WannaCry Ransomware Gets Upgraded and This Time There Is No Kill Switch

Zara Ali
NHS attack

The WannaCry virus has hit more than 150 countries and 200,000 computers, causing an impact on essential services like hospitals, universities, warehouses and banks. The virus was mutated for some time, but the hackers have since updated the ransomware, this time without a kill switch.

The virus has locked people and companies out of their computers, leaving payment of $300 ransom as the only option to get back the access. It spread evenly around the world until a cybersecurity researcher accidentally discovered a kill switch in the code to halt it. The researcher purchased an unregistered domain name for $10.69, which ultimately stopped the attack for some time.

Related StoryRafia Shaikh
Intelligence Coup of the Century: How CIA Secretly Sold Compromised Encryption Devices Through a Swiss Company to Over 120 Countries

According to the researchers at Heimdal Security, hackers have upgraded the ransomware, and it is now popping up without the Achilles heel - carrying the name Uiwix. It primarily targets Windows PCs by exploiting many vulnerabilities of the platform. On Sunday, Microsoft's legal officer blamed governments for accumulating software defects and not warning companies about them. He went on calling the WannaCry attack a "wakeup call".

The updated ransomware demands 0.11943 bitcoin (around $218) as the payment for unlocking one system. It uses the same tactics used in the WannaCry ransomware, which includes the EternalBlue vulnerability that was first found out by the NSA and later leaked by the hacker group Shadow Brokers in April, this year.

In a statement, Ryan Kalember, senior vice president of cybersecurity strategy at Proofpoint said, "these appear to be 'patched' versions of the original malware, rather than recompiled versions developed by the original authors." He says that the updated version of the ransomware along with the other variants would continue to haunt computers all over the world. He also asserts that in the last 14 months, new variants of ransomware have been surfacing every two to three days.

Microsoft patched the vulnerability in March, but the ransomware feeds on older versions of Windows, such as Windows XP that was running on most of the systems at the National Health Service hospitals in England. Organizations are being warned to upgrade to newer systems for safety.

How WannaCry virus spreads around the world:

On May 12, Friday: The first wave of WannaCry attack hit the Spanish mobile operator Telefónica along with other prominent organizations.

The virus kept getting bigger and spread to hospitals and clinics across the UK. The second hit was registered by the French car maker Renault, in Europe. In Germany, Deutsche Bahn faced the ransomware attack. In Russia, the mobile phone provider MegaFon, Sberbank, and Ministry of the Interior became the next victim. In the US, FedEx along with other companies felt the brunt of it.

Follow this link for live tracking of the malware attack.

Share this story