Scammers are quick to exploit WannaCry ransomware fears

The cyber attack launched on 12 May 2017[1] attracted a lot of media attention, and considering how successful the attack was, there is no doubt that it caused mass hysteria. There was a lot of misinformation in the news, and although real facts about the virus start to turn out, people that are not tech-savvy are in danger of being deceived by scammers who are trying to take advantage of the mass hysteria regarding WannaCry ransomware virus[2]. The truth is, computer users frequently know just a few facts about the virus, including its name, and the fact that it is dangerous. If you’re not someone who follows IT security news, that is entirely normal. However, we would like to discuss current tricks used by scammers and provide you with knowledge so that you wouldn’t get on scammers’ hook.

WannaCry-themed scams
First of all, we must warn computer users to beware of scams that try to trick people into installing useless or dangerous WannaCry-themed apps that are currently filling up Google Play store[3]. Despite the fact that the original ransomware targets outdated Windows operating systems and addresses SMB vulnerability[4], Android users seem to be interested in apps that claim to be able to protect smart devices from the infamous ransomware. Other part of the apps that appeared on the Google Play Store are meant to prank people, for example, by showing a bogus Wana Decrypt0r 2.0 ransom note on the screen while others promise to provide useful information about the ransomware. It is clear that all of these apps are meant to trick people into installing them, and then generate revenue by displaying ads (almost all of these applications are ad-supported). Finally, some scam applications claim to be powerful enough to protect Android devices from WannaCryptor attack. There is no logic in such statements since the virus targets computers running certain Windows OS only.

What is more, tech support scammers seek to take advantage of the mass hysteria, too[5]. It didn’t take long until they released dozens of knavish apps capable of taking control of victim’s web browsers to display fake warnings about viruses on user’s computer and encourage the victim call tech support numbers. One of the phishing domains associated with such scam is Do not fall for these scams and do not call tech support scammers because the messages they display via web browsers are auto-generated and have nothing to do with your computer system.

Finally, scammers and wannabe-cyber criminals rush to release copycat versions of the virus. Over the past week, dozens of fake WannaCry variants emerged, for instance, Wana Decrypt0r 3.0, Wana Decryptor 2.0, and many others. We must point out that the majority of fake ransomware versions are poorly programmed and cannot encrypt files on the system, so if you accidentally installed such virus on your computer, do not rush to pay the ransom. These viruses hardly can damage your computer because their developers tend to invest more time in creating a copy of WannaCry’s GUI instead of coding the encryption part.

About the author
Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions