A ransomware attack is quickly spreading across the globe rendering vital systems inaccessible.
Friday morning, the Twitter account MalwareHunterTeam reported ransomware known as WanaCrypt0r (a WannaCry variant) spreading at an alarming rate. “In less than 3 hours (even can say less than 2 hours if we count it from the explosion), they got victims already from 11 countries.”
Russia, Taiwan and Spain appear to be those initially hit the hardest, but a map of the infections generated by MalwareHunterTeam shows the ransomware spreading to all populated continents, and numerous reports from security researchers indicate that WanaCrypt0r has also found its way into the US.
Something like this is incredibly significant, we've not seen P2P spreading on PC via exploits at this scale in nearly a decade.
— MalwareTech (@MalwareTechBlog) May 12, 2017
An initial report from UK-based MalwareTech researcher indicate that the ransomware was spreading peer-to-peer and may have been weaponised using a leaked Microsoft exploit designed by U.S. National Security Agency known as EternalBlue.
Among those to first report infections publicly are 16 hospitals in England and Teleconica, a Spanish telecom. The infected systems rendered files encrypted and inaccessible and a warning flashed across the screens. “You only have 3 days to submit the payment. After that the price will be doubled,” it reads. “Also if you don’t pay in 7 days, you won’t be able to recover your files forever.”
— Jakub Kroustek (@JakubKroustek) May 12, 2017
Update 12/05/17 7.34pm: FedEx confirmed to the BBC that it is experiencing “interference” with some of Windows-based systems “caused by malware.” The company said it was “implementing remediation steps as quickly as possible.”
According to SwiftOnSecurity, after FedEx detected WannaCry infections at its UK offices, the company ordered its US partners to shut down all non-critical networked Windows-based systems.
Update 12/05/17 8.04pm: Click here for information about the Windows versions or editions affected and for details on how to patch (MS17-010) the EternalBlue exploit.
This article will continue to be updated as new information comes in.
More Hacking Posts:
Hospital computers across the country have been locked up by what looks like a piece of ransomware.
It cost the FBI roughly $900,000 (£696,002) to hack the locked iPhone.
How the French press will handle the campaign hacks following a mandated blackout on election reporting remains to be seen.
The leaked memos and emails appeared online just hours before a legally-required midnight media blackout on election coverage.