SUMMARY
This is AI generated summarization, which may have errors. For context, always refer to the full article.
MANILA, Philippines – Security firm Sophos believes the infamous WannaCry malware remains rampant in the world today, having detected and stopped 4.3 million infection attempts around the world in August 2019 alone.
According to their recently published report, the Philippines accounted for 5.8% of the total, which is about 249,400 infection attempts.
The WannaCry malware first made headlines in May of 2017 when it infected hundreds of thousands of Windows computers in over 150 countries, encrypting files and blocking access until a ransom demand was paid.
Sophos said that the malware still exists 2 years after it first started spreading largely due to it having variants that can bypass the so-called “kill switch,” a specific URL that could stop the infection process.
The firm’s researchers have identified 12,480 variants of the original WannaCry code. They then inspected 2,700 samples, revealing that they had all evolved to bypass the “kill switch.”
However, some variants may also be invariably killing off other variants. When Sophos researchers analyzed a number of variant samples, they reportedly found that some variants’ ability to encrypt data was neutralized as a result of code corruption. That means new variants of the malware can also act as an accidental vaccine, which can provide vulnerable computers a sort of immunity from future attacks from the same malware.
Sophos clarifies though that this is not an ideal scenario because having the malware in one’s computer could also mean that the patches against the main exploits of WannaCry attacks have not been installed.
Aside from newer variants of the malware, another reason that WannaCry continues to exist is that devices aren’t being patched properly. “Our research highlights how many unpatched computers are still out there, and if you haven’t installed updates that were released more than two years ago, how many other patches have you missed?,” said Peter Mackenzie, security specialist at Sophos and lead author of the report.
“In this case, some victims have been lucky because variants of the malware immunized them against newer versions. But no organization should rely on this.”
The firm recommends installing the latest patches for all devices as soon as they are released. They also suggest backing-up important files and data on an offline storage device to avoid having to pay ransom to access them in case of a ransomware attack. – Rappler.com
Add a comment
How does this make you feel?
There are no comments yet. Add your comment to start the conversation.