Friday, May 12, 2017

Ransomware infections occurring around the globe


While reading up on some posts made about DEF CON, I saw this posted: "An NSA-derived ransomware worm is shutting down computers worldwide"...

After scrubbing for information and sources to see if this was legitimate, I was able to verify it.

Congrats to Ars Technica, who seem to have broken with the story first.

While ransomware is not new, why this made news is the fact that there are so many confirmed cases, and so fast.. 75,000 confirmed cases in a relatively short time...

In case you are new to the term, ransomware encrypts your images, music, movies, videos, basically everything on the computer, and then won't let you access them without paying a fee to the ransomer. The worst part is quite often even after you paid the ransomer, they still don't decrypt your files, meaning all of those files are now unusable forever.

Ransomware is so insidious it makes me pine for the simple dos viruses of the 80's and 90's... but I digress.

What makes this particular round of infections worse, is the fact that these ransomware infections seem to stem from old NSA tools known as Wcry (among other names).

Since this is such an evil menace to society, I wanted to share this as much as I could and get the word out quickly.

Here are my sources, ars technica and bbc: