It is about Ransomware. You have probably heard of it. It is absolutely everywhere right now, and one of the biggest attacks was actually on a hospital system in the United Kingdom, where hundreds of computers were not only made basically useless, but more importantly, there were tons of documents on patients’ information, test results and they are all essentially lost.
This is not an isolated incident. It is happening worldwide, and not only is it affecting normal people’s computers, but it is also attacking things like banks and gas stations. Pretty much anything that it can get its hands on. But what is Ransomware?
This is not a new thing. Viruses, of course, ahve been around for pretty much as long as computers have been. But Ransomware is a slightly different take on it. Generally, malware is not this malicious.
So, sure, if you get a virus, you might have pop-ups, or your computer might be a part of a botnet, but what Ransomware does is it literally holds your files ransom until you pay, and even if you pay there is no guarantee that you will actually get any of your information back.
Generally speaking, as the name suggest Ransomware is virtual kidnapping or abducting of your data to obtain some extortion money. Although, they won’t take your data away from you, they will just encrypt your data, so that you won’t be able to access that data.
Well, before we move forward, lets just say that this is not the first time around that viruses like this are in market. Lets get into the history of it a little.
The first known malware extortion attack, the “AIDS Trojan” written by Joseph Popp in 1989, had a design failure so severe it was not necessary to pay the extortionist at all. Its payload hid the files on the hard drive and encrypted only their names, and displayed a message claiming that the user’s license to use a certain piece of software had expired.
The user was asked to pay $189 USD to “PC Cyborg Corporation” in order to obtain a repair tool. Even though the decryption key could be extracted from the code of the Trojan. The Trojan was also known as “PC Cyborg”. Popp was declared mentally unfit to stand trial for his actions, but he promised to donate the profits from the malware to fund AIDS research.
The idea of abusing anonymous cash systems to safely collect ransom from human kidnapping was introduced in 1992 by Sebastiaan von Solms and David naccache. This money collection method is a key feature of Ransomware. In the von Solms-Naccache scenario a newspaper publication was used (since bitcoin ledgers did not exist at the time the paper was written).
The notion of using public key cryptography for data kidnapping attacks was introduced in 1996 by Adam L. Yound and Moti Yung. Young and Yung critiqued the failed AIDS information Trojan that relied on Symmetric cryptography alone.
The fatal flaw being that the decryption key could be extracted from the Trojan, and implemented an experimental proof of concept cryptovirus on Macintosh SE/30, that used RSA and the Tiny Encryption Algorithm to hybrid encrypt the victim’s data.
Since public key crypto is used, the cryptovirus only contains the encryption key. The attackers keeps the corresponding private decryption key private. Young and Yung’s original experimental cryptovirus had the victim send the asymmetric ciphertext to the attacker who deciphers it and returns the symmetric decryption key it contains to the victim for a fee.
Long before electronic money existed Young and Yung proposed that electronic money could be extorted through encryption as well, stating that “the virus writer can effectively hold all of the money ransom until half of it is given to him. Even if the e-money was previously encrypted by the user, it is of no use to the user if it gets encrypted by a cryptovirus”.
They referred to these attacks as being “cryptoviral extortion”, an overt attack that is part of a larger class of attacks in a field called cryptovirology, which encompasses both overt and covert attacks.
So, as I mentioned above, the Ransomware is nothing but a cryptography combined with virus, which virus is known as Cryptovirus and the technique to create it is known as Cryptovirology.
Once your system is infected by Ransomware, it will start looking through all of your files, so it will find things like pictures, videos, musics, documents, pretty much anything it can get its hand on and start encrypting it.
Once these files are encrypted, and it doesn’t take long, they are basically totally useless to you unless you have the key, which they just so happen to have, and they will offer to unlock it for you for a “very Reasonable Fee.”
Generally speaking, once you have actually had your files encrypted, there is really nothing you can do about it. Ransomware like this has been around for a few years now, but what is different is that there is a new much more dangerous version of it around: WannaCry.
Originally, this was an exploit found by the NSA called Eternal Blue, where they presumably used it for super-secret spy stuff. However, one of their servers was actually leaked and lots of their tools were available publicly, including this one, where bad things started happening.
Eternal Blue is an exploit in Windows networking that is especially dangerous because you don’t need to be doing anything wrong to be affected.
So you take that and you combine it with Ransomware and you have a very dangerous combination. The good news is that Microsoft has already released a patch to deal with this exploit. But to show you how big of a deal this is, they even released an emergency patch for Windows XP, which came out in 2001.
If your computer is fully up-to-date, you are safe from WannaCry, but of course, there are lots, and lots, and lots of computers that are not fully up-to-date. Some countries have huge percentages of PCs, that are running pirated Windows that might not be getting updates.
There are plenty of companies that can’t just immediately update 300,000 PCs with a new patch, and of course, some people just don’t get around to updating their computer very often.
To check, what happens if you are infected, I have purposely put WannaCry on my computer. Now, the main thing I wanted to tell you is, first of all, can you do anything about it? Well, there is very easy answer to it, No. Nothing if your data is infected by it.
But also, there is one more thing about this, that is Process. So, I will tell you what the process is if you actually are infected. So, I had a few files on my computer, like Document files and images.
But keep in mind, WannaCry will go after pretty much anything that is on your PC. So, you can imaging, if this can hit your personal computer with all of your documents, it will pretty much attack whatever it can get its hands on.
So, what I actually done is triggering WannaCry manually. Generally, if this was you and you were infected in the wild, you wouldn’t really have to do anything. It would just show up on your computer, attack all your files, and you wouldn’t even know anything was going on in the background.
So, moving on my test results, (not of the test I given in my college).
As WannaCry start doing stuffs to your PC, It will be eating up your CPU, Not really like that, it will start consuming your CPU, will will lead your CPU Usage to be about 100%.
If you have your any folder opened in which it is going to strike, then you will be able to see your original files but also see the encrypted versions. So, if this happens to you, you would immediately turn your computer off.
It will be writing a ton of stuff to the disk afterwards, eating up a fair bit of CPU and of course your desktop will be just littered with all the crap at last. When WannaCry will be done with the stuffs, you will be seeing a wallpaper on your desktop looking something like the following.
So, you will be able to see those files that WannaCry encrypted, but when you will try to open up, that file will be with a extension like “.WinCry”, and when you try to open it up, all you will find is just complete garbage. So, in any file that is affected by WannaCry, you will find junk characters with changed extension.
Now, if you do follow their instruction, you will actually find software they are suggesting in their warning, and when you do open that decryptor software, they will just ask you to pay bitcoins worth something like $300-600 USD. Amount could be random. Which doesn’t matter.
Because, of course no one in the right mind will do that, especially, not someone like me, because all I have on my laptop is Anime series and TV series and other stuffs which are easily available on internet.
Thankfully, this version of WannaCry has mostly been taken care of at this point, but there is always going to be another big exploit that will come out of nowhere. So, please keep your computers up to date, keep you phones, tablets and computers or whatever the case is, keep it up to date.
Anyway, let me know that what do you guys think about this WannaCry version of Ransomware, just comment everything you want to know and you wanna share in the comments below.
Oppo has finally changed their smartphone look with the new arrival of Oppo F5. Oppo is widely known for their selfie-centric phones. They did not…..
Did you ever thought that what does the Pause/Break button do? Is it to use when you are stuck at work and waiting for a…..
Google recently announced their new Google Pixel Smartphones. With a more modern design, a larger screen, and battery and an exclusive paint job. What could…..
When you consider about turning something off, it is just as simple as pressing switch. You can just flick the switch, rotate the key for…..
For some people, Auto update in Windows OS is very annoying. Especially, when you got a limited data connection. So, you have to turn Auto update…..
Sometime, you require files larger than 2 MB to upload on your PHP websites, which it does not let you do by default. Showing it…..
Recently, number of cases of getting Credit card or bank account hacked has grown too much. So, probably this is a great time to talk…..
Kids from 2000s, you may not remember a time before a 120 GB hard drives were the bare minimum, but other of you from 90s…..
You probably know someone, who is always miss placing stuff, I do personally. Whether they can not find their keys in the morning, they leave…..
From the title of the blog, you will think that, what is new in that? But well, there are some features in this you will…..
Are you looking for new Status to put on your Social media account? Whether you are feeling sad or true love, you will get all…..
The Chinese smartphone manufacturer Vivo always try to give you good and better Camera. Which is boring in a way. You just don’t get any…..
If you have followed Apple at all, you have probably heard the old cliche that it does things better, instead of doing them first. Nowhere…..
When you finally decide to address a huge bottleneck in your computer by upgrading to an SSD for your Boot drive. But when you finally…..
Using the word Bacteria to refer to a single germ, which should be bacterium instead, mixing up Discrete and discreet and saying my Facebook got…..
Warning! Deleting this file can cause damage to Windows or another Program. Odds are pretty high that you have seen a message like that, if…..
Last year’s Galaxy Note 7 was perhaps “the most famous Samsung smartphone in history”, for all the wrong reasons. The company kicked off its recovery…..
2017 has been an incredibly exciting year, when it comes to smartphone launches. But that doesn’t mean, it will not get even better. So, Let’s…..
Most of us uses smartphone with 3G or 4G mobile networks, well mostly 4G after Jio Storm. But do you ever think what does it…..
Chinese Mobile manufacturer Lenovo made a great success with their Lenovo K series. Especially with Lenovo K3 Note, Lenovo K6 Power and Lenovo K6 Note……
Subscribe to our mailing list and get interesting stuff and updates to your email inbox.