The “WannaCryptor” malware

29/05/2017

Since Friday May 12th of 2017, the latest ransomware attack infected tens of thousands of people around the world. ESET named this ransomware “WannaCryptor”. They also refer to it as “Wanna Cry” and “Wcrypt”, exploiting Microsoft Windows vulnerability on computers without patches.

Unlike most malicious encryption software, WannaCryptor has worm-like properties that allow it to self-propagate without any human interaction. Cyber Attacks on healthcare sectors in the UK first started appearing in Spain and there has been an outbreak of Zero-Day attacks. They are also happening frequently on corporate websites, schools and hospitals.

In the healthcare sector, victims face the encryption of their valuable data such as patient and doctor records. The attacker holds the only key required to unlock these files. At first glance, the ransom demanded of the user appears to be lower than other ransomware but the hidden cost is in all the time and effort you lose because of their obstruction.

ESET, a well-known antivirus and security software provider, detects ransomware like WannaCryptor as Win32/Filecoder. WannaCryptor. D and blocks it and its variants. Home & business users are advised to follow these simple steps to stay protected from this ransomeware or other malware:

Install an anti-malware solution and keep it up to date.
For ESET solution users, ensure that ESET Live Grid is enabled.
If you are using ES ES ES ESM, make sure your security software is up to date with the latest updates and your virus identification database is up to date
In order to stay safe, never open attachments or click links in emails received from unknown or even trusted senders. This is because you never know what might be attached and some links could lead to malware.
Corporate users should be especially careful where they work or collaborate with departments that receive external emails often. For example, one could work alongside the finance or HR departments.
Back up your data regularly to make sure you’re always safe in the event of a virus. Don’t leave external hard drives connected to your computer if they don’t need to be as this allows viruses easier access. Ensure that you create new backups after the deployment of the update.
Disable or restrict access to Remote Desktop Protocol (RDP).
Macros can sometimes run malicious code so before opening a Microsoft Office document, disable macros to make sure that doesn’t happen.
Windows XP has been out of support for a while, even though still in use. If you’re using SMBv1, one easy fix would be to simply disable it as soon as possible.