RansomeWare, WannaCry,
Newsletter Signup

WannaCry RansomeWare

Free Training

Enquire Now Take a Demo
   

Overview

 A major ransomware attack has affected many organizations across the world reportedly including Telefonica in Spain, the National Health Service in the UK, and FedEx in the US. The malware responsible for this attack is a ransomware variant known as 'WannaCry'.

The malware then has the capability to scan heavily over TCP port 445 (Server Message Block/SMB), spreading similar to a worm, compromising hosts, encrypting files stored on them then demanding a ransom payment in the form of Bitcoin. It is important to note that this is not a threat that simply scans internal ranges to identify where to spread, it is also capable of spreading based on vulnerabilities it finds in other externally facing hosts across the internet.

Additionally, Talos has observed WannaCry samples making use of DOUBLEPULSAR which is a persistent backdoor that is generally used to access and execute code on previously compromised systems. This allows for the installation and activation of additional software, such as malware. This backdoor is typically installed following successful exploitation of SMB vulnerabilities addressed as part of Microsoft Security Bulletin MS17-010. This backdoor is associated with an offensive exploitation framework that was released as part of the Shadow Brokers cache that was recently released to the public. Since its release it has been widely analyzed and studied by the security industry as well as on various underground hacking forums.

Free Downloads

Fields marked * are mandatory
File Name: Corporate Training
Full Name*:
Email:*
Phone:

Enquiry Fields marked * are mandatory

Full Name:*
Email:*
Address:
Land Phone:
Mobile Phone:*
Comments:
Type the characters you see in the picture below on the text box   
Verification Code Image refresh
    
 

Take a Demo Fields marked * are mandatory

Full Name:*
Email:*
Country:*  
Phone Number:
Comments:
Type the characters you see in the picture below on the text box   
Verification Code Image refresh
    
 

Trainer Bio