Home » Hacking » WannaCry Ransomware Hits 99 Countries; Russia, USA, England, Spain, Portugal etc

WannaCry Ransomware Hits 99 Countries; Russia, USA, England, Spain, Portugal etc

Last updated on May 16th, 2017 at 12:27 pm EST

WannaCry Ransomware has hit Spain, Italy, Portugal, Russia and Ukraine as well. Just a few minutes ago we reported that Britain’s NHS was under a cyber attack, well that was not it. It looks like that this might a worldwide cyber attack.

 

WannaCry Ransomware

 

The attack has been confirmed by Spain, with telecom major Telefonica being hit by the ransomware. Other Spanish firms such as Iberdrola and Gas Natural have taken preventive measures because in wake of the attacks. They have asked their employees to cut off access to the internet. “There has been an alert relating to a massive ransomware attack on various organisations, which is affecting their Windows systems,” Spain’s National Cryptology Centre said in a statement.

Also Read

Why WannaCry Ransomware is Spreading Like Wild Fire; How to Fix

WannaCry Ransomware Not Dead; Two More Variants Found

Why you shouldn’t pay for Wannacry Ransomware

WannaCry Ransomware Code Similar to Contopee, Are SWIFT Hackers/Lazarus Group to Blame?

TheShadowBrokers To Release More Zero Day Exploits; Take Dig at Microsoft & Google

A Picture of ransomware in Spanish

WannaCry Ransomware Spain

Pictures from a university in Italy.

Italy Ransomware Italy Ransomware

Other countries which have been reportedly hit by the ransomware attack include Italy, Portugal, Russia and Ukraine.

No word on whether all these attacks are related or not.

These attacks are spreading via a computer worm so they are definitely a planned attack.

Update

Add Vietnam, Kazakhstan and Taiwan to the list as well.

Update 2 

USA as well. Security experts link the attack to vulnerabilities released by “The Shadow Brokers”, who recently dumped hacking tools stolen from NSA.

Microsoft patched the vulnerability (also known as ETERNALBLUE or MS17-010) in March 2017, but a lot of systems have not installed the patch hence all the mayhem.

Update 3

We have map of affected countries courtesy MalwareHunterTeam.

Wannacry map

 

Update 4

Russian telecom giant Megfon and Russian Ministry are shutting down.

Update 5

Latest update from Avast

says that more than 57,000 75,000 infections have been detected word wide, and it’s spreading like wild fire.

 

Wallpapers of users have also been changed.

They also tell us how “Wana Decrypt0r 2.0” works:-

The ransomware changes the affected file extension names to “.WNCRY”, so an infected file will look something like: original_name_of_file.jpg.WNCRY, for example. The encrypted files are also marked by the “WANACRY!” string at the beginning of the file.

Update 6

FedEx is also affected. “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware, We are implementing remediation steps as quickly as possible.” it said in a statement.

Update 7

Kaspersky says 74 (99 as per Avast) countries are affected and fast spreading.

 

Update 8

WannaCry ransomware seen at Frankfurt railway ticket machine as well.

Frankfurt_Wanncry_ransomware

Update 9

Amounts received by hackers so far, as of 2105 EST.

Total Transactions: 35
Total BTC Received: 6.13054328BTC
Total Est. USD: $10133.72673640

Update 10

WannaCry Ransomware has been stopped after affecting 153,600 computers. For the nerds, below is the piece of code. The malware checked for a domain, if it existed it would shut down. That’s what was done, someone registered the domain.You can find details of how it was stopped here.

Microsoft also issued a patch for Windows XP and Windows 8. You can find it here.

WannaCry Fixed

 

Follow Us

Subscribe to Our Youtube Channel