NSA). Due to the rate of infection, and the number of machines being infected by WannaCrypt, Microsoft has released an emergency patch for Windows XP and Windows 2003.
If you are running a Windows machine, please consider updating it, to patch the MS17-10 vulnerability. This particular vulnerability is how WannaCrypt is spreading. When the attacker sends a specially crafted message to a Microsoft Server Message Block 1.0 (SMBv1) server, the payload is launched. Additional security measures can be implemented by disabling the SMBv1 service, by following these directions.
While a special “kill switch” has been found, preventing the ransomware from causing any more damage, victims who have previously been infected prior, will be forced into paying at least $300 in Bitcoin currency. Reports have come in stating some companies, such as Telefonica, a Spanish telecom, was hit with this variant, and had to pay more than $550,000, to recover their files.
As the hackers may make modifications to the ransomware to evade detections, PC Pitstop will continue to monitor this threat, and others, to ensure PC Matic customers remain protected. Since PC Matic uses a whitelist, this variant and other malware will be blocked from causing damage to your computer.