Godlike Productions - Discussion Forum
Users Online Now: 2,677 (Who's On?)Visitors Today: 483,959
Pageviews Today: 1,410,945Threads Today: 911Posts Today: 14,346
06:23 PM

Back to Forum
Back to Forum
Back to Thread
Back to Thread
Message Subject Q just hit the panic switch. Qanon drop
Poster Handle Anonymous Coward
Post Content
Another major revelation came in in early 2017 when one bit of Internet-based criminal activity made headlines worldwide for reasons that took a while to emerge, both to the general public and Internet security professionals. The incident began with the activation of ransomware malware called WannaCry. What made WannaCry so dangerous was that it made use of several capabilities including a hidden (but findable) backdoor program that tried to spread WannaCry to Microsoft Windows computers that had a known vulnerability but were not updated to remove the vulnerability. This automatic spread of malware is called a worm and it depends on other computers being vulnerable to allowing malware to be automatically installed. With WannaCry local PC networks run by Microsoft server software were vulnerable if the latest patches were not installed.

What made this newsworthy was that the worm depended on information stolen from the NSA (American National Security Agency) and made public by Wikileaks earlier in 2017. The NSA tool was called EternalBlue and it used a ZDE (Zero Day Exploit) stockpiled by the NSA for possible Cyber War operations. This particular ZDE exploited a flaw in Windows network software allowing the EternalBlue program to quietly insert itself into other PCs on the same network as the PC infected (probably via a spearfishing attack) with WannaCry.

All this was news for several reasons. First, the attack could have been a lot more effective than it was except for a hidden flaw (a kill switch) that was soon discovered and activated because of the efforts of an international network of White Hat hackers. Then the incident became even more mysterious. While at least a quarter million PCs in 150 countries were infected with Wannacry and had their hard drive contents encrypted, only about one in a thousand of these PCs paid the $300 (in bitcoin) ransom. But those who paid the ransom did not receive the decryption information and the bitcoin payments (worth nearly $100,000) were sent to three bitcoin “wallets” that had apparently been abandoned.
Please verify you're human:

Reason for reporting: