{"id":210656,"date":"2017-05-15T08:55:31","date_gmt":"2017-05-15T06:55:31","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=210656"},"modified":"2017-05-15T08:56:47","modified_gmt":"2017-05-15T06:56:47","slug":"wannacry-ransomware-without-kill-switch-discovered","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/210656-wannacry-ransomware-without-kill-switch-discovered.html","title":{"rendered":"WannaCry ransomware without kill switch discovered"},"content":{"rendered":"<p>A version of the WannaCry ransomware which does not have a &#8220;kill switch&#8221; has been found, <strong><a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/round-two-wannacry-ransomware-that-struck-the-globe-is-back\" target=\"_blank\" rel=\"noopener noreferrer\">Motherboard reported<\/a><\/strong>.<\/p>\n<p>The\u00a0<strong><a href=\"https:\/\/mybroadband.co.za\/news\/security\/210624-wannacry-ransomware-details.html\">WannaCry<\/a><\/strong>\u00a0ransomware had spread\u00a0around the globe, infecting Windows PCs\u00a0and locking out their users.<\/p>\n<p>WannaCry exploited a vulnerability in Windows revealed by the &#8220;Shadow Brokers&#8221;. This came after they claimed they\u00a0<strong><a href=\"https:\/\/mybroadband.co.za\/news\/security\/176001-hackers-say-they-are-selling-nsa-cyber-weapons.html\">hacked Equation Group<\/a><\/strong>,\u00a0a government hacking group believed to be in the NSA, and discovered the exploit.<\/p>\n<p>Microsoft patched the vulnerability (<strong><a href=\"https:\/\/technet.microsoft.com\/en-us\/library\/security\/ms17-010.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">MS17-010<\/a><\/strong>) which WannaCry exploits in March 2017, but many users did not update their systems.<\/p>\n<p>Machines infected included those at UK hospitals, prompting Microsoft to\u00a0<strong><a href=\"https:\/\/blogs.technet.microsoft.com\/msrc\/2017\/05\/12\/customer-guidance-for-wannacrypt-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">release a free patch for Windows XP<\/a><\/strong>\u00a0and versions of Windows in their end-of-life.<\/p>\n<h3 class=\"my-4\">WannaCry kill switch<\/h3>\n<p>A <a href=\"https:\/\/www.malwaretech.com\/2017\/05\/how-to-accidentally-stop-a-global-cyber-attacks.html\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>security researcher<\/strong><\/a>\u00a0announced on Friday they had inadvertently triggered a kill switch for the ransomware.<\/p>\n<p>WannaCry queries a domain (iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com, according to <strong><a href=\"http:\/\/blog.talosintelligence.com\/2017\/05\/wannacry.html\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco&#8217;s Talos Intelligence<\/a><\/strong>),\u00a0and when this domain is live the ransomware stops spreading.<\/p>\n<p>Costin Raiu, director of global research at Kaspersky Lab, told Motherboard that he has now seen samples of the ransomware without the kill switch.<\/p>\n<p>However, the new versions of WannaCry do not spread in the same way as the original version &#8211; meaning it does not pose the same threat.<\/p>\n<p><a  data-lightbox=\"post-image\" href=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2017\/05\/WannaCry.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-large wp-image-210666\" src=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2017\/05\/WannaCry-573x430.jpg\" alt=\"WannaCry\" width=\"573\" height=\"430\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2017\/05\/WannaCry-573x430.jpg 573w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2017\/05\/WannaCry-533x400.jpg 533w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2017\/05\/WannaCry-768x577.jpg 768w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2017\/05\/WannaCry-1200x901.jpg 1200w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2017\/05\/WannaCry.jpg 1300w\" sizes=\"(max-width: 573px) 100vw, 573px\" \/><\/a><\/p>\n<h3 class=\"my-4\">Now read:\u00a0<a href=\"http:\/\/mybroadband.co.za\/news\/security\/157889-this-is-what-happens-when-your-computer-gets-infected-with-ransomware.html\">This is what happens when your computer gets infected with ransomware<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>A version of the WannaCry ransomware which does not have a &#8220;kill switch&#8221; has been found.<\/p>\n","protected":false},"author":15,"featured_media":179832,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[30150,43154],"class_list":["post-210656","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-ransomware","tag-wannacry"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/210656"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=210656"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/210656\/revisions"}],"predecessor-version":[{"id":210706,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/210656\/revisions\/210706"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/179832"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=210656"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=210656"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=210656"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}