Wanna Cry is a crypto ransomware worm that targets Windows PCs. It's a type of malware that can spread across networks from PC to PC (thus the "worm" portion), and once on a computer, it can encrypt important files (the "crypto" part). The criminals then demand ransom payments in order to recover the files.
Like other types of crypto-ransomware, WannaCry takes your data hostage, promising to return it if you pay a ransom. WannaCry targets computers using Microsoft Windows as an operating system. It encrypts data and demands payment of a ransom in the cryptocurrency Bitcoin for its return.
The WannaCry attack infects computers and spreads amongst them without the need for user intervention or social engineering. It attacks any device that hasn't been patched against the EternalBlue vulnerability using the EternalBlue exploit.
To attack an infected machine, the WannaCry ransomware uses a dropper known as DoublePulsar, a malware program that extracts embedded application components. WannaCry tries to reach a URL that is hard-coded into the attack, and when it is accessed, it shuts down WannaCry, which has become known as its "death switch." WannaCry then goes through the device looking for essential files, which are usually Microsoft Office documents, MPEG Audio Layer 3 (MP3) files, or Matroska Multimedia Container (MKV) files. It encrypts the files, making them inaccessible to the outside world.
Contact Us
Phone: 09613338888
Email: [email protected]
Website: https://care247.tech
#cybersecurity #cybersecurityawareness #cybersecuritythreats #CyberSecurityAwarenessMonth #cybersecurityengineer
#malwareanalysis #vapt
