Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Alarm Grows Over Global Ransomware Attacks

Security experts expressed alarm Friday over a fast-moving wave of cyberattacks around the world that appeared to exploit a flaw exposed in documents leaked from the US National Security Agency.

The attacks came in the form of ransomware, a technique used by hackers that locks a user’s files unless they pay the attackers in bitcoin.

Security experts expressed alarm Friday over a fast-moving wave of cyberattacks around the world that appeared to exploit a flaw exposed in documents leaked from the US National Security Agency.

The attacks came in the form of ransomware, a technique used by hackers that locks a user’s files unless they pay the attackers in bitcoin.

The scope of the attacks was not immediately clear, amid varying estimates from security researchers. But the malware was linked to attacks on hospitals in Britain as well as the Spanish telecom giant Telefonica and was also spreading in other countries.

The malware’s name is WCry, but analysts were also using variants such as WannaCry, WanaCrypt0r, WannaCrypt, or Wana Decrypt0r.

Microsoft released a security patch earlier this year for the flaw, but many systems have yet to be updated, researchers said.

Researcher Costin Raiu of the Russian-based security firm Kaspersky said in a tweet, “So far, we have recorded more than 45,000 attacks of the #WannaCry ransomware in 74 countries around the world. Number still growing fast.”

Jakub Kroustek of Avast said on Twitter the security firm had detected “36,000 detections of #WannaCry (aka #WanaCypt0r aka #WCry) #ransomware so far. Russia, Ukraine, and Taiwan leading. This is huge.”

Kaspersky said the malware was released in April by a hacking group called Shadow Brokers which claimed to have discovered the flaw from the NSA.

In the United States the package delivery giant Fedex acknowledged it was hit by malware after one researcher cited the company as a target.

“Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware,” the company said in a statement.

“We are implementing remediation steps as quickly as possible.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.