New Variant Of “WannaCry” Virus Emerges Infecting 3,600 Computers Per Hour

New Variant Of “WannaCry” Virus Emerges Infecting 3,600 Computers Per Hour:

Update: according to the latest data from Check Point Software, cited by Reuters, a new variant of the WannaCry ransomware is now infecting on average 3,600 computers per hour.

* * *

Governments and companies around the world began to gain the upper hand against the first wave of the unrivaled global cyberattack this morning.

More than 200,000 computers in at least 150 countries have so far been infected, according to Europol, the European Union’s law enforcement agency. The U.K.’s National Cyber Security Centre said new cases of so-called ransomware are possible “at a significant scale.”

“For now, it does not look like the number of infected computers is increasing,” said a Europol spokesman. “We will get a decryption tool eventually, but for the moment, it’s still a live threat and we’re still in disaster recovery mode.”

The initial attack was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts warned the hackers were likely to mount a second attack because so many users of personal computers with Microsoft operating systems couldn’t or didn’t download a security patch released in March that Microsoft had labeled “critical.”

“I will confess that I was unaware registering the domain would stop the malware until after I registered it, so initially it was accidental,” wrote the researcher, who uses the Twitter name @MalwareTechBlog.

“So long as the domain isn’t revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again.”

But the world is still digging out…

Europol executive director Rob Wainwright told Britain’s ITV television on Sunday that the attack had been “unprecedented”. “We’ve never seen anything like this,” he said.

In China, “hundreds of thousands” of computers were affected, including petrol stations, cash machines and universities, according to Qihoo 360, one of China’s largest providers of antivirus software. The malware affected computers at “several” unspecified Chinese government departments, the country’s Cyberspace Administration said on its WeChat blog Monday. Since that initial attack, agencies and companies from the police to banks and communications firms have put preventive measures in place, while Qihoo 360 Technology Co., Tencent Holdings Ltd. and other cybersecurity firms have begun making protection tools available, the internet overseer said.

French carmaker Renault said its Douai plant, one of its biggest sites in France employing 5,500 people, would be shut on Monday as systems were upgraded.

At Germany’s national Deutsche Bahn railroad, workers were laboring under “high pressure” Monday to repair remaining glitches with train stations’ electronic departure boards, a spokesman said.

In Japan, Hitachi Ltd. said that some of its computers had been affected.

In South Korea, CJ CGV Co., the country’s largest cinema chain, said advertising servers and displays at film theaters were hit by ransomware. Movie servers weren’t affected and are running as normal, it said in a text message Monday.

Indonesia’s government reported two hospitals in Jakarta were affected.

About 97 percent of U.K. facilities and doctors disabled by the attack were back to normal operation, Home Secretary Amber Rudd said Saturday after a government meeting. At the height of the attack Friday and early Saturday, 48 organizations in the NHS were affected, and hospitals in London, North West England and Central England urged people with non-emergency conditions to stay away as technicians tried to stop the spread of the malicious software.

As Microsoft’s president and chief legal officer, Brad Smith, said in a blog post Sunday:

“An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen,” Smith wrote.

“The governments of the world should treat this attack as a wake up call.”

And waking up they seem to be…(as Axios notes)

President Trump’s homeland security adviser, Tom Bossert, said that Friday’s global cyberattack is something that “for right now, we’ve got under control” in the U.S., reports AP:

“Bossert tells ABC’s ‘Good Morning America’ that the malware is an “extremely serious threat” that could inspire copycat attacks. But Microsoft’s security patch released in March should protect U.S. networks for those who install it.”

“Micrsoft’s top lawyer has criticized U.S. intelligence for ‘stockpiling’ software code that can aid hackers. Cybersecurity experts say the unknown hackers behind the latest attacks used a vulnerability exposed in U.S. government documents leaked online.”

“Bossert said ‘criminals’ are responsible, not the U.S. government. Bossert says the U.S. hasn’t ruled out involvement by a foreign government, but that the recent ransom demands suggest a criminal network.”

However, new variants of the rapidly replicating malware were discovered Sunday. One did not include the so-called kill switch that allowed researchers to interrupt the malware’s spread Friday by diverting it to a dead end on the internet.

As Bloomberg reports that Matt Suiche, founder of United Arab Emirates-based cyber security firm Comae Technologies warns a new version of the ransomware may have also been spreading over the weekend.

About 50% of machines that would have spread the infection by the second variation of the malware have Russian I.P. addresses, according to Suiche.

Over 40,000 machines appear to have been infected by the second variation of the malware already.

Ryan Kalember, senior vice president at Proofpoint Inc., which helped stop its spread, said the version without a kill switch could spread. It was benign because it contained a flaw that prevented it from taking over computers and demanding ransom to unlock files but other more malicious ones will likely pop up.

“We haven’t fully dodged this bullet at all until we’re patched against the vulnerability itself,” Kalember said.

* * *

PayPal: Donate in USD
PayPal: Donate in EUR
PayPal: Donate in GBP

13 thoughts on “New Variant Of “WannaCry” Virus Emerges Infecting 3,600 Computers Per Hour”

  1. Giant ‘Lava Lamp’ Inside Earth May Cause Magnetic Poles to Flip
    http://www.livescience.com/59113-giant-lava-lamp-hidden-inside-earth.html?utm_source=notification
    If you could travel back in time 41,000 years to the last ice age, your compass would point south instead of north. That’s because for a period of a few hundred years, the Earth’s magnetic field was reversed. These reversals have happpened repeatedly over the planet’s history, sometimes lasting hundreds of thousands of years. We know this from the way it affects the formation of magnetic minerals, that we can now study on the Earth’s surface.

    Reply
  2. D-Day for George Pell: Police must decide whether to charge cardinal over historic child sex charges
    Victoria police handed advice over Cardinal George Pell abuse allegations
    Victoria Police confirmed that it had received advice from the DPP
    Must now be decided if Australia’s most senior Catholic official will be charged
    Alleged that Cardinal Pell sexually abused up to 10 boys between 1978 and 2001
    The 75-year-old has strenuously denied abuse allegations levelled against him
    http://www.dailymail.co.uk/news/article-4511272/Police-advised-Cardinal-George-Pell-abuse-allegations.html

    Reply
    • To squodgy,

      Hmmh.

      I’ve checked the search in 2 browsers and asked somebody on the other side of the planet to check it as well and it appears to work.

      Can you check the search with another browser? (not even sure if that will be helpful.)

      “The other side of the planet” recommended to make a test using the address bar:

      http://www.infiniteunknown.net/?s=vortex

      This is a search for “vortex”.

      Let’s see how this will work.

      Reply
  3. Venezuela’s Minister of Health Fired After Revealing 10,000+ Infant Deaths in 2016
    By 2017, over 13,000 Venezuelan doctors had abandoned the country, according to CNN, and Venezuelan pharmacies lacked access to 85 percent of the medications listed by the World Health Organization as necessary to maintain a functioning health care system.
    http://www.breitbart.com/national-security/2017/05/15/venezuelas-minister-of-health-fired-after-publishing-damning-infant-mortality-statistics/

    Reply

Leave a Reply to kevin a Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.