WannaCry is still attacking users from all around the world
We all have heard about the infamous ransomware named WannaCry which is one of the most dangerous cyber threats spreading throughout the web. However, after staying still for some time, the virus is still active. According to the latest reports, it attacked around 75,000 users during the third quarter of 2018 and made even more attempts than in Q3 2017.
WannaCry ransomware was launched in 2017. Since then, this hazardous computer virus has done a lot of damage by infecting numerous organizations and systems worldwide. As a result, hundreds of different businesses and companies lost valuable information due to the encrypted documents and even had to shut down their activity for some time.
Even though the Microsoft company had released an update which helps to resist the ExternalBlue exploit, which has been used to spread this threat, researches show that cyber crooks hiding behind WannaCry ransomware are still trying to hack other computers which do not have this update installed.
A closer look at WannaCry, the infamous ransomware virus
WannaCry is a dangerous cryptovirus which has the operating principle of ransomware. This threat appears on the system secretly and starts its activities right after hijacking the system. Once installed, the ransomware encrypts important documents on the infected computer by using a unique encryption algorithm called “RSA”. Locked files appear with the .wncry, .wncryt., or .wcry extensions.
Also, WannaCry virus displays a ransom message which can be named either @Please_Read_Me@.txt or Please Read Me!.txt. Cybercriminals use this note to announce the secret encryption process and urge the victim to pay a ransom in exchange for the decryption key. They have been asking for $300 as a ransom and also promising to double this fee after showing no response in three days. Nevertheless, WannaCry ransomware also acts as a worm because it starts looking for other vulnerable computer systems to infect once it is installed on a particular machine.
You can notice this ransomware virus from names as WannaCrypt0r, Wana Decrypt0r. Note that this virus attacks only those computers which are running Windows OS.
Avoid WannaCry and other ransomware viruses by following these tips
Cybersecurity experts recommend taking precautionary measures to avoid ransomware viruses as there is no way that they will stop their distribution. While they might not guarantee you 100% protection, you can decrease the risk of such a possibility. All you have to do is to gain a little bit knowledge about the ransomware distribution and its prevention tips.
- The main ransomware distribution technique is spam messages and infected attachments. The hazardous payload comes attached to the suspicious email which is launched once the user opens it. Be very careful with all the messages that you receive in the spam and even inbox sections. Make sure that they come from a recognizable sender and sometimes are even free of grammar mistakes. However, if you are not sure that the email message is safe, don't open it.
- Consider downloading and installing antimalware software. These computer tools will automatically protect your computer system from various threats and let you perform regular system scans. Don't forget to keep them up-to-date, just like you do with your operating system to prevent vulnerabilities.
- Always take care of extra copies of your important data. Fresh backups are the easiest way to recover encrypted files without having to even think about sending the ransom to hackers. You can save your files either in an external drive or some cloud service, or both.