WannaCry ransomware used in widespread attacks all over the world


Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames.

Our analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This exploit (codenamed “EternalBlue”) has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14.

Unfortunately, it appears that many organizations have not yet installed the patch.

A few hours ago, Spain’s Computer Emergency Response Team CCN-CERT, posted an alert on their site about a massive ransomware attack affecting several Spanish organizations. The alert recommends the installation of updates in the Microsoft March 2017 Security Bulletin as a means of stopping the spread of the attack.

The National Health Service (NHS) in the U.K. also issued an alert and confirmed infections at 16 medical institutions. We have confirmed additional infections in several additional countries, including Russia, Ukraine, and India.

It’s important to understand that while unpatched Windows computers exposing their SMB services can be remotely attacked with the “EternalBlue” exploit and infected by the WannaCry ransomware, the lack of existence of this vulnerability doesn’t really prevent the ransomware component from working. Nevertheless, the presence of this vulnerability appears to be the most significant factor that caused the outbreak.

Currently, we have recorded more than 45,000 attacks of the WannaCry ransomware in 74 countries around the world, mostly in Russia. It’s important to note that our visibility may be limited and incomplete and the range of targets and victims is likely much, much higher.


there is something not quite right here..a massive attack globally and then some guy “fixes it” with a simple registration and its under control and this guy is called a hero..it dont add up..something else is at play here..or am i missing an important detail?


~ by seeker401 on May 15, 2017.

10 Responses to “WannaCry ransomware used in widespread attacks all over the world”

  1. You and 80% of others on this planet

  2. an avant step preparing us, to accept when it comes, not so far in the future ;), to be hacked – randomly, of course 😉 lol! not! – according to our activity & political views…;)

    they NEED to CONTROL the internet!!…it’s their one and only week point.

    through the Internet a conscious citizen gets informed over the real news, behind the fake one, and could take control over the hidden knowledge – like the real functions of the pyramids as energy machines, the real laws of physics (orgone/chi/subtle etc. energy) that could grant humanity freedom from the actual parasite elite.

    more “wanacry” ware to come, slaves!

  3. Is the hacking just a cover for whats coming ..

    I Never Knew How Screwed Up The Global Financial System Was Until I Started My Own Bank

    Every bank runs on something called “core banking software”, which is sort of a central financial database that keeps track of all accounts and transactions.
    Anytime you deposit or withdraw funds, the core banking software updates its records.
    And whenever you log in to your bank’s website to check your account balance, the server relies on the core banking software for that information.
    Core banking software is the most critical component of any bank’s technological infrastructure.
    Yet ironically, the software that many of the most established banks use was originally written in either Fortran or COBOL, both 60-year old programming languages that date back to the late 1950s.

    Back then banks were very early adopters of technology and jumped on the chance to automate their core functions.
    As technology improved, banks continually patched and updated their systems.
    But they eventually ran into limitations in terms of how much they could modernize the software.
    In the software industry, developers recognize this limitation.
    That’s why from time to time they stop supporting obsolete versions of their applications and reengineer new versions with the latest technology.
    But that didn’t happen across most of the banking sector. Instead, banks kept patching and upgrading outdated software.
    Simply put, the most important functions in the banking system are powered by decades-old technology.

    Perhaps nowhere is this more obvious than with domestic money transfers.
    Within the domestic US banking system, most banks rely on the ACH payment network to send and receive financial transactions.
    If your paycheck is direct deposited into your bank account, or mortgage payment automatically deducted, these typically use ACH.
    What’s completely bewildering is that ACH payments typically take 48 hours to clear.
    That’s completely insane given that any domestic bank transfer is simply an internal transfer from the sending bank’s account at the Federal Reserve to the receiving bank’s account at the Federal Reserve.
    It’s utterly astonishing that in 2017 such a simple transaction actually takes two days, as if they have to send a satchel full of cash cross-country via the Pony Express.
    But this is a reflection of the pitiful technology that underpins the banking system.
    It doesn’t get any better internationally either.

    If you’ve ever dealt with international financial transactions you may have heard of the SWIFT network.
    SWIFT is a worldwide banking network that links allows financial institutions to send and receive messages about wire transfers and payments.
    Anytime you send an international wire, it’s customary to enter the receiving bank’s “SWIFT code” as part of the wire details.
    SWIFT is absolutely critical to global banking and handles billions of transactions and messages each year.
    So you can imagine my surprise when I found out that SWIFT runs on Windows Vista an obsolete operating system that Microsoft no longer supports.
    When my bank received its SWIFT code, we were told that we had to have a computer running Vista in the office in order to connect to SWIFT.
    It was such an absurd exercise to find an obsolete computer running an obsolete operating system to connect to the supposedly most advanced and important international payment network in the world.
    Unsurprisingly, SWIFT has been hacked numerous times, both by the NSA as well as private hackers who have stolen a great deal of money from their victims.
    Last year a bunch of hackers famously penetrated the SWIFT network and stole over $100 million from the Bangladesh central bank.

    And that was nowhere near an isolated incident.
    This is the big hidden secret of banking: despite the shiny veneer of online banking, the institutions that literally control your money are run on outdated, inefficient, obsolete technology.


  4. Reblogged this on World Peace Forum.

  5. Cyber Attacks Are The Perfect Trigger For A Stock Market Crash

    I mention the incident with SWIFT because it brings up a potential danger that I don’t think many people have considered. First, let’s assume for a moment that groups like the “shadow brokers” actually exist and aren’t some kind of NSA created front. These groups are using the considerable weaknesses that corporations like Microsoft put in place for the NSA in order to reap profits through criminal enterprise or to commit terrorist acts. The NSA and its Silicon Valley partners literally created this monster; a monster which has the capacity to attack otherwise secure banking networks like SWIFT.
    This begs the question — how much of the global banking system and global stock exchanges are open to attack with these same NSA exploits. I would suggest that ALL of them are.


  6. Oh I am so afraid .Please regulate us central banksters.
    For who could be doing this hacking if not those that want an excuse to further regulate the internet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: