WannaCry Ransomware Virus has affected thousands of thousands of computers in over 150 countries. We have already covered the possible ways to prevent your computer from Wannacry Ransomware Virus – please do check out if haven’t.
Many of my viewers and friends are still unclear about the virus and have many doubts about it. Hence I made this frequently asked questions post to make everyone understand better what the Wannacry virus is, what it does and much more.
Frequently asked Questions about WannaCry:
What is WannaCry?
WannaCry is a Virus also known as WannaCrypt. It is one of the largest cyber attacks in the history. The virus enters the windows operating system and starts encrypting the files and demanding a ransomware to unlock the files. It is an ongoing cyber attack targeting the Microsoft Windows operating system.
EternalBlue, sometimes stylized as ETERNALBLUE, is an exploit generally believed to have been developed by the U.S. National Security Agency (NSA). It was leaked by the Shadow Brokers hacker group on 14 April 2017 and was used as part of the worldwide WannaCry ransomware attack on 12 May 2017.
How does Wannacry Work?
When executed, the malware first checks the “kill switch” domain name and then it starts encrypting your files. After encrypting the virus attempts to exploit the SMB [Server Message Block] vulnerability to spread out to random computers on the Internet and laterally to computers on the same network.
When it was released and started affecting?
The virus attack has been started on May 12th, 2017.
How to decrypt the files infected by Wannacry?
You can’t decrypt the file, the files will be encrypted and you will be shown an notice message with a Bitcoin address to pay $300 and more.
What’s the demand from the attackers?
The attackers demand a payment of around $300 in bitcoin within three days or $600 within seven days to decrypt the files or it may result in deleting the files.
Will the attackers decrypt the files, if we pay?
Not sure and no confirmed sources that the infected files are decrypted by the attackers once the amount is paid. Hence the major suggestion from the security companies is to not pay for it.
How many computers have affected?
Approximately more than 2.5 Lakh computers have been affected till now in over 150 countries.
What are the major companies got affected by this Virus?
Huge list of companies was affected, to name few major have
Telefonica – a major telecom network, National Health Service (NHS), FedEx, Deutsche Bahn, LATAM Airlines and more.
How is the Virus spreading?
The virus is spreading from various platforms like malicious emails, browsing phishing websites, downloading and installing unknown software, torrents, networks, etc.,
How To Prevent from WannaCry Ransomware Virus?
I have written a detailed post with all the possible ways to prevent computers from Wannacry Ransomware Virus. Do check out the same here.
Will the Virus affect Android, iOS, MacOS and Linux?
No. Wannacry is exclusive for Microsoft Windows and the other platform users have not to worry.
Does Microsoft release Patches for Wannacry?
Yes, Microsoft has released patches for Wannacry, hence please have your computer up-to-date with the Windows Update. Also, make sure your antivirus is up to date if you are using any.
Will Windows XP, Server 2003 get the patches for WannaCry?
Yes, even though Microsoft has discontinued their support for Windows XP, server 2003. They have mad a patch for these operating systems as many of the users around the globe were still using it.
Does the Virus is prevented?
Still, companies have been working had to recover the computers affected by Wannacry. Shortly after the attack began a web security researcher who blogs as “MalwareTech” inadvertently established an effective kill switch by registering a website mentioned in the code of the ransomware. This slowed the spread of infection, but new versions have now been detected that lack the kill switch.
If you have more questions, feel free to comment. Will try to answer as soon as possible.