WannaCry Ransomware Update: Windows 7 Hit Hardest

More than a week after the massive WannaCry ransomware attack hobbled computer systems around the world, security experts continue to assess the damage and keep watch for new outbreaks.

As of Friday, the malware had infected more than 416,000 systems, according to the U.K.-based security researcher who helped put a stop to the initial attack. Meanwhile, organizations that included FedEx and Britain's National Health Service (NHS) continue to deal with fallout from the ransomware while researchers try to identify the attackers responsible.

Authorities have urged anyone affected by WannaCry not to pay the ransom, typically several hundred dollars in the digital currency Bitcoin, to regain access to files encrypted by the malware. Some victims, most of whom were running Windows 7 x64, according to research from Kaspersky Lab, could be helped by a partial decryption fix that's been shown to recover data.

Hundreds of Thousands of Victims

The WannaCry ransomware began spreading around May 12 and the U.K.'s NHS was one of the first high-profile victims to come under attack. That's when a young British security researcher who goes by the name MalwareTech noticed that the ransomware was querying an unregistered domain name, which he quickly registered. By doing that, he effectively set off a kill switch that put a stop to new attacks of the ransomware.

MalwareTech has since been identified by media outlets as Marcus Hutchins, 22. He noted in an update on his blog Friday that HTTP requests to the domain he registered showed some 416,989 systems had been hit by WannaCry as of that time.

Since the initial attack has come under control, Microsoft has been criticized for its role in the malware's propagation. The ransomware deploys a Windows exploit that had not been addressed and was used for surveillance by the National Security Agency (NSA). That...

Comments are closed.